shaping

Tyrone at telecity.se Tyrone at telecity.se
Mon Oct 24 13:45:21 PDT 2005 

Hi,
I'm having trouble shaping not sure if my commands are correct want to run it here just in case I'm missing something:
I have a freebsd 5.4-Release router with two network cards one connected to my upstream provider and one connected to my vLAN enabled switch, traffic between my vLANS and the internet are up and running without any problems.
I need to shape traffic for each vLAN connecting to the internet.I will NOT be firewalling at all, just shaping the vLANS at this stage nothing more.
Here is what I have configured:
 
#traffic pipes setup
ipfw pipe 1 config bw 2mbit/s
ipfw pipe 2 config bw 10mbit/s 
ipfw pipe 3 config bw 20mbit/s
 
#limit incoming/outgoing traffic
ipfw add 100 pipe 1 ip from any to any in recv vlan0
ipfw add 100 pipe 1 ip from any to any out xmit vlan0
ipfw add 200 pipe 2 ip from any to any in recv vlan1
ipfw add 200 pipe 2 ip from any to any out xmit vlan1
ipfw add 300 pipe 3 ip from any to any in recv vlan2
ipfw add 300 pipe 3 ip from any to any out xmit vlan2
 
#My kernel configuration
options         IPFIREWALL           
options         IPFIREWALL_VERBOSE   
options         IPFIREWALL_FORWARD  
options         IPFIREWALL_VERBOSE_LIMIT=100    
options         IPFIREWALL_DEFAULT_TO_ACCEPT  
options         IPV6FIREWALL       
options         IPV6FIREWALL_VERBOSE
options         IPV6FIREWALL_VERBOSE_LIMIT=100
options         IPV6FIREWALL_DEFAULT_TO_ACCEPT
options         IPDIVERT                #divert sockets
options         DUMMYNET
options         BRIDGE
 
Regards
Tyrone

DISCLAIMER
This e-mail is intended only for the use of the addressees named above
and may be confidential. If you are not an addressee you must not use
any information contained in nor copy it nor inform any person other
than TeleCity or the addressees of its existence or contents. If you
have received this e-mail in error, please contact the TeleCity IT
department on +44 (0) 161 232 3220 or by email at
techsupport at telecity.com. Internet communications cannot be guaranteed
100% secure, you should therefore take this potential lack of security
into consideration when emailing us as we do not accept legal
responsibility for the security of the contents of this or other 
emails. Whilst TeleCity take measures to prevent any virus
contamination of our computer systems, recipients of emails should
always ensure that they take their own precautions to avoid virus
contamination.

More information about the freebsd-ipfw mailing list