ALTQ on GIF Interface - how much trouble to impliment?

J. Buck Caldwell freebsd at bitparts.org
Mon May 1 02:32:39 UTC 2006


I'm in desperate need to do some traffic prioritization using pf and 
ALTQ over a GIF tunnel. I asked this question some time ago on 
freebsd-stable, and was told to use tags - but either I'm doing it 
wrong, or it just doesn't work (probably, I'm doing it wrong). Either 
way, supporting ALTQ over GIF would be a far preferable solution.

Here's the problem. I have a corporate office with a 4.5mb/sec 
connection, and several branches with 3m-down/768k-up cable connections. 
Each endpoint has a FreeBSD 5.4 or 6.x (migrating all to 6.x) box 
providing NAT, DNS, DHCP etc - and connecting to the other endpoints via 
GIF tunnels, encrypted point-to-point with IPSec. While prioritizing the 
actual tunnel traffic (via "pass out quick on $ext_if queue(gif_out, 
pri_out) proto { ipencap, esp } all keep state") does actually send the 
GIF/IPSEC traffic out at a higher priority, what I need to do is to 
actually prioritize the traffic inside the tunnel.

For example - the tunnel carries between the branches and the corporate 
office, such as Lotus Notes, telnet/ssh sessions, and database queries. 
What I need to do is prioritize the traffic so that, say, Notes traffic 
goes out before Web traffic, but the database traffic is highest 
priority (just under empty ACKs and such).

Currently, ALTQ support is not available in the GIF interface driver. 
How difficult would it be to implement? I've done a little reading of 
the man pages and source code, and while I am a decent Windows 
programmer (C, not visual basic, get that look off your face), I've 
never done any coding for FreeBSD, and wouldn't know quite where to start.

If this is something that can be done relatively easily, I would be 
willing to test, and possibly to help code, but I'll need pointers. 
Otherwise, I'd love to get some help on figuring out how tagging works 
so I can get it operating correctly.



More information about the freebsd-net mailing list