PF + ALTQ - Bandwidth per customer

Andrei Kolu antik at
Tue Dec 2 01:12:33 PST 2008

Peter Jeremy wrote:
> On 2008-Dec-01 17:08:40 -0600, "Sam Fourman Jr." <sfourman at> wrote:
>> So I would like to hear some ideas on how we could use FreeBSD or any other BSD
>> to limit bandwidth per customer( say one customer (with root access)
>> per server )
> That description sounds like it simplifies to "limit bandwidth based on
> IP address" - which is fairly trivial for ipfw+dummynet or pf+altq.
ipfw+dummynet is really ugly traffic "shaper" (let's face it there is no 
shaping going on), because instead of limiting bandwidth it will drop 
packets to simulate bad connection. I hear many years about "trivial" 
configuration per user bandwidth limit with pf+altq but never saw ANY 
code... You can't set bandwidth limit with PF like 3Mbit per 100 clients 
if your lan card is 100Mbit. This is just lame- in reality clients never 
use all bandwidth and never all clients are connected all the time. Even 
Linux ipfilter does it for years with insane cryptic commandline but it 
just works.

> ipfw+dummynet can also filter on uid/gid but I believe there are some
> race conditions in that code

More information about the freebsd-isp mailing list