bandwidth limiting per ip with PF and ALTQ

[Volker]

On 12/23/-58 20:59, Andrei Manescu wrote:
> Hello
> 
> 
> Has anyone any idea on how to limit upload traffic per incoming connection or per IP address (host) for a web or ftp server, or from any specific port on the server using PF and ALTQ ??
> 
> I want that any web client for my server to be able to download from me (via http) with maximum xxx kbps and, if available, to borrow bandwidth.
> 
> I want to avoid situations in which 2 or 3 clients download something from the server and all the other clients browse the web pages very hard.
> 
> Or is it better to use apache mod_cband ??
> 
> Thank you in advance.
> 
> I wish you a very nice day.
> Andrei.
> 

Andrei,

there's no way to tell another client something like "hey, you're
talking too fast to me, please slow down a bit". You can control
bandwidth for packets leaving your host but not arriving (just to
avoid the term upstream as it depends from the point of view what
upstream traffic really is).

If your host is serving content to clients, you should be able to
serve all clients in a reasonable fair way by using queuing. But you
can't do that per client or per connection. For a http server (or mail
or whatever public service) queuing is one of the very first things to
setup when going into production as you probably don't want all http
clients eat up all your bandwidth and the machine will be unable to
serve anything else.

You need to create one queue (for example) for your http server and
assign all traffic to your http server into that queue. Having a queue
with a guaranteed bandwidth for every connection (client) would
require the creation of "dynamic queues" on the fly. I'm not aware of
such possibility.

HTH

Volker