Sorry, if my explanation don't have enough details.
- The internet connection is an E1
- There are ~150 users (IPs)
- The company give full internet access to the clients. With no service
restriction.
- There only a C class LAN.
E1 --- OpenBSD Firewall --- LAN with ~150 IPs
The problem is to distribute equally the bandwidth to the users. My
first approach is a CBQ rule by user giving a minimum bandwidth quote
and using the "borrow" option, to use the remaining bandwidth when some
users don't waste the bandwidth. But the number of rules is so big.
I hope that my explanation can be useful.
On 07/09/10 13:43, Johan Beisser wrote:
On Tue, Sep 7, 2010 at 11:15 AM, Hermes Ojeda Ruiz<hermes....@gmail.com> wrote:
Hi, Maybe this is a basic question, but I've read the man pages and the PF
book and I don't know how solve this problem.
- I have an E1 and the problem is how to distribute the bandwidth equally on
all the ip's. There are some constraints like use DHCP, and no block ports.
What exactly are you trying to accomplish. Please explain a little
more, in detail.
I have some simple firewalls with prioritization, but I don't know how
should do that. May be with CBQ but they are a lot of rules.
If you're trying to set up a fair service, remember that PF simply
processes the packets as they come in. So turn off queues, or define
what you're trying to accomplish first.
If you're trying to ensure some kinds of traffic can always leave
"fairly" take a look at using HFSC queuing, then define the queues
based on ports and use packet tagging to define what matches each
queue.
http://cvs.openbsd.org/faq/pf/tagging.html
jb
