Recently I've been writing rules for small router (2 internal interfaces, 1
external, few services running). Originally I didn't thought about
subqueuing (cbq) inbound traffic - I've just set 1 queue for the whole
inbound (1 mbit) on internal interface, so it won't get stalled by other
traffic from int. net to the server itself. Essentially:
altq on $if_100 cbq bandwidth 100Mb queue { if100_extbulk, \
if100_misc, if100_ack, ... other queues }
queue if100_extbulk on $if_100 bandwidth 1Mb cbq
..
other [sub]queues
..
+ appropriate other pf rules/queues/etc.
But then I recalled the 2nd example from PF faq, that actually used
subqueues to shape traffic of inbound traffic. But ... they all had 'borrow'
option - does it even have a chance to work as intended this way ? Inbound
bandwidth is by default limited - wouldn't PF adjust to whatever it receives
in that stream, thanks to 'borrow' ? For instance, consider:
queue if100_extbulk on $if_100 bandwidth 1Mb cbq { if100_eb_1, if100_eb_2 }
queue if100_eb_1 on $if_100 bandwidth 50% cbq(borrow)
queue if100_eb_2 on $if_100 bandwidth 50% cbq(borrow)
Let's assume that the external interface receives some data, routed to
internal interface, where traffic that would go to eb_1 is 5%, but would be
more if not for eb_2. In this case, wouldn't PF simply adapt - eb_2 would
borrow from eb_1, because as far as PF is concerned, there's only as much
eb_1 as it's coming in that 1mbit bulk from ext. interface (and the parent
queue covers all of it) ?
If borrow was ommited, then I guess it should work, assuming transferring
party behaved and slowed down.
Am I thinking right ?
