Ingress traffic shaping

shoks lowbotskie at gmail.com
Fri May 21 02:46:02 UTC 2010


On Thu, May 20, 2010 at 4:18 PM, Spenst, Aleksej
<Aleksej.Spenst at harman.com>wrote:

> Hi All,
>
> If I understand it correctly, ingress traffic shaping is not possible with
> pf/altq.
> Are there any tricks to do it?
>
> Not really tricky, a diligent read of the PF and ALTQ doc should help you
figure out the right configs. Would you mind posting your PF configs, the
one without the loopback redirection?

>
> I suppose that if incoming traffic is sent out by the router further to the
> LAN, the incoming traffic can be considered as outcoming traffic and
> therefore can be easily shaped.
>
> ---- incoming traffic ---> <ext_if> ROUTER <int_if with altq> ---- shaped
> outcoming traffic ---->
>
> So, in this case one can say that ingress traffic can be shaped. In this
> manner it should be possible to limit TCP download traffic.
>
>
> What if traffic is not forwarded further?
>
> ---- incoming traffic ---> <ext_if> END HOST
>
> Is it possible to do anything to slow down for example TCP download
> traffic? Drop incoming packets? Drop or slow down outgoing ACKs?
> I've tried to put outgoing ACKs in the queue with the lowest priority, but
> that doesn't help when there is no much other outbound traffic.
>
> I also was trying to figure out whether it is possible to forward the
> incoming traffic to the loopback interface and then back to ext_if, so that
> incoming traffic can be considered as outcoming at the loopback interface.
>
> ---- incoming traffic ---> <ext_if> ----> <lo0> ---- shaped outcoming
> traffic ----><back to ext_if>
>
> but I couldn't configure pf.conf such that this would be possible... Is
> this theoretically possible?
>
>
> Thanks a lot for any tips!
>
> Aleksej.
>
>
>
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>


More information about the freebsd-pf mailing list