From owner-freebsd-net@FreeBSD.ORG Thu Jun 24 17:04:40 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 42A0A106566C for ; Thu, 24 Jun 2010 17:04:40 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 84D1D8FC1D for ; Thu, 24 Jun 2010 17:04:39 +0000 (UTC) Received: by wyf22 with SMTP id 22so569260wyf.13 for ; Thu, 24 Jun 2010 10:04:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:sender:received :in-reply-to:references:from:date:x-google-sender-auth:message-id :subject:to:cc:content-type:content-transfer-encoding; bh=7IEXZQX6/kbh2ydcewecYjAXzf3XxuivbgHFVzrrRDk=; b=ZzV62MVMoeuBJZzMGmbdGGTwKQ+3jVCNLfY6xxQhEj/dUm3lRjm6KbcBgfCZKOUf3H rKSezwrLHlVAXOEKr+MqOLuZ6GoQtUX20cd5D11teWK5QlRdxUxZH7R7eHXh+jxhndyZ IHH1G2FN7g73d83mQjk0Qe/kDy+Jnu+pgZBTk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=H49lE+Z96s7fWNOny1rCdBUFRItuUoLFbpw6U9k5vt4a/YnNzJLIFqTcsab4+WJv3z eVqrHYhOScpdnFI+JAMjqXNT6NqTkuoyI8yQwk732frj9x90CpeuifeJ5daZAXzuuTHn QnZyAANKk/X9xpOiG0Bx6SWCsvU4IglHb8vns= Received: by 10.216.184.136 with SMTP id s8mr4086298wem.4.1277399077171; Thu, 24 Jun 2010 10:04:37 -0700 (PDT) MIME-Version: 1.0 Sender: ermal.luci@gmail.com Received: by 10.216.25.4 with HTTP; Thu, 24 Jun 2010 10:04:17 -0700 (PDT) In-Reply-To: References: From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Date: Thu, 24 Jun 2010 18:04:17 +0100 X-Google-Sender-Auth: SECe-ttfJw7wmjfgE53OsNGaHWM Message-ID: To: Rafael Henrique Faria Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net@freebsd.org, freebsd-pf@freebsd.org Subject: Re: Unknown Behavior of PF+ALTQ on a Bridge X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2010 17:04:40 -0000 On Thu, Jun 24, 2010 at 3:12 PM, Rafael Henrique Faria wrote: > Hi. > > I'm working on a Brige between a router Cisco 7200, and a 3Com 7900 switc= h. > I have several subnetworks, and I need to balance the bandwidth between t= hen. > > The Brigde is running: "FreeBSD dell05 8.1-PRERELEASE FreeBSD > 8.1-PRERELEASE #0: Tue Jun 22 13:59:17 BRT 2010 > rafaelhfaria@dell05:/usr/obj/usr/src/sys/BRIDGE =A0amd64" > > I have the following lines in /boot/loader.conf: > --- > net.graph.maxalloc=3D512 > net.graph.maxdgram=3D45000 > net.graph.recvspace=3D45000 > bridgestp_load=3D"YES" > if_vlan_load=3D"YES" > --- > > And my kernel is compiled with: > device =A0 =A0 =A0 =A0 =A0if_bridge > device =A0 =A0 =A0 =A0 =A0pf > device =A0 =A0 =A0 =A0 =A0pflog > options =A0 =A0 =A0 =A0 ALTQ > options =A0 =A0 =A0 =A0 ALTQ_CBQ > options =A0 =A0 =A0 =A0 ALTQ_RED > options =A0 =A0 =A0 =A0 ALTQ_RIO > options =A0 =A0 =A0 =A0 ALTQ_HFSC > options =A0 =A0 =A0 =A0 ALTQ_PRIQ > options =A0 =A0 =A0 =A0 ALTQ_NOPCC > options =A0 =A0 =A0 =A0 DEVICE_POLLING > options =A0 =A0 =A0 =A0 HZ=3D1000 > options =A0 =A0 =A0 =A0 SHMSEG=3D16 > options =A0 =A0 =A0 =A0 SHMMNI=3D32 > options =A0 =A0 =A0 =A0 SHMMAX=3D2097152 > options =A0 =A0 =A0 =A0 SHMALL=3D4096 > options =A0 =A0 =A0 =A0 MAXFILES=3D8192 > > And the bridge configuration: > cloned_interfaces=3D"bridge0 vlan1" > ifconfig_bridge0=3D"addm bce0 stp bce0 addm bce1 stp bce1 up" > ifconfig_bce0=3D"polling up" > ifconfig_bce1=3D"polling up" > ifconfig_vlan1=3D"inet 200.x.x.x netmask 0xFFFFFF00 broadcast > 200.x.x.255 vlan 1 vlandev bce1" > > bce0 is connected to the Cisco 7200 ($wan_if in pf) > bce1 is conencted to the 3Com 7900 ($lan_if in pf) > > And my sysctl for bridge: > dell05# sysctl net.link.bridge > net.link.bridge.ipfw: 0 > net.link.bridge.inherit_mac: 0 > net.link.bridge.log_stp: 0 > net.link.bridge.pfil_local_phys: 1 > net.link.bridge.pfil_member: 1 > net.link.bridge.pfil_bridge: 0 > net.link.bridge.ipfw_arp: 0 > net.link.bridge.pfil_onlyip: 0 > dell05# > > Ok... > > Now, the problem. > > With the following queue: > altq on $lan_if bandwidth 33Mb hfsc queue { down_sub1, down_sub2, > down_sub3, down_sub4, down_def } > =A0 queue down_sub1 =A0 bandwidth 8Mb priority 1 qlimit 300 hfsc ( > realtime 3.20Mb upperlimit 22.40Mb ) > =A0 queue down_sub2 =A0 bandwidth 8Mb priority 1 qlimit 300 hfsc ( > realtime 3.20Mb upperlimit 22.40Mb ) > =A0 queue down_sub3 =A0bandwidth 8Mb priority 1 qlimit 300 hfsc ( > realtime 3.20Mb upperlimit 22.40Mb ) > =A0 queue down_sub4 =A0bandwidth 8Mb priority 1 qlimit 300 hfsc ( > realtime 3.20Mb upperlimit 22.40Mb ) > =A0 queue down_def =A0 =A0 bandwidth 128Kb hfsc ( default ) > > And with the following rules: > pass in =A0log quick on $lan_if from to any keep state queue ( dow= n_sub1 ) > pass out log quick on $wan_if from to any keep state queue ( up_su= b1 ) > pass in =A0log quick on $wan_if from any to keep state queue ( up_= sub1 ) > pass out log quick on $lan_if from any to keep state queue ( down_= sub1 ) > > (..) for each I have the pass rules like those. > > > With the full use of the link, only a small part of the traffic gets > into the correct queue. > > queue root_bce1 on bce1 bandwidth 33Mb priority 0 {down_sub1, > down_sub2, down_sub3, down_sub4, down_def} > =A0[ pkts: =A0 =A0 =A0 =A0 =A00 =A0bytes: =A0 =A0 =A0 =A0 =A00 =A0dropped= pkts: =A0 =A0 =A00 bytes: =A0 =A0 =A00 ] > =A0[ qlength: =A0 0/ 50 ] > =A0[ measured: =A0 =A0 0.0 packets/s, 0 b/s ] > queue =A0down_sub1 on bce1 bandwidth 8Mb qlimit 300 hfsc( realtime > 3.20Mb upperlimit 22.40Mb ) > =A0[ pkts: =A0 =A0 =A053177 =A0bytes: =A0 50082785 =A0dropped pkts: =A0 = =A0 =A00 bytes: =A0 =A0 =A00 ] > =A0[ qlength: =A0 0/300 ] > =A0[ measured: =A0 364.5 packets/s, 2.81Mb/s ] > queue =A0down_sub2 on bce1 bandwidth 8Mb qlimit 300 hfsc( realtime > 3.20Mb upperlimit 22.40Mb ) > =A0[ pkts: =A0 =A0 =A090724 =A0bytes: =A0 79670459 =A0dropped pkts: =A0 = =A0 =A00 bytes: =A0 =A0 =A00 ] > =A0[ qlength: =A0 0/300 ] > =A0[ measured: =A0 744.6 packets/s, 5.20Mb/s ] > queue =A0down_sub3 on bce1 bandwidth 8Mb qlimit 300 hfsc( realtime > 3.20Mb upperlimit 22.40Mb ) > =A0[ pkts: =A0 =A0 =A038333 =A0bytes: =A0 37384626 =A0dropped pkts: =A0 = =A0 =A00 bytes: =A0 =A0 =A00 ] > =A0[ qlength: =A0 0/300 ] > =A0[ measured: =A0 285.2 packets/s, 2.35Mb/s ] > queue =A0down_sub4 on bce1 bandwidth 8Mb qlimit 300 hfsc( realtime > 3.20Mb upperlimit 22.40Mb ) > =A0[ pkts: =A0 =A0 =A080385 =A0bytes: =A0 69021129 =A0dropped pkts: =A0 = =A0 =A00 bytes: =A0 =A0 =A00 ] > =A0[ qlength: =A0 0/300 ] > =A0[ measured: =A0 585.1 packets/s, 3.92Mb/s ] > queue =A0down_def on bce1 bandwidth 128Kb hfsc( default ) > =A0[ pkts: =A0 =A0 268756 =A0bytes: =A0336423531 =A0dropped pkts: =A0 =A0= 121 bytes: =A081921 ] > =A0[ qlength: =A0 0/ 50 ] > =A0[ measured: =A01615.4 packets/s, 16.49Mb/s ] > > watching the pflog interface, I can see that the pass rules are > working, no traffic is getting out of one of the rules (I have put an > "pass log all" to check this). > > All the rules are working... but they aren't sending the traffic to > the specified queue. > > If someone have a glue for this... > Any suggestion are welcome. > > Thank's in advance. Sorry but i do not see any evidence that what you claim is true! --=20 Ermal