Unknown Behavior of PF+ALTQ on a Bridge
Michal Buchtik
buchtajz at borsice.net
Thu Jun 24 21:00:07 UTC 2010
Hi,
On 2010/06/24 21:42, Rafael Henrique Faria wrote:
> So, my question is: why the default queue is being used, If I have a
> rule to use the out_bal queue to all outgoing traffic on that
> interface?
>
> I need to redirect all the traffic from a subnet (/24) to one queue
> (incoming and outgoing traffic)... so what I can understand is that,
> this is not possible with PF+ALTQ. Am I wrong?
>
>
I never try pf on bridge, but on router.
You must create queues on every interface (only outgoing packets are
queued) and pass rules on every interface too.
States created then directs packets to right queue.
Try something like:
pass in log quick on $lan_if from<sub1> to any tag SUB1_UP keep state queue ( down_sub1 )
pass out log quick on $wan_if tagged SUB1_UP keep state queue (up_sub1)
pass in log quick on $wan_if from any to<sub1> tag SUB1_DOWN keep state queue ( up_sub1 )
pass out log quick on $lan_if tagged SUB1_DOWN keep state queue ( down_sub1 )
or try "no state", but with performance decrease.
This is only working solution I found (on router).
More information about the freebsd-pf
mailing list