PF + ALTQ - Bandwidth per customer
Tom Uffner
tom at uffner.com
Thu Feb 12 01:26:41 PST 2009
eculp wrote:
> I don't remember why but for some reason I have the idea that pf+altq is
> not bidirectional. Am I mistaken?
no solution that does not involve cooperation from your upstream
connection(s) is truly bidirectional. it is easy to limit/shape
your outbound traffic. on the other hand it is difficult if not
impossible to unilaterally control the amount or sources of inbound
data arriving at your border router(s) on it's way to various
applications (mail servers, for example).
you can _pretend_ to by dropping, queuing or otherwise limiting it
once inside your network, but you cannot meaningfully prevent it from
using your downlink bandwidth and potentially crowding out other,
possibly more desirable, inbound data.
More information about the freebsd-pf
mailing list