From owner-freebsd-isp@FreeBSD.ORG Wed Sep 27 21:25:00 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8EACC16A657 for ; Wed, 27 Sep 2006 21:25:00 +0000 (UTC) (envelope-from akachler@telcom.net) Received: from mail.telcom.net (mail.telcom.net [200.62.2.251]) by mx1.FreeBSD.org (Postfix) with ESMTP id 91C4C43DE7 for ; Wed, 27 Sep 2006 21:22:32 +0000 (GMT) (envelope-from akachler@telcom.net) Received: from [127.0.0.1] (adsl-8-187-70.mia.bellsouth.net [65.8.187.70]) by mail.telcom.net (8.13.6/8.13.6) with ESMTP id k8RLPPWU002095; Wed, 27 Sep 2006 17:25:27 -0400 Message-ID: <451AEB8A.20501@telcom.net> Date: Wed, 27 Sep 2006 17:22:18 -0400 From: Arie Kachler Organization: Telcom.Net User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: "David J. Orman" References: <451AE254.3050603@telcom.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-isp@freebsd.org Subject: Re: pf/altq X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: akachler@telcom.net List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Sep 2006 21:25:00 -0000 Thank you for your response David. We basically need to limit the bandwidth of each one of our customers based on what they have contracted. Some customers have simple, mostly web traffic, while some others have very complex patterns with lots of DNS/mail/web/ssh/etc. But your telling me that sustained 80Mbps is possible tells me that it is a robust system. We haven't even started testing, but your response gives us the confidence to at least spend the time testing. Thanks again David. David J. Orman wrote: > I've dealt with that much traffic without issue. It all depends on the *type* of traffic though. If you get some really extensive rules going (expensive CPU-wise type rules) you might run into issues depending on the processing power of the machine. Also, your pps could be wildly different than mine, even at the same 100Mbps rate. We ended up moving to a dedicated router for reliability reasons, *not* the incapacity of FreeBSD to handle the traffic with PF/ALTQ. > > At 100Mbps, I don't think you will have any issues. Testing against simulated load like your real load is the only way you're going to know for sure, though - so I hesitate to say "It'll work great!" > > We were doing transparent filtering (over bridged adapters) with somewhat complex rulesets, for a web-server farm, on 100Mbps, utilizing 80Mbps consistantly. We used altq to prioritize http traffic over everything else. > > Cheers, > David > > ----- Original Message ----- > From: Arie Kachler > Date: Wednesday, September 27, 2006 10:45 am > Subject: pf/altq > To: freebsd-isp@freebsd.org > > >> Hello, >> >> We need to replace our bandwidth management solution because it's >> not >> working properly anymore. >> Does anybody have experience with pf/altq in high traffic >> production >> environments. We expect to run 100Mbps through each pf/altq box. >> Man pages don't show shortcomings one may experience in real life. >> >> Any real life experiences you can share will be greatly appreciated. >> >> Arie Kachler >> >> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> >> > > > . > >