On Tue Oct 15 2013 16:32, Wesley MOUEDINE ASSABY wrote:
> Le 2013-10-15 16:18, Norman Golisz a écrit :
> >On Tue Oct 15 2013 14:08, Norman Golisz wrote:
> >>On Tue Oct 15 2013 15:48, Wesley MOUEDINE ASSABY wrote:
> >>> When i download a file using the host 192.168.1.1
> >>> and do at the same time :
> >>>
> >>> # pfctl -vvs queue
> >>>
> >>> queue restriction on axe0 bandwidth 800K qlimit 50
> >>> [ pkts: 0 bytes: 0 dropped pkts: 0
> >>bytes:
> >>> 0 ]
> >>> [ qlength: 0/ 50 ]
> >>> [ measured: 0.0 packets/s, 0 b/s ]
> >>> queue employee parent restriction on axe0 bandwidth 10K qlimit 50
> >>> [ pkts: 21119 bytes: 30624777 dropped pkts: 0
> >>bytes:
> >>> 0 ]
> >>> [ qlength: 0/ 50 ]
> >>> [ measured: 115.8 packets/s, 1.35Mb/s ]
> >>
> >>yap, bandwidth restrictions apply on upload, only. So, you're
> >>effectively using 10K for TCP ACK packets.
> >
> >you might want to restrict bandwidth on the LAN interface, though.
> >You'd
> >configure the queues as above on the LAN interface and apply packets
> >going "out"/upload.
>
> Actually, queue is defined on axe0 ("IN"); it is the lan interface.
> It doesn't work (downloading limited).
>
> I already tried this:
> block all
> pass in log quick on lan from $employee set queue employee tag policy1
> pass in on lan
> pass log quick tagged policy1
> pass out on egress
> # Downloading still not limited.
>
> Any idea ?
Yes, I remember you need to explicitly set a "maximum" bandwidth to the
queue definition:
queue employee parent restriction bandwidth 10K max 10K
Does this work for you?
