Date: Wed, 30 Jul 2008 11:58:51 +0200 From: Michal Buchtik <buchtajz@borsice.net> To: news@topocentras.lt Cc: freebsd-pf@freebsd.org Subject: Re: need help with keep state and shaping Message-ID: <1217411931.31805.10.camel@buchtajz> In-Reply-To: <50928.88.119.128.115.1217406553.squirrel@mx.agservice.lt> References: <51307.88.119.128.115.1217227945.squirrel@mx.agservice.lt> <64686.88.119.128.115.1217400195.squirrel@mx.agservice.lt> <1217406136.31805.6.camel@buchtajz> <50928.88.119.128.115.1217406553.squirrel@mx.agservice.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
I use default state-policy (floating). As I can remember, if-bound policy works diferent. news@topocentras.lt píše v St 30. 07. 2008 v 11:29 +0300: > Thanks for suggestion. Is any difference using set state-policy if-bound? > When what state policy to use? > > Thanks, Albertas > > > > PF makes 2 states per connection, so try this > > ($int_if is users LAN) > > > > pass in quick on $int_if from 10.0.0.1 to any tag user1 queue download1 > > pass in quick on $ext_if from any to 10.0.0.1 tag user1 queue upload1 > > pass out quick on $int_if tagged user1 queue download1 > > pass out quick on $ext_if tagged user1 queue upload1 > > .....and so on for another users > > > > > > news@topocentras.lt píše v St 30. 07. 2008 v 09:43 +0300: > >> Hello once more, > >> It whould be very interesting to hear from you how to use keep state for > >> router, shaping in and out traffic. > >> I am using around thousand of queues(hfsc) and it makes a lot of > >> performace problems. Using keep state it would reduce it, but as i > >> mention > >> before, i have problems using it. > >> > >> Sincerely Yours, > >> Albertas > >> > >> > ext_if="bge0" > >> > int_if="bge1" > >> > > >> > pass out quick on $ext_if from 10.0.0.1 to any queue upload1 > >> > pass out quick on $int_if from any to 10.0.0.1 queue download1 > >> > > >> > pass out quick on $ext_if from 10.0.0.2 to any queue upload2 > >> > pass out quick on $int_if from any to 10.0.0.2 queue download2 > >> > > >> > pass out quick on $ext_if from 10.0.0.3 to any queue upload3 > >> > pass out quick on $int_if from any to 10.0.0.3 queue download3 > >> > > >> > pass in all > >> > pass out all > >> > > >> > #10.0.0.x users subnet > >> > > >> > Hello, > >> > I have problems with keep state usage. I need to shape ingoing and > >> > outgoing trafic (no nat). > >> > Before I used sintax like above, but then I used it with keyword "keep > >> > state" some useres reported problems with trafic. > >> > With version FreeBSD 7 with keep state on pass rules are not working > >> at > >> > all. > >> > Question is how to deal with keep state for in and out trafic then i > >> need > >> > to shape both? I tried to use set state-policy if-bound but it had no > >> > impact. > >> > > >> > _______________________________________________ > >> > freebsd-pf@freebsd.org mailing list > >> > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > >> > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > >> > > >> > >> > >> _______________________________________________ > >> freebsd-pf@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf > >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > > > > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1217411931.31805.10.camel>