Dummynet combined upload en download bandwidth limit per client
John Nielsen
lists at jnielsen.net
Tue Jul 19 20:38:38 UTC 2016
> On Jun 20, 2016, at 6:50 AM, Rick van der Zwet <info at rickvanderzwet.nl> wrote:
>
> I would like to be able to limit bandwidth (upload + download) per
> client using dummynet. Yet I fail to create dynamic pipes which matches
> both upload and download at the same time. re2 is the interface on which
> the the clients are connected in network 192.168.0.0/24.
>
> I am able to limit download (300Mbit/s) with dynamic pipes using:
> ${fwcmd} pipe 1 config bw 300Kbit/s mask dst-ip 0xffffffff
> ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.0/24 via re2 out
>
> I am able to limit upload (300Mbit/s) with dynamic pipes using:
> ${fwcmd} pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff
> ${fwcmd} add 60000 pipe 1 ip from 192.168.0.0/24 to not me via re2 in
>
> I am able to limit upload+download (total 300Mbit/s) for single
> (192.168.0.10) IP using:
> ${fwcmd} pipe 1 config bw 300Kbit/s
> ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.10/32 via re2 out
> ${fwcmd} add 60000 pipe 1 ip from 192.168.0.10/32 to not me via re2 in
>
> Yet duplicating the last one for all client IPs addresses 'feels' wrong
> and is a bit verbose. Am I able to limit upload+download bandwidth for
> multiple IPs without pre-creation of 1 pipe per client and the required
> rules?
You can create a per-IP pipe using the "mask" keyword when defining the pipe, e.g.:
ipfw pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff
However, that would create different pipes based on source IP only (regardless of direction). I'm not sure there's a way to handle both directions in a single pipe other than creating a static pipe per IP as you've outlined above.
JN
More information about the freebsd-ipfw
mailing list