I'm interested to hear how people utilise dummynet in a NAT environment.
How does one create a pipe for a NAT network without effecting the
actual LAN speed ? For example, on the gateway:

$fwcmd add pipe 1 ip from to any out
$fwcmd add pipe 2 ip from any to in
$fwcmd pipe 1 config bw 128Kbit/s
$fwcmd pipe 2 config bw 128Kbit/s

The above example would be fine if were only talking to
the internet but unfortunately it also effects the machines from talking
to each other internally. The only interface you can specify is the
internal interface(bge1) because this is the only time that ipfw will
see the addresses before they are passed to NAT(ipnat) and will not be
seen on the external interface(bge0). So basically the above example
should be written as:

$fwcmd add pipe 1 ip from to any out via bge1
$fwcmd add pipe 2 ip from any to in via bge1

This however will also give an internal LAN speed of
128Kbit/s which is to say quite humorous ;-)

What is the solution to this ? ..I'm obviously missing something. The
internal interface is not firewalled.

Many thanks,
Nelis Lamprecht
PGP: http://www.8ball.co.za/pgpkey/nelis.asc
"Unix IS user friendly.. It's just selective about who its friends are."

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to