Limiting client bandwidth with PF

Catalin Miclaus catalin at starcomms.com
Wed Jul 23 16:26:48 UTC 2008 

Hello Walter,

There are some open bugs for pf with altq.
You may want to consider ipfw and pipes to achieve same.









Best Regards
Catalin Miclaus
Network/Security ISP-Data
Starcomms Ltd.

-----Original Message-----
From: owner-freebsd-pf at freebsd.org [mailto:owner-freebsd-pf at freebsd.org]
On Behalf Of Walter Venable
Sent: Wednesday, July 23, 2008 2:04 PM
To: freebsd-pf at freebsd.org
Subject: Limiting client bandwidth with PF

Hi all, I'm having some trouble getting pf to do what I want.
I'm a newbie to pf, so I can't get my configuration quite right.

We have a 3Mb/1Mb connection and I want to limit my clients each to
128Kbps/64Kbps.

First things first, limit them to 128Kbps, but that isn't even working,
as
clients are still maxing at 3Mbps:

$ cat /etc/pf.conf
int_if="rl0"
ext_if="nfe0"
int_net="192.168.2.0/24"

altq on $ext_if hfsc bandwidth 3Mb queue { clients }
queue clients bandwidth 128Kb hfsc ( default rio )
pass in quick log on $int_if proto tcp from $int_net to any \
 flags S/SA keep state queue clients

$ sudo pfctl -sq
queue root_nfe0 on nfe0 bandwidth 3Mb priority 0 {clients}
queue  clients on nfe0 bandwidth 128Kb hfsc( rio default )

Can anyone say why this isn't working?  More info about the network if
you
need it:

Internet -- Router (192.168.1.1) -- (nfe0 @ 192.168.1.200 ) FreeBSD
Gateway
(rl0 @ 192.168.2.1) -- switch -- Clients (192.168.2.0/24)
_______________________________________________
freebsd-pf at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"


DISCLAIMER: The information contained in this message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and permanently delete this message and any attachments from your system. Any form of dissemination, use, review, distribution, printing or copying of this message in whole or in part is strictly prohibited if you are not the intended recipient of this e-mail. Please note that e-mails are susceptible to change. STARCOMMS PLC shall not be liable for the improper or incomplete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. STARCOMMS PLC does not guarantee that the integrity of this communication has been maintained or that this communication is free of viruses, interceptions or interferences. STARCOMMS PLC reserves the right to monitor all e-mail communications, whether related to the business of STARCOMMS or not, through its internal or external networks.

More information about the freebsd-pf mailing list