rate limiting an interface
3.9 GENERIC#617 i386 Wanted to know what are the possible ways to rate limit an ethernet interface, if queues in pf will do this, or is any other way, i have a 2meg colo connection and dont wnat to go over it or ill get charged, and the ISP wont cap it, so i have to cap myself. Thanks -- -Lawrence
Re: rate limiting an interface
On 6/15/06, John R. Shannon [EMAIL PROTECTED] wrote: Lawrence Horvath wrote: 3.9 GENERIC#617 i386 Wanted to know what are the possible ways to rate limit an ethernet interface, if queues in pf will do this, or is any other way, i have a 2meg colo connection and dont wnat to go over it or ill get charged, and the ISP wont cap it, so i have to cap myself. Thanks You can rate limit with the altq built into pf. -- John R. Shannon, CISSP [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Can i rate limit both ways, incomming and outgoing, the pf documentation for queues sd only one way, but is there a way to keep the system from downloading as much to it? so as to keep under my quota going both ways? -- -Lawrence
Re: rate limiting an interface
Lawrence Horvath [EMAIL PROTECTED] wrote on Thu 15.Jun'06 at 13:27:54 -0700 On 6/15/06, John R. Shannon [EMAIL PROTECTED] wrote: Lawrence Horvath wrote: 3.9 GENERIC#617 i386 Wanted to know what are the possible ways to rate limit an ethernet interface, if queues in pf will do this, or is any other way, i have a 2meg colo connection and dont wnat to go over it or ill get charged, and the ISP wont cap it, so i have to cap myself. Thanks You can rate limit with the altq built into pf. -- John R. Shannon, CISSP [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Can i rate limit both ways, incomming and outgoing, the pf documentation for queues sd only one way, but is there a way to keep the system from downloading as much to it? so as to keep under my quota going both ways? Think about this, a bit. If you dont realize whats wrong with the notation of limiting incoming traffic to not download as much to it then well, shit. -- -Lawrence -- Thordur I. Bjornsson Philosophy is to the real world as masturbation is to sex. -- Karl Marx
Re: rate limiting an interface
Thordur I. Bjornsson wrote: Lawrence Horvath [EMAIL PROTECTED] wrote on Thu 15.Jun'06 at 13:27:54 -0700 Can i rate limit both ways, incomming and outgoing, the pf documentation for queues sd only one way, but is there a way to keep the system from downloading as much to it? so as to keep under my quota going both ways? Think about this, a bit. If you dont realize whats wrong with the notation of limiting incoming traffic to not download as much to it then well, shit. I've never tried it so I could be way off, but has anyone thought about doing the reverse of prioritizing ACKs to limit downloads? Specifically, assign the ACKs to a cbq with a small fixed bandwidth so that the source is fooled into thinking that you can't receive as fast as you really can. With a little math you should be able to come up with a bandwidth amount for ACKs that will result in the chocked download you require. Of course, this assumes that your packets are max size and that this is TCP traffic only. Like I said, I've never tried it, but it may be worth a shot. Breeno
Re: rate limiting an interface
On 6/15/06, John R. Shannon [EMAIL PROTECTED] wrote: Lawrence Horvath wrote: On 6/15/06, John R. Shannon [EMAIL PROTECTED] wrote: Lawrence Horvath wrote: 3.9 GENERIC#617 i386 Wanted to know what are the possible ways to rate limit an ethernet interface, if queues in pf will do this, or is any other way, i have a 2meg colo connection and dont wnat to go over it or ill get charged, and the ISP wont cap it, so i have to cap myself. Thanks You can rate limit with the altq built into pf. -- John R. Shannon, CISSP [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Can i rate limit both ways, incomming and outgoing, the pf documentation for queues sd only one way, but is there a way to keep the system from downloading as much to it? so as to keep under my quota going both ways? You might find this E-mail answers your question: http://lists.freebsd.org/pipermail/freebsd-pf/2005-November/001657.html -- John R. Shannon, CISSP [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Thank you for that link, i was under the impression that altq wouldn't work on incoming, period, but the link helped, thank you -- -Lawrence
Re: rate limiting an interface
On Friday 16 June 2006 04:27, Lawrence Horvath wrote: You can rate limit with the altq built into pf. Can i rate limit both ways, incomming and outgoing, the pf documentation for queues sd only one way, but is there a way to keep the system from downloading as much to it? so as to keep under my quota going both ways? Yes, but not in a way that will guarantee that you wont get more than 2Mb incoming. In fact, there is NO way you can effectively shape incoming traffic in this situation, no matter what OS you run. If someone wants to send you a boatload of traffic and your colo isnt capping your bandwidth you will most likely go over 2Mb and there's nothing you can do about it since you cant cancel packets that has already gone over the wire. If the colo can't/won't cap incoming traffic and want to charge you for going over your limit they're either ignorant, lazy or trying to scam you. --- Lars
