Hello list,
I have a question regarding altq priorities. I have the following
pf.conf (shown below), and somehow i don;t feel it prioritizes
the traffic. Is there some mistake in it ?
------- PF.CONF -------
ext_if = "fxp1"
int_if = "fxp0"
int_net = "172.16.0.0/16"
set limit {states 10000, frags 2000}
set loginterface $int_if
set loginterface $ext_if
set optimization aggressive
set timeout {tcp.closing 300, other.first 100}
scrub in all
altq on $ext_if priq bandwidth 100Mb queue { std_out, ext_out, icmp_out, tcp_ack_out}
queue std_out priq(default)
queue icmp_out priority 6 priq(red)
queue ext_out priority 5
queue tcp_ack_out priority 7
altq on $int_if cbq bandwidth 4Mb queue { std_in, http_in }
queue std_in cbq(default)
queue http_in bandwidth 3Mb cbq(borrow)
pass in on $int_if proto tcp from any to any port www \
flags S/SA keep state queue http_in
pass out quick on $ext_if proto tcp from 172.17.0.0/16 to 172.16.0.0/16 queue std_out
pass in quick on $ext_if proto tcp from 172.16.0.0/16 to 172.17.0.0/16 queue std_out
pass out on $ext_if proto tcp from $int_net to any flags S/SA keep state queue (
std_out, tcp_ack_out)
pass in on $ext_if proto tcp from any to $int_net flags S/SA keep
state queue (std_out, tcp_ack_out)
pass out on $ext_if inet proto udp from $int_net to any keep state
pass out on $ext_if proto udp from $int_net to any port 53 queue http_in
pass out on $ext_if proto icmp from $int_net to any keep state queue icmp_out
pass in on $int_if from $int_net
block out on $int_if all
pass out on $int_if from any to $int_net
pass out on $int_if proto tcp from any port { 80, 443 } to any keep state queue http_in
pass out on $int_if proto { tcp, udp } from any to $int_net queue std_in
----------- PF.CONF ----------------
--
Best regards,
Angel
