Traffic Shaping Bridge with Dummynet

2009-09-14 Thread Dan D Niles 

I am trying to do traffic shaping using a bridge on FreeBSD 7.1.

I have the bridge configured and it works fine.  It looks like this:

rest of network - xl0 - bridge0 - xl1 - side to be shaped

It works with the following set of ipfw rules (pipes in but 
unlimited bw):

network=10.10.10.0/24
limit=0
ipfw -q -f flush

ipfw -q pipe 1000 config mask dst-ip 0x00ff bw $limit
ipfw -q add pipe 1000 ip from any to $network via xl1

ipfw -q pipe 1001 config mask src-ip 0x00ff bw $limit
ipfw -q add pipe 1001 ip from $network to any via xl1

ipfw -q add 6 allow all from any to any

If I change the limit to 1Mbit/s (or anything else) it stops passing
traffic.  I used tcpdump and I can see the traffic on the bridge but I
cannot see it after the bridge.  However ipfw -a list shows the counts
for the pipe going up, which doesn't make sense to me.

I've tried adding:
ipfw -q add allow all from any to any via bridge0
ipfw -q add allow all from any to any via xl0
before the pipes.  I also tried moving the pipes to bridge0 and xl0.

The docs on bridging
(http://www.freebsd.org/doc/en/books/handbook/network-bridging.html)
says The bridge can be used as a traffic shaper with altq(4) or
dummynet(4).

So what am I doing wrong?  What else do I need to do to limit the
bandwidth over a bridge?

Thanks,

Dan


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Bridge and dummynet

2005-03-12 Thread F. Banna 
Good Day Guys.
I installed FreeBSD 5.3 and everything worked fine .
i recompiled the kernel included options for
   IPDIVERT
   IPFIREWALL
   IPFIREWALL_VERBOSE
   BRIDGE
everything went fine
i did the systcl to load the two network cards as should be
 sysctl net.link.ether.bridge.config=rl0:0,rl1:0
 sysctl net.link.ether.bridge.ipfw=1
 sysctl net.link.ether.bridge.enable=1

schema
  client 1 FreeBSD  bridge
/--\   /---\ 
 /\
 a.b.c.d|--|rl0 -   
-rl1|-| external network|
\--/   \---/ 
 \/

so far everything is working fine .
now my internal network is connected physically to rl0.
i want to rate limit ip a.b.c.d from internal network to 32Kbit uplink and 
128Kbit downlink .

in the manual and documention given on the sites it helps but not on the 
same network card as needed in here !

i was successfull to rate limit uplink but not downlink ! as such
ipfw pipe 1 config bw 32Kbit/s queue 4Kbyte
ipfw add pipe 1 all from a.b.c.d to any in recv rl0  # uplink limitation 
works fine

ipfw pipe 2 config bw 128Kbit/s queue 4Kbyte
ipfw add pipe 2 all from any to  a.b.c.d  out xmit rl0  # downlink doesn't 
match

if there is something i missed then feel free to guide me .
else if its possible for someone parse his/her connfiguration
Thanks
F. B.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]