Hi!
I have FreeBSD9 router with ADSL connections and with 5Mb/s download speeed
and only 850 Kb/s upload.
I am attempting prioritization outgoing traffic coming from LAN (bulk and TCP
ACK) and traffic coming from the router, because I have some services running
on the server for remote clients.
mst="modulate state"
ext_if="em0"
int_if1="em1"
table <lan> persist {192.168.10/24}
set skip on {lo}
set ruleset-optimization basic
set state-policy if-bound
set require-order yes
scrub on $ext_if all random-id no-df min-ttl 128
### ALTQ
altq on $ext_if hfsc bandwidth 800Kb queue {std, lan, lan_ack, serv, serv_ack}
queue std bandwidth 50Kb priority 1 hfsc (default realtime 50Kb)
queue lan bandwidth 50Kb priority 2 hfsc (realtime 50Kb)
queue lan_ack bandwidth 50Kb priority 7 hfsc (realtime 300Kb upperlimit 300Kb)
queue serv bandwidth 50Kb priority 2 hfsc (realtime 50Kb)
queue serv_ack bandwidth 50Kb priority 7 hfsc (realtime 50Kb)
###
nat on $ext_if tag INET tagged INET -> ($ext_if) port 1024:65535
###################### BLOCK IN/OUT/ALL
block all
block in quick inet from urpf-failed to any
block in quick inet from no-route to any
antispoof quick for {$int_if1 lo} inet
####################### PASS IN
### EXT_IF_IN
pass in quick on $ext_if inet from any to ($ext_if) $mst (max 100) queue (serv
serv_ack)
### INT_IF
pass in quick on $int_if1 inet from <lan> to !$int_if1 $mst tag INET
pass in quick on $int_if1 inet from <lan> to $int_if1
###################### PASS OUT
### EXT_IF
pass out quick on $ext_if inet from $ext_if to any tagged INET queue (lan
lan_ack)
pass out quick on $ext_if inet from $ext_if to any queue (serv serv_ack)
### INT_IF
pass out quick on $int_if1 inet from $int_if1 to <lan>
pfctl -vvsq
queue root_em0 on em0 bandwidth 800Kb priority 0 {std, lan, lan_ack, serv,
serv_ack}
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue std on em0 bandwidth 50Kb hfsc( default realtime 50Kb )
[ pkts: 3 bytes: 126 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue lan on em0 bandwidth 50Kb priority 2 hfsc( realtime 50Kb )
[ pkts: 17 bytes: 1123 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue lan_ack on em0 bandwidth 50Kb priority 7 hfsc( realtime 300Kb upperlimit
300Kb )
[ pkts: 8872 bytes: 479088 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 49.0 packets/s, 21.19Kb/s ]
queue serv on em0 bandwidth 50Kb priority 2 hfsc( realtime 50Kb )
[ pkts: 11290 bytes: 17089007 dropped pkts: 0 bytes: 0 ]
[ qlength: 43/ 50 ]
[ measured: 50.0 packets/s, 605.60Kb/s ]
queue serv_ack on em0 bandwidth 50Kb priority 7 hfsc( realtime 50Kb )
[ pkts: 29 bytes: 2597 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
Without ALTQ when anybody from Internet dowloading from server the dowload
speed for LAN bring down to 20Kb/s. When use ALTQ - speed for LAN users bring
down to 2Mb/s. This is good, but not as I have specified in pf.conf
I have specified realtime speed for ACK's packets 300Kb but in real I have
about 20Kb.
In above queues output, one user from LAN downloading file and one from
Internet downloading from router. Both via ftp.
Where is my mistake?
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
