From owner-freebsd-net@FreeBSD.ORG Thu Oct 12 04:16:15 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C34716A403; Thu, 12 Oct 2006 04:16:15 +0000 (UTC) (envelope-from beastie@mra.co.id) Received: from mx3.mra.co.id (fw.mra.co.id [202.57.14.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F28743D58; Thu, 12 Oct 2006 04:16:13 +0000 (GMT) (envelope-from beastie@mra.co.id) Received: from localhost (localhost.mra.co.id [127.0.0.1]) by mx3.mra.co.id (Postfix) with ESMTP id 5F23730F7E; Thu, 12 Oct 2006 11:07:57 +0700 (WIT) Received: from mx3.mra.co.id ([127.0.0.1]) by localhost (mx3.mra.co.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 86723-24; Thu, 12 Oct 2006 11:07:57 +0700 (WIT) Received: from mailbox.mra.co.id (unknown [172.16.0.225]) by mx3.mra.co.id (Postfix) with ESMTP id 2D25C30F7B; Thu, 12 Oct 2006 11:07:57 +0700 (WIT) Received: from beastie.mra.co.id (unknown [172.16.0.228]) by mailbox.mra.co.id (Postfix) with ESMTP id 7CE18FDC5; Thu, 12 Oct 2006 10:37:39 +0700 (WIT) From: Muhammad Reza To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org Content-Type: text/plain Message-Id: <1009992059.6727.20.camel@beastie.mra.co.id> Mime-Version: 1.0 X-Mailer: Evolution 2.0.2 (2.0.2-8) Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at mra.co.id Cc: Subject: pf.conf + altq problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 12 Oct 2006 04:16:15 -0000 X-Original-Date: Thu, 03 Jan 2002 00:20:59 +0700 X-List-Received-Date: Thu, 12 Oct 2006 04:16:15 -0000 Dear list. My pf.conf not working. I have pf in bridge machine with xl2 to internet firewall and xl1 to internal switch. Bridging is ok. This my simple pf.conf me="172.16.0.228" altq on xl1 bandwidth 100% cbq queue {me,dflt} queue me bandwidth 8Kb queue dflt bandwidth 16Kb cbq (default) block log on {xl1,xl2} all pass out log on xl1 from $me to any keep state pass log on xl2 from $me to any keep state queue (me) This rule is match when i try to connect to iperf server # tcpdump -nett -i pflog0 | grep 172.16.0.228 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG 1160655756.150048 rule 3/(match) pass in on xl2: 172.16.0.228.44405 > 128.6.231.102.5001: [|tcp] (DF) 1160655756.150059 rule 2/(match) pass out on xl1: 172.16.0.228.44405 > 128.6.231.102.5001: [|tcp] (DF) But iperf tell me that this connection is 24.4 Kbits/Sec. (more than 8Kbps) [root@beastie beastie]# iperf -c lss.rutgers.edu ------------------------------------------------------------ Client connecting to lss.rutgers.edu, TCP port 5001 TCP window size: 16.0 KByte (default) ------------------------------------------------------------ [ 3] local 172.16.0.228 port 44408 connected with 128.6.231.102 port 5001 [ 3] 0.0-16.1 sec 48.0 KBytes 24.4 Kbits/sec I'm expecting that iperf report it equal with the bandwidth that i assign to (me) queue pipe. Is there any thing wrong or i missed something here ??? Please help me regards Reza