From owner-freebsd-pf@FreeBSD.ORG Wed Sep 3 05:39:22 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 690AE1065671 for ; Wed, 3 Sep 2008 05:39:22 +0000 (UTC) (envelope-from lance@theouterdarkness.com) Received: from smtp-gw31.mailanyone.net (smtp-gw31.mailanyone.net [208.70.128.57]) by mx1.freebsd.org (Postfix) with ESMTP id 2E1398FC2B for ; Wed, 3 Sep 2008 05:39:21 +0000 (UTC) (envelope-from lance@theouterdarkness.com) Received: from mailanyone.net by smtp-gw31.mailanyone.net with esmtpa (MailAnyone extSMTP theouterdarkness.com_1591@nfsn.fuseplatform.com) id 1Kal5M-0004OA-M4; Wed, 03 Sep 2008 00:39:20 -0500 Date: Tue, 2 Sep 2008 22:39:16 -0700 From: Lance Murdock To: Max Laier Message-ID: <20080903053916.GA81677@theouterdarkness.com> References: <20080903020843.GA70612@theouterdarkness.com> <200809030444.31690.max@love2party.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200809030444.31690.max@love2party.net> User-Agent: Mutt/1.4.2.3i Cc: freebsd-pf@freebsd.org Subject: Re: ALTQ & Multiple Connections X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Sep 2008 05:39:22 -0000 On Wed, Sep 03, 2008 at 04:44:31AM +0200, Max Laier wrote: > No and I don't know of any software that would make that > possible - probably because it's a horrible idea. I wouldn't say it is a horrible idea. It may have some implementation details, but the idea of maximally utilizing available resources at minimum cost is not fundamentally horrible. Also, this is for negotiation purposes as much as any technical reason. Our carriers feel there is no need to negotiate on price because they're going to get paid on the overages anyway. They figure the router and construction expenses of pulling in more fiber are pretty much a lock-in, and they're pretty much right. So I'd like to put a shot across their bow that not only do we have the power to control how much they get paid without scuttling our own site, but also we don't need to pull more fiber to do it. :-) > You will run into all kinds of trouble with out > of order packets. Let alone the issues you will have if any of > your ISPs does source filtering, or with asymmetric return paths > and possibly NAT. Source filtering and NAT are not in play here and the two endpoints are not identical but they are topologically very close so asymmetric routing impact should be minimal, especially for short-lived web connections. But yes, I can see that "sticky" behavior on a per-flow basis would be essential. Ideally we would let as much traffic as possible take its best path according to the route table and only shape the minimum necessary to meet our utilization objectives. But even I am confident I have crossed irretrievably into fantasyland at that point. I'm thinking of something along the lines of good old fashioned multilink PPP, which brought up more channels based on utilization. The only difference here is that we're not going to get protocol cooperation from the far end. > The only thing you can do is > some level of *per-flow* round-robin (with weights) onto your outgoing > connections - maybe adjusting the weights according to ALTQ usage stats. I'm sorry, I don't know enough about ALTQ to know if this is intended to be a practical suggestion. If so, where would I look for documentation? I've got the Reed book and it's been massively helpful but doesn't appear to cover the sort of crazy misuse that I have in mind. > But > that's a very rough estimate - but you can't do better than that, anyways. If we can get within, say, 10% that would be a great start. Since carrier standard is 95/5 billing, all we have to do is visibly clip the peaks on an MRTG graph to achieve our objective. Thanks, Lance