From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 02:53:05 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D085316A401 for ; Fri, 16 Mar 2007 02:53:05 +0000 (UTC) (envelope-from linuxinfoplus@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.freebsd.org (Postfix) with ESMTP id 6773C13C46C for ; Fri, 16 Mar 2007 02:53:05 +0000 (UTC) (envelope-from linuxinfoplus@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so562180ugh for ; Thu, 15 Mar 2007 19:53:04 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=H29UyYN0FZFrWkJKeIW6cr6i2k2EIyAbLaZl4rvr8ibGF0e9xU0whDlPTyQMUZvQzfDWlzvtUWJU6GShu1sQELEWZjocghEm3znAG3N6w8wXaOM+vFeYoN8RE2lwFqhoYTx2dyaCQ53vERLX5ew7vK2l+WewmfFeGLK8uJUTZHc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=hw56a7nFQfT7ZAkOWi9PHS7qRmm0oRa3sspMeOpGHiYVq3EmDC9wOOPs6Jc0J8i7UghjRTl7uX5MoeB4B+mC0JwnMQ15hvlEFx1W8HybiZMrVws7oBDbevGyMk1BC4T4xSdwvRZwiNSWSzsrc/UvTSRmz5jWC90BIBILlDlIGB8= Received: by 10.114.39.16 with SMTP id m16mr522567wam.1174012003477; Thu, 15 Mar 2007 19:26:43 -0700 (PDT) Received: from ?192.168.3.215? ( [210.13.108.117]) by mx.google.com with ESMTP id z15sm3679401pod.2007.03.15.19.26.41; Thu, 15 Mar 2007 19:26:42 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: <20070315120029.0E88916A4CF@hub.freebsd.org> References: <20070315120029.0E88916A4CF@hub.freebsd.org> Content-Type: text/plain; charset=GB2312; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: quoted-printable From: rhinux Date: Fri, 16 Mar 2007 10:26:22 +0800 To: freebsd-pf@freebsd.org X-Mailer: Apple Mail (2.752.2) Subject: Re: freebsd-pf Digest, Vol 129, Issue 2 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 02:53:05 -0000 =D4=DA 2007-3-15=A3=AC=CF=C2=CE=E78:00=A3=ACfreebsd-pf-request@freebsd.org= =D0=B4=B5=C0=A3=BA > Send freebsd-pf mailing list submissions to > freebsd-pf@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > or, via email, send a message with subject or body 'help' to > freebsd-pf-request@freebsd.org > > You can reach the person managing the list at > freebsd-pf-owner@freebsd.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of freebsd-pf digest..." > > > Today's Topics: > > 1. Setting bandwidth for multiple internal subnets + few more PF > questions (Ale? Krajn?k) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 15 Mar 2007 11:08:39 +0100 > From: Ale? Krajn?k > Subject: Setting bandwidth for multiple internal subnets + few more PF > questions > To: > Message-ID: > = <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> > Content-Type: text/plain; charset=3D"iso-8859-2" > > Hello, > > > > I have a problem with PF and I would appreciate any help. I spent =20 > few hours googling around but found no solution. > > > > We have a FreeBSD 6.1 router with 4 internal subnets on 4 =20 > interfaces (em1, fxp0, fxp1, xl0), 1 connection to the Internet =20 > (em0) - 10Mbps both directions, full duplex. What we need is to =20 > shape traffic so em1 + fxp1 , fxp0 and xl0 uses equally 33% of =20 > traffic, in both incoming and outgoing directions from the Internet =20= > (incoming direction is more important for us as we don't have =20 > almost any servers inside our network except for HTTP for =20 > development purpose so mostly we download data from the Internet). =20 > Traffic between local subnets should stay unlimited. > > > > That should not be problem - we could just set 3.33Mbps on each =20 > interface for packets arriving from the Internet. What we cannot =20 > solve is how to set that each interface could borrow bandwidth from =20= > other interfaces (=3D from parent stream) if they are not fully =20 > utilised? > > > > If I set ALTQ on the external interface, I can control only =20 > outgoing traffic to the Internet (I made that work successfully). =20 > If I set ALTQ on any of the internal interfaces I cannot set it to =20 > borrow from each other. Setting ALTQ on multiple interfaces is not =20 > supported AFAIK. Is there any solution? Can that be solved with =20 > packet tagging? > > > > Another thing I do not completely understand is setting ALTQ rules =20 > on interfaces. I just want to make it clear to myself. If I set =20 > ALTQ on an interface, it means that packets are being dropped on =20 > the chosen interface? If I set queue on an interface, it means that =20= > packets are added to that queue if and only if the rule is =20 > evaluated on the chosen interface? For example if I would have =20 > rules "queue Q on em0 ..." and "pass in on em1 ... queue Q", what =20 > would that do? > > > > My last question - I read TCP ACK packets prioritizing can increase =20= > incoming throughput. Does that make sense on fast internet =20 > connections like is ours or is it useful only for e.g. dial-up =20 > connections? I would use following ALTQ settings: > > > > ALTQ on $lan_ex bandwidth 10Mb cbq { queue_std, =20 > queue_ack } > > queue queue_std on $lan_ex bandwidth =20= > 99% cbq(default) > > queue queue_ack on $lan_ex bandwidth 1% > > > > ... and create a TCP/ACK rule on $lan_ex with =20 > queue_ack > > > > Thanks in advance for your help! > > > > Ales Krajnik > > > > ------------------------------ > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > End of freebsd-pf Digest, Vol 129, Issue 2 > ******************************************