Date: Fri, 01 Oct 2004 23:04:03 +0200 From: "Alexander S. Usov" <A.S.Usov@KVI.nl> To: Max Laier <max@love2party.net> Cc: freebsd-current@freebsd.org Subject: Re: ALTQ/pf troubles Message-ID: <200410012304.03921.A.S.Usov@kvi.nl> In-Reply-To: <200410012101.01067.max@love2party.net> References: <200409272240.00356.A.S.Usov@kvi.nl> <200410011555.00828.A.S.Usov@kvi.nl> <200410012101.01067.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)
Content-type: text/plain; charset=koi8-u
Content-transfer-encoding: 7BIT
Content-disposition: inline
On Friday 01 October 2004 21:00, Max Laier wrote:
> > Increasing bandwith in the altq rule to 700Kb, results in the upload
> > speed of approx. 30-34 KB/s.
>
> Hmmm ... you realize that ALTQ takes *BIT* per second?
Yes. And 350Kbit/s ~ 43KB/s
> > Is it a good idea to check the behavior of the ruleset with OpenBSD?
>
> First of all a look at your queue statistics would be helpful:
> $ pfctl -vvsq
> how many packets are being dropped? Which queues do the packets end up in?
Ok. The pf ruleset used during the test is attached to the letter.
Using scp results in the approx. 17-20KByte/s sustained transfer rate.
$ pfctl -vvsq
queue q priq( default )
[ pkts: 6515 bytes: 7183041 dropped pkts: 0 bytes: 0 ]
[ qlength: 4/ 50 ]
[ measured: 18.2 packets/s, 162.56Kb/s ]
Setting the bandwidth to 700Kb gives:
$ pfctl -vvsq
queue q priq( default )
[ pkts: 2526 bytes: 3201627 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 30.6 packets/s, 313.11Kb/s ]
> If you can easily check OpenBSD behavior, that'd be a good check as well.
I will try to install it this weekend and check there.
I believe 3.5 has a driver for broadcom 4401.
--
Best regards,
Alexander.
--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)
Content-type: text/plain; charset=koi8-u; name=pf.conf
Content-transfer-encoding: 7BIT
Content-disposition: attachment; filename=pf.conf
#==================== DEFS ====================
ext = "bfe0"
table <priv_nets> const { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8, !10.0.0.0/24 }
tcp_services = "{ ssh, ftp, ftp-data, 17778, 4662, 49152:65535 }"
icmp_types = "echoreq"
#==================== OPTIONS ====================
set block-policy return
set loginterface $ext
set optimization conservative
#==================== SCRUB ====================
scrub in all
#==================== QUEUE ====================
altq on $ext priq bandwidth 350Kb queue {q}
queue q priority 1 priq(default)
#==================== FILTERING ====================
block all
# loopback
pass quick on lo0 all
antispoof for lo0
# ESP
pass quick proto esp
# block private networks
block drop in quick on $ext from <priv_nets> to any
block drop out quick on $ext from any to <priv_nets>
# incoming
pass in on $ext proto tcp from any to ($ext) port $tcp_services \
modulate state
pass in inet proto icmp icmp-type $icmp_types keep state
# outgong
pass out on $ext proto tcp modulate state
pass out on $ext proto { udp, icmp } keep state
--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410012304.03921.A.S.Usov>