Ivo Chutkin ??????:
Hello to all here,
I would be grateful if you share your ideas and experience with me.
The problem is not related to OpenBSD as I do not use it yet in
production environment, but I plan to go over it as soon as I finish
my tests and feel comfortable with it. :-)
Actually the developers have done grate job, thanks and keep the good
work.
I work for small ISP with clients over metro links.
The problem is that I could not get outgoing traffic (from my clients
to the Internet) shaped the correct way. I have 4 bgp sessions with
different transit providers on 4 different interfaces, so sometimes I
see outgoing traffic loads by single client over all 4 links which is
4 times this client should get :-(
Is there a way to shape the outgoing traffic, for example, to total of
5Mbps to single client no mater which interface he uses to exit?
Something like combined queue... not 5Mbps per interface.
I was thinking about creating loopback interface for each client and
put queues and redirect all traffic through it.
Is there a point doing this?
Currently it is single router setup.
I hope I made it somehow clear. If you need additional info just let
me know.
Thanks for your time,
Ivo
This is how we do it:
* all external links go over ONE physical interface, and each BGP
session to each provider is on a different VLAN, but on the very same
physical interface
* as ALTQ works on physical interfaces, not vlans, we assign the queues
on the physical interface that all VLANs to our carriers are configured on
* all VLANs are assigned to group "uplinks" (or whatever you choose)
* traffic is fed into queues from pf with rules like these : pass out on
$ext_group_name from $client_ip to any queue $client_queue_out , where
$ext_group_name is "uplinks" or whatever you've chosen, and
$client_queue_out is a queue configured with altq on the physical interface
* voila, it works!
You should, though, keep in mind that states are kept on the
establishment of the connection (flags S/SA), so you effectively need 4
rules (yes, four) to match all of the clients' inbound/outbound traffic.
Something like this:
pass in on $ext_group_name from any to $client_ip queue $client_queue_out
pass out on $ext_group_name from $client_ip to any queue $client_queue_out
pass in on $int_if from $client_ip to any queue $client_queue_in
pass out on $int_if from any to $client_ip queue $client_queue_in
That's because each state can shape effectively only one direction of
the connection, thus we need states created on both interfaces.
If you need further help, don't hesitate to contact me.
Regards,
Doichin
