Traffic Shaping with pf ...
Matthew Grooms
mgrooms at seton.org
Wed Nov 16 14:43:31 PST 2005
Max Laier wrote:
> On Wednesday 16 November 2005 23:18, Matthew Grooms wrote:
>
>> I have a couple of firewalls running freebsd 5.4 and pf and was
>>planning to use ALTQ for traffic shaping. But after doing a bit of
>>reading, it would seem that ALTQ only works on traffic passing outbound
>>on an interface. Since most of the traffic passing through my firewall
>>is http and ftp traffic, the inbound direction is the path being
>>saturated. Did I read the ALTQ documentation wrong or is there another
>>mechanism available for use with pf that could help me prioritize
>>bandwidth usage?
>
>
> You can not control inbound traffic! You can not control what other people
> sent to you! It's impossible. The only way to do it is to limit *outbound*
> traffic on an upstream router.
>
Max,
As always, thanks for your reply. Sounds like you may have heard this
question once or twice ;) Sorry for being naive.
I understand what you are saying and this makes sense to me. But would
it stand to reason that if you limit the rate of packets in a TCP stream
that the windowing would slow the generation of traffic from the source
host? I understand UDP is another animal all together.
Do pipes in ipfw only effect outbound traffic on an interface?
Thanks,
-Matthew
More information about the freebsd-pf
mailing list