Using PF + ALTQ in FreeBSD 6.2
cmarlatt at rxsec.com
Mon Aug 13 14:05:28 UTC 2007
Dian Candra wrote:
> Yes, it's work with Dummynet well, cause I'm using dummynet for some
> years. The problem is, with dummynet I could not do "borrow" bandwidth
> from the parent.
> So, I should move to ALTQ+PF, but unfortunately I'm facing a problem
> with it.
> Please give me some comment, If I use ALTQ+PF in my router, it's really
> could not limit incoming and outgoing traffic from/to my client ?
> Does no one have a bettter experience ?
I haven't had time to test this idea yet, maybe someone else can shed
some light on this, but seeing as ALTQ can only queue outbound traffic,
have you thought about queuing on both your external and internal
interfaces? Simply changing perspective of the rules?
This is dependent upon pf/ALTQ actually taking two "altq" statements in
the pf.conf which I'm not certain it can do. It doesn't complain about
the syntax but like I said before, I haven't tested this yet.
You could also try to use a combination of pf and ipfw. I used such an
implementation when I needed to do per ip bw limits and needed more
queues than ALTQ would support. ipfw's "mask src-ip" and "mask dst-ip"
work nicely for this.
Best of luck in finding a functional solution.
More information about the freebsd-pf