网文# 发表于 2006-10-5 01:25:32

macafee帮帮忙,关于Traffic Shaping如何设置?

今天终于把Traffic Shaping设置成功,知道如何为每IP设置限速,但方法非常麻烦,想请教一下我的设置是否有问题,或者有哪些更直接的方法?
1、除了两个父queue之外,为每IP都设置两个queue,一个是UP,一个是DOWN,每个queue的Bandwidth设置为10%,Service Curve-》upperlimit的M2中输入这个queue的最大流量。

以上是我的设置方法,但发现这样设置非常繁琐,因为要为每IP设置两个QUEUE而且还要为每IP写两个RULES,如果一个网段里有200台机子,那么就要添加800个条目才能完成这实在太累人了,请问版主有没有好的方法实现,或者Traffic Shaping有没有响应的选项简化这些操作,谢谢!

macafee 发表于 2006-10-5 09:31:23


网文# 发表于 2006-10-5 13:45:23


macafee 发表于 2006-10-5 21:14:04


macafee 发表于 2006-10-7 10:16:41


网文# 发表于 2006-10-7 13:48:10


macafee 发表于 2006-10-7 14:05:25


macafee 发表于 2006-10-8 19:15:32


# enable queueing on the external interface to control traffic going to
# the Internet. use the priq scheduler to control only priorities. set
# the bandwidth to 610Kbps to get the best performance out of the TCP
# ACK queue.

altq on fxp0 priq bandwidth 610Kb queue { std_out, ssh_im_out, dns_out, \
   tcp_ack_out }

# define the parameters for the child queues.
# std_out      - the standard queue. any filter rule below that does not
#                explicitly specify a queue will have its traffic added
#                to this queue.
# ssh_im_out   - interactive SSH and various instant message traffic.
# dns_out      - DNS queries.
# tcp_ack_out- TCP ACK packets with no data payload.

queue std_out   priq(default)
queue ssh_im_outpriority 4 priq(red)
queue dns_out   priority 5
queue tcp_ack_out priority 6

# enable queueing on the internal interface to control traffic coming in
# from the Internet. use the cbq scheduler to control bandwidth. max
# bandwidth is 2Mbps.

altq on dc0 cbq bandwidth 2Mb queue { std_in, ssh_im_in, dns_in, bob_in }

# define the parameters for the child queues.
# std_in      - the standard queue. any filter rule below that does not
#               explicitly specify a queue will have its traffic added
#               to this queue.
# ssh_im_in   - interactive SSH and various instant message traffic.
# dns_in      - DNS replies.
# bob_in      - bandwidth reserved for Bob's workstation. allow him to
#               borrow.

queue std_in    bandwidth 1.6Mb cbq(default)
queue ssh_im_in bandwidth 200Kb priority 4
queue dns_in    bandwidth 120Kb priority 5
queue bob_in    bandwidth 80Kb cbq(borrow)

# ... in the filtering section of pf.conf ...

alice         = ""
bob         = ""
charlie       = ""
local_net   = ""
ssh_ports   = "{ 22 2022 }"
im_ports      = "{ 1863 5190 5222 }"

# filter rules for fxp0 inbound
block in on fxp0 all

# filter rules for fxp0 outbound
block out on fxp0 all
passout on fxp0 inet proto tcp from (fxp0) to any flags S/SA \
   keep state queue(std_out, tcp_ack_out)
passout on fxp0 inet proto { udp icmp } from (fxp0) to any keep state
passout on fxp0 inet proto { tcp udp } from (fxp0) to any port domain \
   keep state queue dns_out
passout on fxp0 inet proto tcp from (fxp0) to any port $ssh_ports \
   flags S/SA keep state queue(std_out, ssh_im_out)
passout on fxp0 inet proto tcp from (fxp0) to any port $im_ports \
   flags S/SA keep state queue(ssh_im_out, tcp_ack_out)

# filter rules for dc0 inbound
block in on dc0 all
passin on dc0 from $local_net

# filter rules for dc0 outbound
block out on dc0 all
passout on dc0 from any to $local_net
passout on dc0 proto { tcp udp } from any port domain to $local_net \
   queue dns_in
passout on dc0 proto tcp from any port $ssh_ports to $local_net \
   queue(std_in, ssh_im_in)
passout on dc0 proto tcp from any port $im_ports to $local_net \
   queue ssh_im_in
passout on dc0 from any to $bob queue bob_in

hailong001 发表于 2006-10-9 12:28:23


网文# 发表于 2006-10-10 22:15:55

原帖由 macafee 于 2006-10-8 19:15 发表

# enable queueing on the external interface to control traffic going to
# the Internet. use the priq scheduler to control only priorities. set
# the bandwid ...

页: [1]
查看完整版本: macafee帮帮忙,关于Traffic Shaping如何设置?