From owner-freebsd-stable@FreeBSD.ORG Thu Jan 19 08:52:01 2006 Return-Path: X-Original-To: freebsd-stable@FreeBSD.org Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78F7316A41F for ; Thu, 19 Jan 2006 08:52:01 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA6A743D48 for ; Thu, 19 Jan 2006 08:52:00 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.13.3/8.13.3) with ESMTP id k0J8ptVU000542 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 19 Jan 2006 11:51:55 +0300 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.sick.ru (8.13.3/8.13.1/Submit) id k0J8psP3000541; Thu, 19 Jan 2006 11:51:54 +0300 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Thu, 19 Jan 2006 11:51:54 +0300 From: Gleb Smirnoff To: "J. Buck Caldwell" Message-ID: <20060119085154.GB83922@cell.sick.ru> References: <43CC8532.6080404@bitparts.org> <20060118122540.GO83922@FreeBSD.org> <43CED0F0.3010704@bitparts.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <43CED0F0.3010704@bitparts.org> User-Agent: Mutt/1.5.6i Cc: freebsd-stable@FreeBSD.org Subject: Re: ALTQ on GIF tunnels? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jan 2006 08:52:01 -0000 On Wed, Jan 18, 2006 at 05:36:16PM -0600, J. Buck Caldwell wrote: J> Gleb Smirnoff wrote: J> >On Mon, Jan 16, 2006 at 11:48:34PM -0600, J. Buck Caldwell wrote: J> >J> Is there any work on adding support for ALTQ to the GIF tunnel J> >J> interface? I'm having wonderful results getting ALTQ working on normal J> >J> interfaces, but it would be heavenly to prioritize the traffic inside J> >J> the tunnels. J> > J> >You can (and probably should) enable ALTQ on the physical interface J> >that gif(4) runnels use for encapsulated packets. J> > J> Yes, but that doesn't do any good for the packets traveling inside the J> tunnel. Specifically, I have a corporate network hooked to a branch via J> VPN, and want to prioritize not just the tunnel over ordinary traffic, J> but prioritize different types of traffic inside the tunnel. You tag packets with ALTQ identifier in ipfw/pf, and this identifier isn't lost after packet is encapsulated. So, when going out the physical interface the packet will be queued according to the ALTQ policy you have specified. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE