pf+altq for bandwidth management

[Lan Tran]

----- Original Message ----- 
From: "Jeremy Tregunna" <info at plot.uz>
To: "Lan Tran" <llt at recol.com>
Cc: <freebsd-isp at freebsd.org>
Sent: Wednesday, May 16, 2007 1:21 PM
Subject: Re: pf+altq for bandwidth management


> On 16-May-07, at 11:33 AM, Lan Tran wrote:
>
>> Hello,
>>
>> Is pf and altq a right combo for bandwidth limiting?  What I'm  trying to 
>> do is limit each IP or block of IPs to predefined  bandwidth.  I'm not 
>> doing traffic shaping, just wanting to prevent  servers from hogging all 
>> the bandwidth.
>>
>> My setup is as follow:
>> LAN {test server} -> xl1 {FreeBSD} xl0 -> router -> net
>> xl0 and xl1 are functioning as a bridge.  kernel has pf and altq 
>> compiled.
>>
>> pf.conf:
>> ext_if = "xl0"
>> int_if = "xl1"
>> pc = "any"
>> set loginterface $ext_if
>>
>> # to net
>> altq on $ext_if cbq bandwidth 100Mb queue { std_ext, test_ext }
>> queue std_ext bandwidth 3Mb qlimit 1000 priority 5 cbq(default red  ecn)
>> queue test_ext bandwidth 2Mb priority 1 cbq(red ecn)
>>
>> pass out on $ext_if from $pc to any keep state queue test_ext
>> ---
>> The problem I'm having is that all outbound traffic from "test  server" 
>> always shows around 3Mb instead of 2Mb per queue test_ext  ruleset.  What 
>> am I missing?
>
> I've noticed the best precision for bandwidth limiting on cheap cards 
> like realtek's (provided of course, the particular rl(4) card you're 
> using is supported). Cards like fxp(4) and xl(4) I've not had great  luck 
> with getting them limited properly (always above or below the  target)).
>
> --
> Jeremy Tregunna
Jeremy,

Thanks for the input on types of card.  It seems the "default" cbq rule is 
getting hit instead of the expected ruleset.  If I change queue test_ext 
bandwidth 2Mb priority 1 cbq(red ecn) to queue test_ext bandwidth 2Mb 
priority 1 cbq(red ecn default), I get the rate I want.  But this causes 
every rule to be matched to 2Mb.  Any ideas?

LT