ALTQ bandwidth limiting only from internet IPs
Nils Vogels
nivo+sender+38c70d at yuckfou.org
Sat Nov 26 00:27:11 GMT 2005
Josh Finlay wrote:
> pass out on $ExtIF from $Delta to any keep state queue q_delta_out
> pass out on $ExtIF from $Fear to any keep state queue q_fear_out
> pass out on $IntIF from $Delta to any keep state queue q_delta_in
> pass out on $IntIF from $Fear to any keep state queue q_fear_in
>
> This config seems to work quite well
> but its also queueing local traffic aswell
> so if I'm uploading from "Delta" to somewhere on the internet, my
> local ssh sessions (to the machine running pf) lag due to lack of free
> bandwidth
>
> So how do I tell PF to only queue if its an internet ip? or perhaps a
> better way of saying it, is to *not* queue local traffic (to/from
> local ips).
What you could try is something like this:
table <rfc1918> persist { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 }
pass out on $ExtIF from $Delta to any keep state queue q_delta_out
pass out on $ExtIF from $Fear to any keep state queue q_fear_out
pass out on $IntIF from $Delta to ! <rfc1918> keep state queue q_delta_in
pass out on $IntIF from $Fear to ! <rfc1918> keep state queue q_fear_in
YMMV
--
Simple guidelines to happiness:
Work like you don't need the money,
love like your heart has never been broken and
dance like no one can see you.
More information about the freebsd-pf
mailing list