Date: Mon, 29 Nov 2004 00:39:35 +0200 From: mzk <mzk@anti-offline.net> To: <freebsd-pf@freebsd.org> Subject: Re: PF strange problem. Message-ID: <2004112903935.976191@mzk> In-Reply-To: <opsh64ow00yywyt2@punaposki.rauhankatu.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
I tried removing `quick` and the effect was the use of the next rule, which i don't want. Exactly for QoS i am using the quick keyword in my rules. Otherwise the hosts will receive much slower speed for the <peering> table.
> If you have 'quick' in the rule it won't go thru any other rules
> after that.
>
> On Sun, 28 Nov 2004 23:51:45 +0200, mzk <mzk@anti-offline.net>
> wrote:
>
>> First sorry my English and sorry my other mistakes, but that is
>> my first post in mailing list ever. :-)
>> Today i understood my pf doesn't work properly. For each host of
>> my network i have 4 rules, 2 out (from int_if) and 2 in like:
>>
>> pass out quick on $int_if from <peering> to $host queue
>> peering_host_in pass out quick on $int_if from any to $host queue
>> host_in pass in quick on $int_if proto { tcp, udp } from $host to
>> <peering> port $ports pass in quick on $int_if proto { tcp, udp }
>> from $host to any port $ports
>>
>> The problem is, that the first `peering` rule works like the
>> second one -> it pass everything from anyone using the
>> peering_host_in queue. If i comment it, the second rule works,
>> but that's not the idea. So my international connection (the
>> second rules) is overloaded and i could not make good QoS. I am
>> using GENERIC with these options, added by me ->
>>
>> # custom options;
>>
>> # pf support;
>> device pf
>> device pflog
>> device pfsync
>>
>> # ALTQ options;
>> options ALTQ #alternate queueing options
>> ALTQ_CBQ #class based queueing ##options
>> ALTQ_WFQ #weighted fair queueing ##options
>> ALTQ_FIFOQ #fifo queueing options ALTQ_RED
>> #random early detection ##options ALTQ_FLOWVALVE
>> #flowvalve for RED (needs RED) options ALTQ_RIO
>> #triple red for diffserv (needs RED) ##options
>> ALTQ_LOCALQ #local use options ALTQ_HFSC
>> #hierarchical fair service curve ##options ALTQ_ECN
>> #ecn extention to tcp (needs RED) ##options
>> ALTQ_IPSEC #check ipsec in IPv4 options ALTQ_CDNR
>> #diffserv traffic conditioner ##options
>> ALTQ_BLUE #blue by wu-chang feng options ALTQ_PRIQ
>> #priority queue
>> options ALTQ_NOPCC #don't use processor cycle
>> counter #options ALTQ_DEBUG #for debugging
>>
>> #options IPDIVERT
>> options IPSTEALTH
>> #options IPFILTER
>>
>> My pf.conf is abot 600 lines, so i will not paste it here. If you
>> request it i can upload it somewhere. Thanks in advance and sorry
>> for every my mistake!
>>
>> _______________________________________________
>> freebsd-pf@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-pf To
>> unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2004112903935.976191>