From owner-freebsd-current@FreeBSD.ORG  Fri Oct  1 21:04:45 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 848F316A4CE; Fri,  1 Oct 2004 21:04:45 +0000 (GMT)
Received: from KVIW06.KVI.NL (KVIW06.KVI.nl [129.125.15.26])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id C9AEE43D2D; Fri,  1 Oct 2004 21:04:44 +0000 (GMT)
	(envelope-from A.S.Usov@KVI.nl)
Received: from KVIS10.KVI.nl ("port 40075"@KVIS10.KVI.nl [129.125.27.60])
 by KVI.nl (PMDF V6.2-X17 #30869) with ESMTP id <01LFJ8UTFKBID41CV0@KVI.nl>;
 Fri, 01 Oct 2004 23:04:30 +0200 (MET DST)
Received: from KVIW14.KVI.nl	by KVIS10.KVI.nl (AvMailGate-2.0.2-8)
 id 17397-7E54875E; Fri, 01 Oct 2004 23:04:29 +0200
Received: from kvip55 ("port 61510"@KVIP88.KVI.nl [129.125.15.152])
 by KVI.nl (PMDF V6.2-X17 #30869) with ESMTP id <01LFJ8UALU9ACWHRFO@KVI.nl>;
 Fri, 01 Oct 2004 23:04:06 +0200
Date: Fri, 01 Oct 2004 23:04:03 +0200
From: "Alexander S. Usov" <A.S.Usov@KVI.nl>
In-reply-to: <200410012101.01067.max@love2party.net>
To: Max Laier <max@love2party.net>
Message-id: <200410012304.03921.A.S.Usov@kvi.nl>
Organization: KVI
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)"
User-Agent: KMail/1.7
X-AntiVirus: checked by AntiVir MailGate (version: 2.0.2-8; AVE: 6.27.0.12;
 VDF: 6.27.0.83; host: kvi.nl)
References: <200409272240.00356.A.S.Usov@kvi.nl>
 <200410011555.00828.A.S.Usov@kvi.nl> <200410012101.01067.max@love2party.net>
cc: freebsd-current@freebsd.org
Subject: Re: ALTQ/pf troubles
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Oct 2004 21:04:45 -0000


--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)
Content-type: text/plain; charset=koi8-u
Content-transfer-encoding: 7BIT
Content-disposition: inline

On Friday 01 October 2004 21:00, Max Laier wrote:
> > Increasing bandwith in the altq rule to 700Kb, results in the upload
> > speed of approx. 30-34 KB/s.
>
> Hmmm ... you realize that ALTQ takes *BIT* per second?

Yes. And 350Kbit/s ~ 43KB/s

> > Is it a good idea to check the behavior of the ruleset with OpenBSD?
>
> First of all a look at your queue statistics would be helpful:
>  $ pfctl -vvsq
> how many packets are being dropped? Which queues do the packets end up in?

Ok. The pf ruleset used during the test is attached to the letter.
Using scp results in the approx. 17-20KByte/s sustained transfer rate.
$ pfctl -vvsq
queue q priq( default )
  [ pkts:       6515  bytes:    7183041  dropped pkts:      0 bytes:      0 ]
  [ qlength:   4/ 50 ]
  [ measured:    18.2 packets/s, 162.56Kb/s ]

Setting the bandwidth to 700Kb gives:
$ pfctl -vvsq
queue q priq( default )
  [ pkts:       2526  bytes:    3201627  dropped pkts:      0 bytes:      0 ]
  [ qlength:   0/ 50 ]
  [ measured:    30.6 packets/s, 313.11Kb/s ]

> If you can easily check OpenBSD behavior, that'd be a good check as well.

I will try to install it this weekend and check there.
I believe 3.5 has a driver for broadcom 4401.

-- 
Best regards,
  Alexander.

--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)
Content-type: text/plain; charset=koi8-u; name=pf.conf
Content-transfer-encoding: 7BIT
Content-disposition: attachment; filename=pf.conf

#==================== DEFS ====================
ext = "bfe0"

table <priv_nets> const { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
	10.0.0.0/8, !10.0.0.0/24 } 

tcp_services = "{ ssh, ftp, ftp-data, 17778, 4662, 49152:65535 }"
icmp_types = "echoreq"

#==================== OPTIONS ====================
set block-policy return
set loginterface $ext
set optimization conservative

#==================== SCRUB ====================
scrub in all

#==================== QUEUE ====================
altq on $ext priq bandwidth 350Kb queue {q}
queue q priority 1 priq(default)

#==================== FILTERING ====================
block all

# loopback
pass quick on lo0 all
antispoof for lo0

# ESP
pass quick proto esp

# block private networks
block drop in  quick on $ext from <priv_nets> to any
block drop out quick on $ext from any to <priv_nets>

# incoming
pass in on $ext proto tcp from any to ($ext) port $tcp_services \
	modulate state
pass in inet proto icmp icmp-type $icmp_types keep state

# outgong
pass out on $ext proto tcp modulate state
pass out on $ext proto { udp, icmp } keep state 

--Boundary_(ID_IcJO1lgRQDrC8TxVsZWeoQ)--