Date: Thu, 24 Nov 2011 20:05:13 +0200 From: =?WINDOWS-1251?B?wujy4Ovo6SDC6+Dk6Ozo8O7i6Pc=?= <artemrts@ukr.net> To: "freebsd-pf@FreeBSD.org" <freebsd-pf@freebsd.org> Subject: HFSC ALTQ for prioritization LAN and router traffic Message-ID: <35025.1322157913.1199695190218178560@ffe6.ukr.net>
next in thread | raw e-mail | index | archive | help
Hi!
I have FreeBSD9 router with ADSL connections and with 5Mb/s download speeed and only 850 Kb/s upload.
I am attempting prioritization outgoing traffic coming from LAN (bulk and TCP ACK) and traffic coming from the router, because I have some services running on the server for remote clients.
mst="modulate state"
ext_if="em0"
int_if1="em1"
table <lan> persist {192.168.10/24}
set skip on {lo}
set ruleset-optimization basic
set state-policy if-bound
set require-order yes
scrub on $ext_if all random-id no-df min-ttl 128
### ALTQ
altq on $ext_if hfsc bandwidth 800Kb queue {std, lan, lan_ack, serv, serv_ack}
queue std bandwidth 50Kb priority 1 hfsc (default realtime 50Kb)
queue lan bandwidth 50Kb priority 2 hfsc (realtime 50Kb)
queue lan_ack bandwidth 50Kb priority 7 hfsc (realtime 300Kb upperlimit 300Kb)
queue serv bandwidth 50Kb priority 2 hfsc (realtime 50Kb)
queue serv_ack bandwidth 50Kb priority 7 hfsc (realtime 50Kb)
###
nat on $ext_if tag INET tagged INET -> ($ext_if) port 1024:65535
###################### BLOCK IN/OUT/ALL
block all
block in quick inet from urpf-failed to any
block in quick inet from no-route to any
antispoof quick for {$int_if1 lo} inet
####################### PASS IN
### EXT_IF_IN
pass in quick on $ext_if inet from any to ($ext_if) $mst (max 100) queue (serv serv_ack)
### INT_IF
pass in quick on $int_if1 inet from <lan> to !$int_if1 $mst tag INET
pass in quick on $int_if1 inet from <lan> to $int_if1
###################### PASS OUT
### EXT_IF
pass out quick on $ext_if inet from $ext_if to any tagged INET queue (lan lan_ack)
pass out quick on $ext_if inet from $ext_if to any queue (serv serv_ack)
### INT_IF
pass out quick on $int_if1 inet from $int_if1 to <lan>
pfctl -vvsq
queue root_em0 on em0 bandwidth 800Kb priority 0 {std, lan, lan_ack, serv, serv_ack}
[ pkts: 0 bytes: 0 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue std on em0 bandwidth 50Kb hfsc( default realtime 50Kb )
[ pkts: 3 bytes: 126 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue lan on em0 bandwidth 50Kb priority 2 hfsc( realtime 50Kb )
[ pkts: 17 bytes: 1123 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
queue lan_ack on em0 bandwidth 50Kb priority 7 hfsc( realtime 300Kb upperlimit 300Kb )
[ pkts: 8872 bytes: 479088 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 49.0 packets/s, 21.19Kb/s ]
queue serv on em0 bandwidth 50Kb priority 2 hfsc( realtime 50Kb )
[ pkts: 11290 bytes: 17089007 dropped pkts: 0 bytes: 0 ]
[ qlength: 43/ 50 ]
[ measured: 50.0 packets/s, 605.60Kb/s ]
queue serv_ack on em0 bandwidth 50Kb priority 7 hfsc( realtime 50Kb )
[ pkts: 29 bytes: 2597 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 0.0 packets/s, 0 b/s ]
Without ALTQ when anybody from Internet dowloading from server the dowload speed for LAN bring down to 20Kb/s. When use ALTQ - speed for LAN users bring down to 2Mb/s. This is good, but not as I have specified in pf.conf
I have specified realtime speed for ACK's packets 300Kb but in real I have about 20Kb.
In above queues output, one user from LAN downloading file and one from Internet downloading from router. Both via ftp.
Where is my mistake?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35025.1322157913.1199695190218178560>