Re: Question regarding queueing in pf.conf(5) and WireGuard

y question is, which interface is > appropriate to choose for queueing? pppoe0, em0, or wg0? I'd think wg0, > as I'm unsure how pf(4) would classify traffic otherwise. However, I'm > not confident in that conclusion, so I decided to ask. > > If additional details are needed, I'm happy to provide them. > > -- > https://amissing.link >

Question regarding queueing in pf.conf(5) and WireGuard

default I want to employ this rule. My question is, which interface is appropriate to choose for queueing? pppoe0, em0, or wg0? I'd think wg0, as I'm unsure how pf(4) would classify traffic otherwise. However, I'm not confident in that conclusion, so I decided to ask. If additional deta

rdomains and queueing

-> 150 and 70 to 40 Mbit. the is no queue setting at the pf rules , just the defined queues. both traffic jumps by pf from one rdomain , root XBL DMZ , to the internet rdomains. i try also to use my "gateway" interfaces vetherX , but this works not with the queueing. without queuing , d

Re: pfstat and queueing

On 2018-02-16, Predrag Punosevac wrote: > Stuart Henderson wrote: > >> It can already be monitored to some extent, base snmpd does already >> support a number of things in OPENBSD-PF-MIB, but not queues yet. > > Any chance that you share with us how you plot the data you recover with > snmpwalk fr

Re: pfstat and queueing

Stuart Henderson wrote: > It can already be monitored to some extent, base snmpd does already > support a number of things in OPENBSD-PF-MIB, but not queues yet. Any chance that you share with us how you plot the data you recover with snmpwalk from those MIBs. I would be most interested in LibreN

Re: pfstat and queueing

On 2018-02-15, Kaya Saman wrote: > > > On 02/15/2018 01:34 PM, Stuart Henderson wrote: >> On 2018/02/15 13:27, Kaya Saman wrote: >>> >>> On 02/15/2018 12:13 PM, Stuart Henderson wrote: >>>> On 2018-02-15, Kaya Saman wrote: >>>>> does

Re: pfstat and queueing

On 02/15/2018 01:34 PM, Stuart Henderson wrote: On 2018/02/15 13:27, Kaya Saman wrote: On 02/15/2018 12:13 PM, Stuart Henderson wrote: On 2018-02-15, Kaya Saman wrote: does queueing still function with pfstat? As far as I'm aware it still uses the old altq method which has long

Re: pfstat and queueing

On 2018/02/15 13:27, Kaya Saman wrote: > > > On 02/15/2018 12:13 PM, Stuart Henderson wrote: > > On 2018-02-15, Kaya Saman wrote: > > > does queueing still function with pfstat? As far as I'm aware it still > > > uses the old altq method which has long been

Re: pfstat and queueing

On 02/15/2018 12:13 PM, Stuart Henderson wrote: On 2018-02-15, Kaya Saman wrote: does queueing still function with pfstat? As far as I'm aware it still uses the old altq method which has long been abandoned. you're correct, pfstat hasn't been updated to follow changes in PF

Re: pfstat and queueing

On 2018-02-15, Kaya Saman wrote: > > does queueing still function with pfstat? As far as I'm aware it still > uses the old altq method which has long been abandoned. you're correct, pfstat hasn't been updated to follow changes in PF for a long time. the only change in pf

pfstat and queueing

Hi, does queueing still function with pfstat? As far as I'm aware it still uses the old altq method which has long been abandoned. It would be great if pfstat would graph queues again but the config example in: /usr/local/share/examples/pfstat/pfstat.conf still has the old altq

pf queueing syntax question

Hi, I'm (re)trying out queuing possibilities in 6.2. I am trying out different possibilities, mixing queue with prio. I have accidentally put two different lines in my pf.conf: match proto tcp to any port domain set prio 6 set queue dns match proto udp to any port domain set queue dns pri

Re: Using queueing on asynchronous interface

On 07/27/2017 05:30 PM, Stuart Henderson wrote: On 2017-07-26, Kaya Saman wrote: [snip] I'm finding that I don't really need much in the way of "downstream" queueing though. It might be needed in special cases but using mikeb's shiny new fq-codel code in -

Re: Using queueing on asynchronous interface

On 2017-07-26, Kaya Saman wrote: > > [snip] >> I'm finding that I don't really need much in the way of "downstream" >> queueing though. It might be needed in special cases but using mikeb's >> shiny new fq-codel code in -current, one single queue d

Re: Using queueing on asynchronous interface

[snip] I'm finding that I don't really need much in the way of "downstream" queueing though. It might be needed in special cases but using mikeb's shiny new fq-codel code in -current, one single queue definition on the upstream interface is keeping traffic flowing nicel

Re: Using queueing on asynchronous interface

traffic in both directions. So you just want "somequeue", not "somequeue_in" and "somequeue_out", and get rid of the received-on. I have revised my queueing statements as you suggested and will definitely look further into adjusting them via your input. I created a

Re: Using queueing on asynchronous interface

terfaces Generally I prefer simple failover for trunk, then this would be easy (a separate queue on each physical interface - the interfaces don't need to interact with each other, only one is used at a time). If you must have load-balancing you could play with queueing on the trunk interfa

Using queueing on asynchronous interface

Hi, I'm trying to setup packet queueing on a WAN interface with 80Mb/s downstream bandwidth and 20Mb/s upstream bandwidth. The first point of call of course is the PF manual: https://man.openbsd.org/pf.conf.5 Then had a look to see what others had issues with and solutions sugg

Re: PF queueing confusion

Il 11/05/2017 01:42, Erling Westenvik ha scritto: > Check out pfctl(8) and the -F option. The issue might be resolvable > simply by flushing one or more of the filter parameters you'll find > there. I had always assumed that loading a new ruleset with pfctl -f also implied "-F all". This explain

Re: PF queueing confusion

On Thu, May 11, 2017 at 12:09:26AM +0200, Gabriele Tozzi wrote: > > Looks like I've solved by only renaming the queues. > > Instead of naming them "high", "normal" and "low", I have now named them > "exthi", "extstd" and "extlo" and then everything seems to work as expended. > > Maybe "high" is a (

Re: PF queueing confusion

Looks like I've solved by only renaming the queues. Instead of naming them "high", "normal" and "low", I have now named them "exthi", "extstd" and "extlo" and then everything seems to work as expended. Maybe "high" is a (maybe undocumented) reserved queue name?

Re: PF queueing confusion

I will look for it. I have also checked "pfctl -s rules | grep high" and it returns no data. To the best of my knowledge, this confirms that there is no pf rule explicitly sending packets to the "high" queue... but lots of packets are queued there anyway, so I am supposing ther

Re: PF queueing confusion

but perhaps someone else would be able to see something that you didn't, hence the requirement to share the file. -luis On Wed, May 10, 2017 at 12:50 PM, Gabriele Tozzi wrote: > > Il 10/05/2017 14:45, Daniel Melameth ha scritto: > >> queue ext on $Ext bandwidth 900K > >> queue normal parent e

Re: PF queueing confusion

Il 10/05/2017 14:45, Daniel Melameth ha scritto: >> queue ext on $Ext bandwidth 900K >> queue normal parent ext bandwidth 386K, max 850K qlimit 10 default >> queue high parent ext bandwidth 193K qlimit 10 >> queue low parent ext bandwidth 193K, max 540Kb qlimit 10 > > You'll have to post your p

Re: PF queueing confusion

On Wed, May 10, 2017 at 4:47 AM, Gabriele Tozzi wrote: > I have a quite simple pf setup: I have defined 3 queues for my external > interface in my pf.conf: > > queue ext on $Ext bandwidth 900K > queue normal parent ext bandwidth 386K, max 850K qlimit 10 default > queue high parent ext bandwidth

PF queueing confusion

Hello there, I have noticed some weirdness when using "pfctl -s queue -v" so I have decided to investigate. I have a quite simple pf setup: I have defined 3 queues for my external interface in my pf.conf: queue ext on $Ext bandwidth 900K queue normal parent ext bandwidth 386K, max 850K qlimit 1

b suffix for queueing in pf.conf(5)

pf.conf(5) states: "All bandwidth values must be specified as an absolute value. The suffixes K, M, and G are used to represent bits, kilobits, megabits, and gigabits per second, respectively." I guess that either should b be prepended to the list of suffixes even though it isn't mandatory, or th

Re: help with pf queueing in ipsec over gre

On Fri, 2 Dec 2016 12:14:56 + (UTC) Stuart Henderson wrote: > On 2016-11-25, Marko Cupać wrote: > > Hi, > > > > I'd like to do limit bandwidth on gre tunnel protected with ipsec in > > transport mode. > I haven't tried this exact scenario. But I understand the general way > things work and

Re: help with pf queueing in ipsec over gre

On 2016-11-25, Marko Cupać wrote: > Hi, > > I'd like to do limit bandwidth on gre tunnel protected with ipsec in > transport mode. > > I've set single default queue on gre interface, matched everything > that goes out to that queue, and finally passed everything out that > interface: > > # SNIP >

help with pf queueing in ipsec over gre

Hi, I'd like to do limit bandwidth on gre tunnel protected with ipsec in transport mode. I've set single default queue on gre interface, matched everything that goes out to that queue, and finally passed everything out that interface: # SNIP queue mother on gre204 bandwidth 25M min 25M max 25M

Re: how to submit bug report regarding pf queueing?

On 2016-03-09, Mihai Popescu wrote: >> - >> queue download on $if_int bandwidth 10M max 10M >> queue ssh parent download bandwidth 1M >> queue web parent download bandwidth 8M >> queue bulk parent download bandwidth 1M default >> >> match to port sshset queue ssh >> match from port

Re: how to submit bug report regarding pf queueing?

On Wed, 9 Mar 2016 12:58:39 -0500 Christopher Sean Hilton wrote: > I've also been trying to get help with queuing. Perhaps we can help > each other out. > > I'm using queuing to alleviate bufferbloat and make my son's gaming > performance better. I'm on an asymetric cablemodem connection here in

Re: how to submit bug report regarding pf queueing?

On Wed, 9 Mar 2016 21:28:10 +0200 Mihai Popescu wrote: > > - > > queue download on $if_int bandwidth 10M max 10M > > queue ssh parent download bandwidth 1M > > queue web parent download bandwidth 8M > > queue bulk parent download bandwidth 1M default > > > > match to port sshset q

Re: how to submit bug report regarding pf queueing?

On Thu, 10 Mar 2016 13:28:11 +1100 Darren Tucker wrote: > On Thu, Mar 10, 2016 at 1:38 AM, Marko Cupać > wrote: [...] > > queue download on $if_int bandwidth 10M max 10M > > What's $if_int set to? > > I played with queueing recently and initially used inter

Re: how to submit bug report regarding pf queueing?

On Thu, Mar 10, 2016 at 1:38 AM, Marko Cupać wrote: [...] > queue download on $if_int bandwidth 10M max 10M What's $if_int set to? I played with queueing recently and initially used interface group names instead of interface names ("queue foo on egress ...") since that&#x

Re: how to submit bug report regarding pf queueing?

On Wed, Mar 09, 2016 at 02:45:36PM -0700, Daniel Melameth wrote: > On Wed, Mar 9, 2016 at 10:58 AM, Christopher Sean Hilton > wrote: > > I'm using queuing to alleviate bufferbloat and make my son's gaming > > performance better. I'm on an asymetric cablemodem connection here in > > the U.S. My dow

Re: how to submit bug report regarding pf queueing?

On Wed, Mar 9, 2016 at 10:58 AM, Christopher Sean Hilton wrote: > I'm using queuing to alleviate bufferbloat and make my son's gaming > performance better. I'm on an asymetric cablemodem connection here in > the U.S. My download is 100M and my upload is 40M. I use a queue > definition similar to t

Re: how to submit bug report regarding pf queueing?

> - > queue download on $if_int bandwidth 10M max 10M > queue ssh parent download bandwidth 1M > queue web parent download bandwidth 8M > queue bulk parent download bandwidth 1M default > > match to port sshset queue ssh > match from port sshset queue ssh > match to port {

Re: how to submit bug report regarding pf queueing?

On Wed, Mar 09, 2016 at 03:38:30PM +0100, Marko Cupać wrote: > Hi, > [... snip ...] I've also been trying to get help with queuing. Perhaps we can help each other out. I'm using queuing to alleviate bufferbloat and make my son's gaming performance better. I'm on an asymetric cablemodem connecti

Re: how to submit bug report regarding pf queueing?

On Wed, Mar 09, 2016 at 03:38:30PM +0100, Marko Cupać wrote: > Hi, > [ ...snip... ] > So, what exactly do I need to do to submit bug report? Any outputs of > any commands? Logs? I understand developers won't take my word for it, > but I simply don't know how to prove it, except watching output of

how to submit bug report regarding pf queueing?

Hi, Over last few months, in a few separate threads here on misc@, I have been trying to call attention to the fact that pf queueing mechanism does not shape traffic as it should, at least on my APU box. It took me some time to test hundreds of possible configurations on 5.8, both amd64 and i386

Re: Gif tunnel / pf / queueing

On Wed, Mar 02, 2016 at 10:46:08PM +1000, David Gwynne wrote: > > On 2 Mar 2016, at 1:51 AM, Christopher Sean Hilton > > wrote: > > > > I would like to apply queueing to packets traversing a gif tunnel. I'd > > like to know what works better, Tagging outbou

Re: Gif tunnel / pf / queueing

> On 2 Mar 2016, at 1:51 AM, Christopher Sean Hilton wrote: > > I would like to apply queueing to packets traversing a gif tunnel. I'd > like to know what works better, Tagging outbound packets on the gif > interface and applying them to queues by tag when they leave on the

Gif tunnel / pf / queueing

I would like to apply queueing to packets traversing a gif tunnel. I'd like to know what works better, Tagging outbound packets on the gif interface and applying them to queues by tag when they leave on the external interface? Or assigning packets to the queues directly when they are on th

Bidirectional queueing / virtual root queue on download

Prior threads explain how to set up bidirectional queueing, e.g.: http://marc.info/?t=12947296581&r=1&w=2 http://marc.info/?t=13534516473&r=1&w=2 However, recommendations would be appreciated on the best approach to shape/control download traffic on an OpenBSD 5.8

Re: PF: can't make queueing and priority work as expected

bin/cvsweb/~checkout~/www/faq/pf/index.html?&content-type=text/html] Line 63 [http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/www/faq/pf/queueing.html?&content-type=text/html] WARNING: This document is currently out-of-date and refers to a queueing method that will be removed in OpenBS

Re: PF: can't make queueing and priority work as expected

On Fri, 15 Jan 2016 21:57:15 +1000 David Gwynne wrote: > the other thing to note is that loading a ruleset resets the > assignment of existing states to queues. > > states are assigned to queues via rules, but if the rules go away > (which is what happens when you load a new ruleset) the intermed

Re: PF: can't make queueing and priority work as expected

> On 15 Jan 2016, at 9:07 PM, Craig Skinner wrote: > > On 2016-01-15 Fri 12:53 PM |, David Gwynne wrote: >>> On 13 Jan 2016, at 19:19, Marko Cupa?? wrote: >>> >>> Have we come to conclusion that currently prio makes no sense at all? >> >> it wont have the effect you want. that doesn't mean it doe

Re: PF: can't make queueing and priority work as expected

On 2016-01-15 Fri 12:53 PM |, David Gwynne wrote: > > On 13 Jan 2016, at 19:19, Marko Cupa?? wrote: > > > > Have we come to conclusion that currently prio makes no sense at all? > > it wont have the effect you want. that doesn't mean it doesn't make sense > somewhere else. > Such as an ADSL PPP

Re: PF: can't make queueing and priority work as expected

gt; your hardware is slower at transmitting packets than the thing that >>> generates these packets to send. >>>> >>>> in your case you're probably getting packets from a relatively >>>> slow internet >>> connection and transmitting them on a

Re: PF: can't make queueing and priority work as expected

> Ok, let's start insult each other. No insult intended from my side and no one commited. > I've setup my first PF on OpenBSD in 2006. As Master Fu said once, if you can't setup it by yourself, maybe you should not use it. > Stuck your advice up your ass and fuck off. I'm curious who will dear

Re: PF: can't make queueing and priority work as expected

> I'm writing this so I don't get another set of mails which warn me I > can't shape inbound, but need to shape outbound traffic. Hello Marko, Don't you think you are out of subject with this thread already? Now, seriously, do you expect someone to teach you queues online? Maybe the PF implement

Re: PF: can't make queueing and priority work as expected

On Wed, 13 Jan 2016 16:36:23 +0200 Mihai Popescu wrote: > > I'm writing this so I don't get another set of mails which warn me I > > can't shape inbound, but need to shape outbound traffic. > > Hello Marko, > > Don't you think you are out of subject with this thread already? > Now, seriously, do

Re: PF: can't make queueing and priority work as expected

On Wed, 13 Jan 2016 10:19:22 +0100 Marko Cupać wrote: > Can I hope that saying 'currently' means this is not the intended > design? Or should I come to peace with the fact that with OpenBSD and > PF I can forget about shaping inbound TCP traffic in a way that > child queues can expand to max lin

Re: PF: can't make queueing and priority work as expected

cklog of packets that priq can > > > come into > > effect. the only way you can build up a backlog of packets is if > > your hardware is slower at transmitting packets than the thing that > > generates these packets to send. > > > > > > in your case you&#x

Re: PF: can't make queueing and priority work as expected

re probably getting packets from a relatively slow internet > connection and transmitting them on a high speed local network. the transmit > hardware is almost certainly going to be faster than your source of packets, > so you'll never build up a queue of backlogged packets, so prio is effec

Re: PF: can't make queueing and priority work as expected

erates these packets to send. > > in your case you're probably getting packets from a relatively slow internet connection and transmitting them on a high speed local network. the transmit hardware is almost certainly going to be faster than your source of packets, so you'll never buil

Re: PF: can't make queueing and priority work as expected

Besides what you explained now, I don't have the knowledge of underlying queueing mechanisms of PF. But from what you said, it seems logical that it should be possible to build up a queue of backlogged packets not only by hitting physical limit of the hardware, but also by setting logical limit. Ot

Re: PF: can't make queueing and priority work as expected

> On 11 Jan 2016, at 22:43, Daniel Melameth wrote: > > On Sun, Jan 10, 2016 at 7:58 AM, Marko Cupać wrote: >> On Sat, 9 Jan 2016 11:11:27 -0700 >> Daniel Melameth wrote: >>> You NEED to set a max on your ROOT queues. >> I came to this conclusion as well. But not only on root queues. For >> examp

Re: PF: can't make queueing and priority work as expected

aps I'm misunderstanding how prio > works. I would expect this as well, and I've been able to get it to work on old ALTQ queueing system but not on current queueing system. Either I'm misunderstanding how prio works as well, or we are coming to the point where multiple users

Re: PF: can't make queueing and priority work as expected

On Sun, Jan 10, 2016 at 7:58 AM, Marko Cupać wrote: > On Sat, 9 Jan 2016 11:11:27 -0700 > Daniel Melameth wrote: >> You NEED to set a max on your ROOT queues. > I came to this conclusion as well. But not only on root queues. For > example, when max is set on root queue but only bandwidth on child

Re: PF: can't make queueing and priority work as expected

On Sat, 9 Jan 2016 11:11:27 -0700 Daniel Melameth wrote: > You NEED to set a max on your ROOT queues. I came to this conclusion as well. But not only on root queues. For example, when max is set on root queue but only bandwidth on child queues, no shaping takes place: queue upload on $if_ext

Re: PF: can't make queueing and priority work as expected

On Fri, Jan 8, 2016 at 6:35 PM, Marko Cupać wrote: > On Fri, 8 Jan 2016 11:13:08 -0500 > sven falempin wrote: > > > You will need to forward the all rule set i think, maybe the set prio > > 0 is erased by a further rules, try to pass in quick those p2p > > traffic before maybe ? > > I had the l

Re: PF: can't make queueing and priority work as expected

led down and http(s) should be given all the available > bandwidth. > > The problem is that p2p does not get throttled down when http(s) is on > wire. I spent days re-reading QUEUEING section of pf.conf and > chapter #7 of 3rd edition of "Book of PF" but I still couldn

Re: PF: can't make queueing and priority work as expected

-- Before queue - p2p high priority, http(s) low priority, no bad self image on the misc@. After queue - p2p high priority, http(s) low priority, bad self image on the misc@. Where is the enlightment gone?

Re: PF: can't make queueing and priority work as expected

> Situation is still the same: torrents being downloaded at full speed > (~8Mbit/s), simultaneous download of install59.fs from ftp.openbsd.org > averages at ~6Kbit/s. I'm not a PF consultant, but be aware that p2p can be a real beast to setup. I was asked by someone to handle a double NAT situati

Re: PF: can't make queueing and priority work as expected

tware capabilities. New queueing mechanism might be cool from developer's point of view, but if people who actually configure production firewalls need 50 hours not to accomplish the same goal which they used to accomplish in 20 minutes, I'm sure they would go for uncool queueing mechan

Re: PF: can't make queueing and priority work as expected

On Fri, 8 Jan 2016 11:13:08 -0500 sven falempin wrote: > You will need to forward the all rule set i think, maybe the set prio > 0 is erased by a further rules, try to pass in quick those p2p > traffic before maybe ? I had the luxury of ditching the complete ruleset for very simple one: ---pf.c

Re: PF: can't make queueing and priority work as expected

On 8 януари 2016 г. 17:51:21 Marko Cupać wrote: I am completely confused. It seems that everything I've known about queueing in PF does not apply any more, while at the same time there are no reliable sources to learn new stuff. Let's follow this paragraph from 'Book of

Re: PF: can't make queueing and priority work as expected

I am completely confused. It seems that everything I've known about queueing in PF does not apply any more, while at the same time there are no reliable sources to learn new stuff. Let's follow this paragraph from 'Book of PF': ---quote--- Shaping by Setting Traffic Priorit

Re: PF: can't make queueing and priority work as expected

On Fri, Jan 8, 2016 at 12:44 PM, Marko Cupać wrote: > Should I conclude my goal of throttling smaller priority traffic to > minimum when higher priority traffic arrives can't be achieved with > current PF? If I haven't gone senile, I did this successfully on dozens > of firewalls back in altq/HFS

Re: PF: can't make queueing and priority work as expected

On Thu, 7 Jan 2016 22:41:47 + (UTC) Stuart Henderson wrote: > On 2016-01-07, Marko Cupać wrote: > > # QUEUES > > queue upload on $if_ext bandwidth 860K > >queue ack parent upload qlimit 50 bandwidth 10K > >queue fast parent upload qlimit 50 bandwidth 20K

Re: PF: can't make queueing and priority work as expected

On 2016-01-07, Marko Cupać wrote: > # QUEUES > queue upload on $if_ext bandwidth 860K >queue ack parent upload qlimit 50 bandwidth 10K >queue fast parent upload qlimit 50 bandwidth 20K >queue bulk parent upload qlimit 50 bandwidth 800K default >queu

Re: PF: can't make queueing and priority work as expected

hould be throttled down and http(s) should be given all the available > bandwidth. > > The problem is that p2p does not get throttled down when http(s) is on > wire. I spent days re-reading QUEUEING section of pf.conf and > chapter #7 of 3rd edition of "Book of PF" but I

Re: queueing example on pf.conf man page

Am Mittwoch, den 04.11.2015, 10:09 +0800 schrieb Glenn Faustino: > I notice that under queueing section of the pf.conf man page the total > child queues bandwidth exceed what's defined in the parent. Oops, now I found the /other/ example #| > Can the bandwidth on the child queues

Re: queueing example on pf.conf man page

Am Mittwoch, den 04.11.2015, 13:37 +1100 schrieb Jason Tubnor: > While pf(4) will let you define and load queues that exceed the parent > (top > level) queue, when you start to load up your queues, you'll get > congestion > defeating the purpose of queuing.  To what point, depends on your > enviro

Re: queueing example on pf.conf man page

On 4 November 2015 at 13:09, Glenn Faustino wrote: > I notice that under queueing section of the pf.conf man page the total > child queues bandwidth exceed what's defined in the parent. rootq was > defined with 100M bandwidth and the child queues defined http 60M, mail > 10M

queueing example on pf.conf man page

Hi, I notice that under queueing section of the pf.conf man page the total child queues bandwidth exceed what's defined in the parent. rootq was defined with 100M bandwidth and the child queues defined http 60M, mail 10M, ssh 20M and std 20M. Can the bandwidth on the child queues exceed w

Re: Queueing examples on pf.conf man page

On Mon, Sep 22, 2014 at 03:27:50PM +0200, Henning Brauer wrote: > * Zé Loff [2014-09-22 14:57]: > > Apologies in advance for reposting this, but I was afraid my original > > message would get overlooked left inside its original (and slightly > > unrelated) thread ("pf queue max bug"). > > > > pf.

Re: Queueing examples on pf.conf man page

* Zé Loff [2014-09-22 14:57]: > Apologies in advance for reposting this, but I was afraid my original > message would get overlooked left inside its original (and slightly > unrelated) thread ("pf queue max bug"). > > pf.conf's man page shows some minor inconsistencies on the definition of > queu

Queueing examples on pf.conf man page

Apologies in advance for reposting this, but I was afraid my original message would get overlooked left inside its original (and slightly unrelated) thread ("pf queue max bug"). pf.conf's man page shows some minor inconsistencies on the definition of queues. In some cases the queue parameters appe

Re: New queueing system and HZ value limits

Henning Brauer [hb-open...@ml.bsws.de] wrote: > > Any idea why this was so much less of a problem with altq? > > it wasn't... the hfsc core was the same, and cbq worked exactly the same > way too. > > People might not have paid as much attention? I dunno. > Raising HZ was frowned upon when I po

Re: New queueing system and HZ value limits

On 2014-08-22, Henning Brauer wrote: > * Stuart Henderson [2014-08-22 13:51]: >> On 2014-08-22, Henning Brauer wrote: >> > * Federico Giannici [2014-08-22 09:51]: >> >> On 08/22/14 08:22, Henning Brauer wrote: >> >> >* Adam Thompson [2014-08-21 19:13]: >> >> >>Unless I've mis-understood all th

Re: New queueing system and HZ value limits

On 22-08-2014 08:58, Henning Brauer wrote: > it wasn't... the hfsc core was the same, and cbq worked exactly the same > way too. > > People might not have paid as much attention? I dunno. I believe it also has something to do with the network cards getting better and also the internet links speeds

Re: New queueing system and HZ value limits

* Stuart Henderson [2014-08-22 13:51]: > On 2014-08-22, Henning Brauer wrote: > > * Federico Giannici [2014-08-22 09:51]: > >> On 08/22/14 08:22, Henning Brauer wrote: > >> >* Adam Thompson [2014-08-21 19:13]: > >> >>Unless I've mis-understood all the emails and reports about this, it > >> >>a

Re: New queueing system and HZ value limits

On 2014-08-22, Henning Brauer wrote: > * Federico Giannici [2014-08-22 09:51]: >> On 08/22/14 08:22, Henning Brauer wrote: >> >* Adam Thompson [2014-08-21 19:13]: >> >>Unless I've mis-understood all the emails and reports about this, it >> >>affects low-bandwidth queues, not low-bandwidth inter

Re: New queueing system and HZ value limits

On Fri, Aug 22, 2014 at 10:05 AM, Henning Brauer wrote: > * Federico Giannici [2014-08-22 09:51]: >> On 08/22/14 08:22, Henning Brauer wrote: >> >* Adam Thompson [2014-08-21 19:13]: >> >>Unless I've mis-understood all the emails and reports about this, it >> >>affects low-bandwidth queues, not

Re: New queueing system and HZ value limits

* Federico Giannici [2014-08-22 09:51]: > On 08/22/14 08:22, Henning Brauer wrote: > >* Adam Thompson [2014-08-21 19:13]: > >>Unless I've mis-understood all the emails and reports about this, it > >>affects low-bandwidth queues, not low-bandwidth interfaces. > >>In other words, limiting traffic

Re: New queueing system and HZ value limits

On 08/22/14 08:22, Henning Brauer wrote: * Adam Thompson [2014-08-21 19:13]: Unless I've mis-understood all the emails and reports about this, it affects low-bandwidth queues, not low-bandwidth interfaces. In other words, limiting traffic to 50Mbps on a 1Gb link will work fine, limiting it to

Re: New queueing system and HZ value limits

* Adam Thompson [2014-08-21 19:13]: > Unless I've mis-understood all the emails and reports about this, it affects > low-bandwidth queues, not low-bandwidth interfaces. > In other words, limiting traffic to 50Mbps on a 1Gb link will work fine, > limiting it to 50kbps on the same link will not. >

Re: New queueing system and HZ value limits

On 2014-08-21, Federico Giannici wrote: > On 08/21/14 19:03, Stuart Henderson wrote: >> On 2014-08-21, Federico Giannici wrote: >>> We are using a firewall/qos server with a lot of HFSC queues. >>> We have just switched to the new queueing system of 5.5. >>

Re: New queueing system and HZ value limits

On 08/21/14 19:03, Stuart Henderson wrote: On 2014-08-21, Federico Giannici wrote: We are using a firewall/qos server with a lot of HFSC queues. We have just switched to the new queueing system of 5.5. We'd like to get rid of custom kernels because now there is no longer the limit of 64

Re: New queueing system and HZ value limits

03:12 PM CDT, Stuart Henderson wrote: >On 2014-08-21, Federico Giannici wrote: >> We are using a firewall/qos server with a lot of HFSC queues. >> We have just switched to the new queueing system of 5.5. >> We'd like to get rid of custom kernels because now there is no l

Re: New queueing system and HZ value limits

On 2014-08-21, Federico Giannici wrote: > We are using a firewall/qos server with a lot of HFSC queues. > We have just switched to the new queueing system of 5.5. > We'd like to get rid of custom kernels because now there is no longer > the limit of 64 HFSC classes, but I have r

New queueing system and HZ value limits

We are using a firewall/qos server with a lot of HFSC queues. We have just switched to the new queueing system of 5.5. We'd like to get rid of custom kernels because now there is no longer the limit of 64 HFSC classes, but I have recently read that there are still limits to the efficacy o

Re: pftop and systat with new queueing

P/S and B/S values. pftop does not show queues at all. >> >> Was nice to see those values in real time. Are they gone for good, or >> developers need some time to adjust them for new queueing mechanism? > > I believe this has been resolved in > http://www.openbsd.org/cgi-

Re: pftop and systat with new queueing

On Tue, 6 May 2014 13:09:25 -0600 Daniel Melameth wrote: > I believe this has been resolved in > http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/systat/pftop.c.diff?r1=1.24;r2=1.25, > but I have not yet confirmed. I have also noticed that output of 'systat queues' shows much larger number of P

Re: pftop and systat with new queueing

ce to see those values in real time. Are they gone for good, or > developers need some time to adjust them for new queueing mechanism? I believe this has been resolved in http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/systat/pftop.c.diff?r1=1.24;r2=1.25, but I have not yet confirmed.

Re: pftop and systat with new queueing

* Marko Cupać [2014-05-06 17:55]: > Was nice to see those values in real time. Are they gone for good, or > developers need some time to adjust them for new queueing mechanism? that's what it comes down to. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services

Re: queueing question

Hi, One thing worth mentioning.. Queuing only works on 'Egress', not ingress. So if you want to queue downstream traffic from the Internet, you need to queue it as it egresses the internal interfaces. If you have a LAN and a DMZ however and you queue on each interface you will have to slice

  1   2   3   >