Date: Sun, 28 Jan 2007 22:55:10 +1030 From: "Jayel Villamin" <jarthel@gmail.com> To: freebsd-pf@freebsd.org Subject: packet shaping - borrow option not working? Message-ID: <b2d2a5270701280425m7658c5bah69229858f1c45514@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I am currently downloading something via FTP (using socks). The socks queue has been alloted 148Kbps. Without the queue, I can download up to my max download speed (whatever is the max for a 512/128 Kbps DSL connection). With the queue, download speed is averaging 157Kbps. here's the screenshot of pfctl -s queue -vv => http://img260.imageshack.us/my.php?image=untitled1mr6.gif I have looked at the PF FAQ in openbsd.org and I do not see any reason why BORROW shouldn't be working. your help is much appreciated. thank you very much in advance here's the conf file I used to disable the queues ============ -> cat /root/config/pass_all.conf scrub all fragment reassemble ext_if = "tun0" sakaki_nic2 = "fxp1" nat on $ext_if from $sakaki_nic2:network to any -> ($ext_if) pass quick all ==================== here's my /etc/pf.conf ===================== #copy to /etc ######################################################################### #macros ############################################## #interfaces ext_if = "tun0" sakaki_nic2_if = "fxp1" loopback_if = "lo0" ############################################## #ports sakaki_nic2_if_in_tcp_to_others = "{ gmail_pop3 gmail_smtp chikka 5050 }" tomo_only_voip = "{ 5060, 16384:16482 }" ######################################################################### #Tables table <osaka> persist { 192.168.0.2/32 } table <tomo> persist { 192.168.0.3/32 } ######################################################################### #PF options set limit { frags 20000, states 20000 } set loginterface $ext_if set optimization normal set block-policy drop ######################################################################### #Scrub packets scrub all reassemble tcp fragment reassemble ######################################################################### #ALTQ altq on $ext_if priq bandwidth 82Kb queue { q_default, q_ssh, q_apache, q_udp, q_tcp_ack } queue q_default priq (default) queue q_ssh priority 3 priq(red) queue q_apache priority 5 queue q_udp priority 12 queue q_tcp_ack priority 14 altq on $sakaki_nic2_if cbq bandwidth 100% queue { q2_out, q2_local } queue q2_out bandwidth 452Kb { q2_out_socks, q2_out_default } queue q2_out_socks bandwidth 148Kb cbq(borrow) queue q2_out_default bandwidth 304Kb cbq(default borrow) queue q2_local bandwidth 97% cbq (red borrow) ######################################################################### #NAT #pass in quick on $ext_if inet proto udp from any port voip_proxy to <tomo> keep state queue q_udp nat on $ext_if from $sakaki_nic2_if:network to any -> ($ext_if) ######################################################################### #Redirection #rdr on $ext_if proto udp from any port voip_proxy -> <tomo> rdr on $ext_if proto { tcp udp } from any to ($ext_if) port bittorrent -> <osaka> ######################################################################### #Packet filtering ############################################## #Default block block log all ############################################## #Outbound rules for ext_if pass out quick on $ext_if inet proto udp all keep state queue q_udp pass out quick on $ext_if inet proto tcp all keep state queue (q_default_out, q_tcp_ack) pass out quick on $ext_if inet proto icmp all keep state #Inbound rules for ext_if pass in quick on $ext_if inet proto tcp from any to ($ext_if) port apache_squid flags S/SA keep state queue q_apache pass in quick on $ext_if inet proto tcp from any to ($ext_if) port ssh flags S/SA keep state queue q_ssh pass in quick on $ext_if inet proto tcp from any to ($ext_if) port ident flags S/SA keep state queue q_default #for the redirect rules above pass in quick on $ext_if inet proto { tcp udp} from any to <osaka> port bittorrent flags S/SA keep state queue q_default ############################################## #Inbound rules for sakaki_nic2_if pass in quick on $sakaki_nic2_if proto udp from $sakaki_nic2_if:network to ($sakaki_nic2_if) keep state queue q2_local pass in quick on $sakaki_nic2_if proto tcp from $sakaki_nic2_if:network to ($sakaki_nic2_if) port socks flags S/SA keep state queue q2_out_socks pass in quick on $sakaki_nic2_if proto tcp from $sakaki_nic2_if:network to ($sakaki_nic2_if) port squid flags S/SA keep state queue q2_out_default pass in quick on $sakaki_nic2_if proto tcp from $sakaki_nic2_if:network to any port $sakaki_nic2_if_in_tcp_to_others flags S/SA keep state queue q2_out_default pass in quick on $sakaki_nic2_if proto tcp from $sakaki_nic2_if:network to ($sakaki_nic2_if) flags S/SA keep state queue q2_local #Outbound rules for sakaki_nic2_if pass out quick on $sakaki_nic2_if all keep state queue q2_local ############################################## #Allow loopback connections pass quick on $loopback_if all ############################################## #Antispoof all interfaces antispoof log quick for { $ext_if, $sakaki_nic2_if } ===========================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b2d2a5270701280425m7658c5bah69229858f1c45514>