From owner-freebsd-net@FreeBSD.ORG Mon Feb 14 14:12:08 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E85E16A4CF for ; Mon, 14 Feb 2005 14:12:08 +0000 (GMT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id BDFDE43D58 for ; Mon, 14 Feb 2005 14:12:07 +0000 (GMT) (envelope-from jsimola@gmail.com) Received: by wproxy.gmail.com with SMTP id 58so1811034wri for ; Mon, 14 Feb 2005 06:12:07 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=aOfgMJW8dc26XZpr9NMZ2pDWIR/nh142M65RbYmGJJoPSpsYJf9cJiDVCLqYahmd3LPx/QrzLZqkWleBvcXx2wZhqMZCg4k/Z2ruFBRLNAKsWkj+J6YfDWCOwfyOmg6q8BonfcydaBvuSGuUCOz4+kPIRiGoAvzQfZwd0uL9p1U= Received: by 10.54.42.49 with SMTP id p49mr186208wrp; Mon, 14 Feb 2005 06:12:06 -0800 (PST) Received: by 10.54.39.34 with HTTP; Mon, 14 Feb 2005 06:12:06 -0800 (PST) Message-ID: <8eea040805021406124e553101@mail.gmail.com> Date: Mon, 14 Feb 2005 06:12:06 -0800 From: Jon Simola To: David Gilbert In-Reply-To: <16912.11613.216501.589279@canoe.dclg.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <16911.51264.86063.604597@canoe.dclg.ca> <200502140157.36085.max@love2party.net> <16912.11613.216501.589279@canoe.dclg.ca> cc: freebsd-net@freebsd.org Subject: Re: altq for vlans? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: jon@abccomm.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 14:12:08 -0000 > > On Sunday 13 February 2005 22:36, David Gilbert wrote: > >> Has anyone considered patching the vlan driver to support altq? I > >> gather that since tun works, so should vlan. > > Well... the issue is several fold. Firstly, the router in question is > talking in trunk mode to a switch which in turn hands out ports to end > user boxes. So the "real" interface could be queue limited, but in > general, it can be assumed that the GigE interface is faster than the > sum of the traffic coming into it. > > Now... you seem to be saying that if the queue is attached to (in this > case) em0, and vlan10 goes through em0, that traffic will be subject > to the queue ... even though it's been tagged ... and from the > perspective of em0 is no longer IP traffic. > > This is certainly not obvious, if it is the case. > > But from a vlan-as-virtual-circuit-replacement standpoint, it makes > sense to note a vlan as a queue entity. I went through exactly this. I wrote my own patch for if_vlan.c that allowed ALTQ queueing on a vlan interface. I used that patch and ran hundreds of GBs of live customer data a week through the router with those patches. I never saw any problems. Then again, I never managed to figure out queuing on the vlan parent interface either. Both worked as far as I could tell, but I've gone to > Anyways, the _real_ problem is that traditionally, I'd used firewall > rules for accounting as well as security. I've used several varieties of firewall rules to count traffic (count rules, ipfw pipes) and I've switched over to a custom program that sniffs packets via libpcap off the vlan parent, and counts them. It's not fancy, but it does have some certain advantages (like passive MAC address sniffing, which I find quite handy dealing with some of the more "adventurous" clients).