Traffic shaping

Derrick freebsd at fbsdsolutions.com
Fri Jul 2 07:49:29 PDT 2004 

On Fri, 2004-07-02 at 07:35, Kevin A. Pieckiel wrote:
> I want to do traffic shaping with a FreeBSD firewall.  The firewall uses
> IPF on FBSD 5.2.1-p8, and the only shaper I see in the ports is trickle.
> This doesn't even integrate into the firewall, so it would be useless to
> me for shaping traffic from other hosts on the protected network.
> Besides, I can't allocate bandwidth the way I want to.
> 
> I basically want to be able to "guarantee" certain services a certain
> minimum level of bandwidth, but offering more if it is available.  For
> example, I want WWW traffic to have at LEAST 50% of outgoing bandwidth
> under heavy load (leaving 50% for all other services).  But I also want
> to "guarantee" that interactive sessions (ssh) have 10% of the bandwidth.
> (I'm just making these numbers up for this example.)  That way, if I
> crank up, say, NNTP services on a client and start sucking large files
> from USENET, or if I start FTPing ISO images for the next FBSD release,
> I could still surf the web and ssh to my favorite offsite computers
> without much delay in response.  Yet if I'm otherwise idle while NNTPing
> or FTPing, I can use the full bandwidth of my connection for the file
> transfers.
> 
> I started looing at ALTQ, but wasn't sure how well it worked with FBSD.
> I'm not even sure if it can offer the kind of QoS shaping I want; I was
> more interested in if it even worked with FBSD.
> 
> Are there any recommendations out there?  Does anyone here have any
> experience with a FBSD QoS traffic shaper?

ALTQ would probably work, but most recommendations around here would be
for DUMMYNET.  You will need to recompile your kernel if the option
isn't there already.

With DUMMYNET, you can specify traffic through certain ports or certain
ips get X bandwidth, or you can have it intelligently divide bandwidth
in that if no one else is using their allotment, you can "borrow"
their.  I don't have the full details on how to set it up as I have
fully jumped off that bridge yet, but I am sure someone else on this
list could give more detail answers to a finer grained question.

More information about the freebsd-questions mailing list