[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

using altq for rate limiting on certain ports across multiple interfaces



hi all-

so as much as i love PF, i /still/ cannot wrap my head around ALTQ across multiple interfaces. here's my setup (i'm sure this looks familiar):

                        _________
                       |         |$PRIV_NET <-> $PRIV_IF | FreeBSD | $EXT_IF <-> $EXT_IP ( internet )
                       |_________|


basically, i need to do some constrained bandwidth testing on a web project, so i want to limit all traffic on port 80 between my dev machine on $PRIV_NET and the remote web server.


All my routing is working fine, i've got ALTQ happily limiting upstream bandwidth for the hosted services (http, imaps, etc) on the FreeBSD machine, but i cannot for the life of me figure out how to do the end-to-end bandwidth limiting on a particular port across interfaces (short of limiting the entire bandwidth on $PRIV_IF to the desired level). I'd post the rules i've got, but every combo seems to fail. If this is inadequate, i will absolutely post my pf.conf, i just figure this is more of a methodology question than a configuration question (at least for now).

My /guess/ is that i need 2 queues - one on $EXT_IF inbound and one on $PRIV_IF outbound. Or perhaps i simply need to be tagging packets? $PRIV_NET is NATed, as one might expect.

Thanks in advance.

Cheers,
Darren David