On Jan 11, 2:44=A0pm, s...@spacehopper.org (Stuart Henderson) wrote:
> On 2011/01/11 12:46, Bonnie Packet wrote:
>
> > =A0 =A0 =A0 =A0 the question is how to manage it simultaneously with th=
e
> > download direction when those packets already part of an established,
> > stateful TCP connection that bypasses the firewall rules.
>
> the PF state is associated with queue by name - you can use
> the same queue name on more than one interface. in many situations
> doing this gives you just enough control that you can limit traffic
> in both directions on a single machine.
Stuart:
*Ah* thanks - light bulb moment here. The only small problem that the
way I want to "slice" the traffic up may be different in the inbound
versus outbound directions (for example, prioritizing TCP acks in one
direction matters a whole lot more than the other) - but as you
helpfully point out, this still may give me "just enough" control to
do what I need to.
So would I have to have all the queues AND subqueues have exactly the
same names, just on different interfaces? In other words, would I have
to mirror them exactly (except they could have different
characteristics/rates)? eg:
altq on $internal_if cbq bandwidth 12Mb queue { std_wls, slow_wls,
fast_wls, tcp_ack_wls }
queue std_wls bandwidth 4Mb priority 1 cbq(default borrow)
queue slow_wls bandwidth 1Mb priority 0 cbq(ecn)
queue fast_wls bandwidth 6Mb priority 2 cbq(borrow)
queue tcp_ack_wls bandwidth 1Mb priority 4 cbq(borrow)
altq on $extl_if cbq bandwidth 1Mb queue { std_wls, slow_wls,
fast_wls, tcp_ack_wls }
queue std_wls bandwidth 300Kb priority 1 cbq(default borrow)
queue slow_wls bandwidth 100Kb priority 0 cbq(ecn)
queue fast_wls bandwidth 500Kb priority 1 cbq(borrow)
queue tcp_ack_wls bandwidth 100Kb priority 3 cbq(borrow)
(Note different queue sizes and priorities on external_if vs
internal_if queues...)
If this way works, it's not quite ideal, but it would certainly be
Good Enough.
/BP/
