Unknown Behavior of PF+ALTQ on a Bridge

Ermal Luçi eri at freebsd.org
Thu Jun 24 21:56:44 UTC 2010 

2010/6/24 Rafael Henrique Faria <rafaelhfaria at cenadigital.com.br>:
> Just to be more clean:
>
> My pf.conf:
> ----
> wan_if="bce0"
>
> set limit { states 100000, frags 20000 }
> set loginterface $wan_if
> set optimization normal
> set block-policy drop
> set fingerprints "/etc/pf.os"
> set skip on lo
>
> altq on $wan_if cbq bandwidth 100% queue { out_bal, out_std }
>   queue out_bal bandwidth 50% priority 0 cbq
>   queue out_std bandwidth 50% priority 0 cbq (default borrow)
>
> pass out on $wan_if queue (out_bal)
> ----
>
The problem is that this rule will not match any traffic that
initiated as incoming on $wan_if.

Try this instead:
 pass out all queue (out_bal)

It will do the magic.
>
> The "pfctl -vvs queue" show:
>
> ----
> queue root_bce0 on bce0 bandwidth 1Gb priority 0 cbq( wrr root )
> {out_bal, out_std}
>  [ pkts:      50117  bytes:   13947411  dropped pkts:      0 bytes:      0 ]
>  [ qlength:   0/ 50  borrows:      0  suspends:      0 ]
>  [ measured:  3869.4 packets/s, 8.31Mb/s ]
> queue  out_bal on bce0 bandwidth 500Mb priority 0
>  [ pkts:      33198  bytes:    7175985  dropped pkts:      0 bytes:      0 ]
>  [ qlength:   0/ 50  borrows:      0  suspends:      0 ]
>  [ measured:  2591.3 packets/s, 4.36Mb/s ]
> queue  out_std on bce0 bandwidth 500Mb priority 0 cbq( borrow default )
>  [ pkts:      16919  bytes:    6771426  dropped pkts:      0 bytes:      0 ]
>  [ qlength:   0/ 50  borrows:      0  suspends:      0 ]
>  [ measured:  1278.1 packets/s, 3.95Mb/s ]
> ----
>
> So, my question is: why the default queue is being used, If I have a
> rule to use the out_bal queue to all outgoing traffic on that
> interface?
>
> I need to redirect all the traffic from a subnet (/24) to one queue
> (incoming and outgoing traffic)... so what I can understand is that,
> this is not possible with PF+ALTQ. Am I wrong?
>
> --
> Rafael Henrique da Silva Faria
> Grupo de Sistemas e Redes
>
> Serviço Técnico de Informática
> Faculdade de Ciências e Letras do Campus de Araraquara - UNESP
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>



-- 
Ermal

More information about the freebsd-pf mailing list