Thanks alot for your example.
I have decided that it might not be neccesary to cap each host, since the
customer only want fair-sharing of the aviable bandwidth.
So that should work with just one rule per direction.
Besides the ipfw/dummynet equivalent would be like this
-
ipfw add pipe 1 ip from any to 192.168.1.0/24
ipfw add pipe 2 ip from 192.168.1.0/24 to any
ipfw pipe 1 config bw 512Kbit/s queue 10
ipfw pipe 2 config bw 521Kbit/s queue 10
-
This is from my memory, so there might be an error somewhere 8).
Is there any plans to make per ip queues simpler in pf (so it can be
done with something similar to the above)?
Btw, thans to all the people in this list who are very helpful.
//Kristoffer
On Tue, Jun 03, 2003 at 10:18:59AM +0200, Kristoffer Björk wrote:
Is there anyway you could simplyfy this using macros/whatever?
that many rules and queues seems abit messy, so any ideas on how to
keep pf.conf small and tidy would be appriciated.
hi kristoffer:
in my scenario, i have an ADSL uplink ( 512Kb upload, which is more
like 450 in reality ), and a LAN with a potential for 16 hosts.
also, i have a friend who uses my machine a lot for its east-coast
upload.
here're the relevant parts of my pf.conf, if they can help you:
( note, these are written with 80 column terminal width. )
as you can see, i don't really have a neat and easy one-line macro for
this, but my friend also does some similar queueing setup with a
python script for his employer. he has a CSV datafile of
hosts/MACs/bandwidth/IPs that he can run thru a python jobby and it
will render out an appropriate pf.conf.
### :[.macros,]; ###=-
e = fxp0
e_bw = 465Kb
i = fxp1
i_bw = 100Mb
altq on $i cbq bandwidth $i_bw tbrsize 512 queue { int-ext, int-int }
altq on $e cbq bandwidth $e_bw queue { toplevel }
# $e :
queue toplevel bandwidth $e_bw cbq( borrow default ) { matt, other }
queue mattbandwidth 80% priority 7 cbq( borrow ) { matt_d,
matt_a } queue matt_d priority 4 cbq( borrow )
queue matt_a priority 7 cbq( borrow )
queue other bandwidth 20% priority 2 cbq( borrow ) { estd_d,
estd_a, \
secure_d, secure_a, insecure_d, insecure_a, eblock }
queue estd_d priority 2 cbq( borrow )
queue estd_a priority 5 cbq( borrow )
queue secure_dpriority 3 cbq( borrow )
queue secure_apriority 6 cbq( borrow )
queue insecure_d priority 1 cbq( borrow )
queue insecure_a priority 4 cbq( borrow )
queue eblock priority 0
# $i :
queue int-int bandwidth 99.5Mb priority 3 cbq( default ) {
int-int_a, int-int_d } queue int-int_a priority 6
queue int-int_d priority 2
queue int-ext bandwidth $e_bw priority 7 cbq( borrow ecn )
{ 192.168.7.1, 192.168.7.2, \
192.168.7.3,
192.168.7.4,
\
192.168.7.5,
192.168.7.6,
\
192.168.7.7,
192.168.7.8,
\
192.168.7.9,
192.168.7.10,
\
192.168.7.11,
192.168.7.12,
\
192.168.7.13,
192.168.7.14,
\
192.168.7.15,
192.168.7.16
\
}
queue 192.168.7.1 cbq( borrow ecn ) bandwidth 6.25% priority
7 { 192.168.7.1_a, 192.168.7.1_d } queue192.168.7.1_a cbq
priority 6 queue192.168.7.1_d cbq( borrow
ecn ) priority 2 queue 192.168.7.2 cbq(
borrow ecn ) bandwidth 6.25% priority 7 { 192.168.7.2_a,
192.168.7.2_d } queue192.168.7.2_a cbq
priority 6 queue192.168.7.2_d cbq( borrow ecn )
priority 2 queue 192.168.7.3 cbq( borrow ecn )
bandwidth 6.25% priority 6 { 192.168.7.3_a, 192.168.7.3_d } queue
192.168.7.3_a cbq priority 6 queue
192.168.7.3_d cbq( borrow ecn ) priority 2
queue 192.168.7.4 cbq( borrow ecn ) bandwidth 6.25% priority
6 { 192.168.7.4_a, 192.168.7.4_d } queue192.168.7.4_a cbq
priority 6 queue192.168.7.4_d cbq( borrow
ecn ) priority 2 queue 192.168.7.5 cbq(
borrow ecn ) bandwidth 6.25% priority 5 { 192.168.7.5_a,
192.168.7.5_d } queue192.168.7.5_a cbq
priority 6 queue192.168.7.5_d cbq( borrow ecn )
priority 2 queue 192.168.7.6 cbq( borrow ecn )
bandwidth 6.25% priority 5 { 192.168.7.6_a, 192.168.7.6_d } queue
192.168.7.6_a cbq priority 6 queue
192.168.7.6_d cbq( borrow ecn ) priority 2
queue 192.168.7.7 cbq( borrow ecn ) bandwidth 6.25% priority
4 { 192.168.7.7_a,
