tags:

views:

22

answers:

1
Q: 

FreeBSD bandwidth distribution

We have a FreeBSD server. Primary IP is 11.11.11.11. Also there are two additional IPs 22.22.22.22 and 33.33.33.33.

Need to set up a firewall on this server doing the following:

  1. If user downloads from 11.11.11.11, grant him 5Mbit guaranteed bandwidth.

  2. If user downloads from 22.22.22.22 limit download bandwidth to 320Kbit per incoming ip so if one ip is downloading using 10 connections/threads, bandwidth will be 32Kbit.

  3. If user downloads from 33.33.33.33 download bandwidth is not limited. Moreover if all 95Mbit is used it should take bandwidth from users downloading from 22.22.22.22.

+1  A: 

You will need ALTQ, which is a part of Packet Filter (PF). Please take a look at the examples in:

/usr/share/examples/pf/

and nice documentation from OpenBSD website:

http://www.openbsd.org/faq/pf/queueing.html

You will probably find in the examples configuration very similar to your.

Maciej Kucharz  2010-08-09 11:41:39

related questions

Is it possible to get the remote ip address in the Apache log file when behind a NAT firewall?
jboss 4.2.2 GA under windows server 2008 - possibly firewall related?
How secure is IP address filtering?
Client firewall blocks all ports but 80 and 443, need away to forward requets on port 443 to SSH or HTTPS
Is this a Windows XP firewall bug?
Microsoft Active Directory Port
Best way to redirect image requests to a different webserver?
Interesting issue with WCF wsHttpBinding through a Firewall
Is Port Redirection/Forwarding (i.e. 8443 -> 3389) for Windows Vista/Server 2008 possible with the built-in firewall?
ASP.NET application exhibits strange behaviour through firewall
Do you require deep packet inspection on a server-only firewall?
How to Configure SQL Server 2005 Replication through a firewall?
Open ports under Fedora Core 8 (for VMWare Server)
java.sql.Connection extension for SSH
How to create Windows firewall exception in Visual Basic 2005?
UDP and my computer?
Are your attempts to get Answers from Stackoverflow, Google etc. Hampered by your company's firewall
Programmatically add an application to Windows Firewall
Preventing Cisco PIX/ASA5520 from advertising ospf default route to zone
Trying to load files from github through a firewall is impossibly slow. Any suggestions for workarounds?
In Delphi, How do I get an enumerator from LocalPolicy.CurrentProfile.GloballyOpenPorts in the Firewall API
Firewall - Build or Buy
Configuring sendmail behind a firewall
WCF push to client through firewall?
How would I get started writing my own firewall?