FreeBSD + MPD + PF + ALTQ

Bruno Afonso brunomiguel at dequim.ist.utl.pt
Sat Oct 22 17:54:34 PDT 2005 

Bill Marquette wrote:
>> Yes, I have now tried and verified that it works, but not as we would
>> like to in the sense of a meta interface, eg:
>>
>> altq on { tun0 tun1 tun2 } cbq bandwidth 1Mb queue { a b }
>>   queue a bandwidth 700Kb cbq(default)
>>   queue b bandwidth 300Kb
>>
>>
>> which turns itself into... (from pfctl -sq)
>>
>>
>> queue root_tun0 bandwidth 1Mb priority 0 cbq( wrr root ) {a, b}
>> queue  a bandwidth 700Kb cbq( default )
>> queue  b bandwidth 300Kb
>> queue root_tun1 bandwidth 1Mb priority 0 cbq( wrr root ) {a, b}
>> queue  a bandwidth 700Kb cbq( default )
>> queue  b bandwidth 300Kb
>> queue root_tun2 bandwidth 1Mb priority 0 cbq( wrr root ) {a, b}
>> queue  a bandwidth 700Kb cbq( default )
>> queue  b bandwidth 300Kb
>>
>>
>> What would I want with this? To create a queue that is shared by every
>> interface, so limiting globally every interface to a maximum of 1Mb each
>> and all of them to 1Mb each too, in a cqb borrowing shared way. For
>> examply, I'd like a to never exceed 700Kb taking into account every
>> interface. This makes perfect sense if I have a limited ammount of bw to
>> share among each client, which, in a real world, happens 99,9% of the
>> time because resources are limited.
>>
>> So, the syntax works, but it does achieve what I mentioned before, the
>> meta interface concept. The example you give is only useful for
>> simplifying rulesets, although it's more difficult for humans to understand.
> 
> 
> From what I understand, that binds queue 'a' to every interface.  The
> queue definition still limits the queue itself to 700Kb, but allows
> you to assign traffic to that queue on each interface that queue is
> bound to.  I can't find the email that I read that suggests it now
> (machine having recently been wiped and google not being terribly
> forthcoming with the answer).
> 
> Have you verified this not working with real traffic, or just the
> pfctl -sq output?  At this time I don't have a multi-interface box at
> my disposal, so I can't easily test this.

The machine I'm taking care of ( thousands of miles away) not always has 
traffic so it's difficult for me to test this :( Before answering you I 
googled for it too and couldn't find it. Since this isn't documented, I 
am really skeptic but hoping to be proven wrong :)

best


> 
> --Bill

-- 
Bruno Afonso, Biological Engineer
Dana-Farber Cancer Institute
1 Jimmy Fund Way
Smith Building
Boston, MA 02115
phone: (617)-632-5105
GABBA Graduate Student (http://gabba.up.pt)
Homepage @ http://brunoafonso.net/

More information about the freebsd-pf mailing list