List Info

Thread: Misc PF +ALTQ questions
Misc PF +ALTQ questions
user name
 2008-05-25 22:18:22 
Hello All,

I have been looking at the possibility of doing a project to
create a C 
API library for PF + ALTQ and possibly a higher level C++
API. I am new to 
these components and fairly new to FreeBSD. I have been
looking at the man 
pages and various other docs on the topic. It would seem I
can glean most 
of the ioctl info from the pfctl source. However, I have a
few question 
the I haven't been able to find answers to. I apologize if
these have been 
answered before and I have missed them.

1. Most of the examples I've seen are oriented towards a
home or small 
office user with a DSL or cable Internet connection. My
focus is more in 
the ISP area. I want to support the ability to hard limit
bandwidth by IP 
and/or MAC address. I have read somewhere that MAC addresses
can be used 
as a source, but this can only be done in bridge mode. Is
this correct?

2. I can see how a queue could be crated for each IP address
and the 
traffic from that IP sent to the appropriate queue. This
would result in 
quite a few queues when done for an entire /24 subnet. Is
there a better 
way to do this? I have also read somewhere that table
lookups are pretty 
fast. Is there a way to take advantage of this fact where
bandwidth 
limiting is concerned?

3. Would I be better off using one of the existing queueing
disciplines as 
an example and writing some code specifically designed to do
what I'm 
wanting to do?

4. Is there any good info on the bandwidth usage statistics
provided by PF 
+ ALTQ? I would like to do as much through the ioctl
interface as 
possible.

5. I am also looking for a way to enumerate the IPs and MACS
that are 
being seen by a particular interface. Again, I would like to
do as much 
through the ioctl interface as possible. The pflog component
is not really 
a possibility because my application will be for embedded
use.

Comment: I must say I am very impressed with the fact that
the ioctl 
interface is actually provided and documented to some
degree. I am really 
enjoying the fact that there seems to be much more doc in
general in this 
area than of Linux. Many thanks to the folks that took the
time to do this 
work.

Thanks in advance,
-G






 
_______________________________________________
freebsd-pffreebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to
"freebsd-pf-unsubscribefreebsd.org"
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )