Hello! Consider a NetBSD 9.0 (release) system using both npf and altqd. This machine has two NICs and it is a gateway. First NIC is connected to a LAN, with multiple hosts, and second NIC is connected to the modem. With npf, the following is applied:
map $if_second_nic dynamic $internal_lan -> $second_nic_ipv4 This is a NAPT, so when a packet from a LAN host is outgoing from the second NIC, its source address is mapped into the second NIC's IP. One of the few (or maybe the only) examples about altqd configuration is here: <https://wiki.netbsd.org/tutorials/altqd_traffic_shaping_example/> It creates this filter: filter bge0 high_class 0 0 0 0 17 where the third `0' means `any source IP address'. Assume that bge0 is the second NIC. This is for packets outgoing from it. Does altqd act: 1) before or 2) after npf? Because in case 1) the `source IP address' will be the one of the LAN hosts who generated the packet, which is the real source IP address of that packet. Instead, in case 2), any packet outgoing from bge0 will always have bge0's IP address, thus making impossible any source IP distinction between the packets in this filter. Does anyone know which is the case? Rocky
