pf and dummynet
Kristof Provost
kp at FreeBSD.org
Mon Jul 29 20:18:07 UTC 2019
On 29 Jul 2019, at 22:15, Rodney W. Grimes wrote:
>> On 29 Jul 2019, at 20:22, mike tancsa wrote:
>>> On 7/29/2019 1:51 PM, Kristof Provost wrote:
>> In general I?d expect quality of service and bandwidth limits to only
>> be effective in the upstream direction (when going from a fast link to a
>> slow one). There?s no good way to limit how much traffic other
>> machines send to you.
>
> Though dummynet is most effective in on the outbound
> stream (absolute control) it can be used to good effect
> on an incoming stream due to the end-to-end paradigm of
> the internet and the fact that congestion must be dealt
> with.
>
> If dummynet holds packets and parcels them into a box at
> a lower rate for things like TCP you'll end up reducing
> the congestion window and hence the senders rate. Or you
> can get into the ACK clock situation here the sender simply
> does not send any more data until it gets an ack back as
> it already has filled the congestion window.
>
> I have been using dummynet for decades in this way,
> and it more or less "just works."
>
True, with the caveat that that’s only for TCP of course.
Regards,
Kristof
More information about the freebsd-pf
mailing list