Hi guys-
I've been using an OpenBSD firewall on my home network for about 10
years. I recently upgraded the hardware to a retired gaming machine and
went to OpenBSD 4.3 (woo!).
I'm playing with the new scheduler in altq, and I like the way that it
works, but the documentation is iffy and it still doesn't look like it
solves one problem that priq and cbq couldn't solve... prioritizing
outbound traffic on a variable-bandwidth link. (Yes, I've got a cable
modem. =D)
Here's the problem I'm trying to solve: My cable modem allows around
750kb/s when traffic is really ugly, and about 2100kb/s in the dead of the
night. In order for the scheduler to know when to start limiting traffic,
I have to tell it how fast the link is.... but I don't *know* how fast the
link is, because it varies.
I've been trying the following rules:
altq on $ext_if bandwidth 2048Kb hfsc queue { ack, dns, games, def, bt }
queue ack bandwidth 80% priority 6 qlimit 500 hfsc (realtime 50%
ecn)
queue dns bandwidth 5% priority 5 qlimit 500 hfsc (realtime 5%
ecn)
queue games bandwidth 5% priority 3 qlimit 500 hfsc (realtime 5% ecn)
queue def bandwidth 5% priority 2 qlimit 500 hfsc (realtime 10%
ecn default)
queue bt bandwidth 5% priority 1 qlimit 500 hfsc (upperlimit 80%
red)
(the ack queue is TCP ack's, the dns queue is DNS requests, high priority
user traffic and VOIP goes in "games", and the rest is regular and
low-priority user traffic.
When I'm usually using the internet connection, my outbound bandwidth is
probably around 1200kb. Cranking the bandwidth down to 750 or so is one
solution, but then I'm artificially limiting my own upstream to the worst
case scenario.
My questions are:
1) Is there a more effective way I could be doing the above?
2) Regarding hfsc, what is the old "bandwidth" statement used for? It seems
like it would be obsolete. Changing it doesn't seem to affect anything,
either. The manpage doesn't say. :)
3) Another hfsc question- exactly what does the linkshare statement do? The
manpage says : " linkshare <sc> The bandwidth share of a backlogged
queue.").
Thanks :)
--Chris
