From owner-freebsd-current@FreeBSD.ORG Thu Jul 22 20:35:27 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA0DF16A4CE for ; Thu, 22 Jul 2004 20:35:27 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.176]) by mx1.FreeBSD.org (Postfix) with ESMTP id 269B243D4C for ; Thu, 22 Jul 2004 20:35:27 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BnkHm-0000JP-00 for freebsd-current@freebsd.org; Thu, 22 Jul 2004 22:35:26 +0200 Received: from [84.128.139.174] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1BnkHl-0007UT-00 for freebsd-current@freebsd.org; Thu, 22 Jul 2004 22:35:26 +0200 From: Max Laier To: freebsd-current@freebsd.org Date: Thu, 22 Jul 2004 22:33:12 +0200 User-Agent: KMail/1.6.2 References: <20040722200436.GM8753@mail.evip.pl> In-Reply-To: <20040722200436.GM8753@mail.evip.pl> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_OSCABvJ9MlRlKPt"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200407222233.18787.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 Subject: Re: ALTQ and tun X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jul 2004 20:35:27 -0000 --Boundary-02=_OSCABvJ9MlRlKPt Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 22 July 2004 22:04, Wiktor Niesiobedzki wrote: > Hi, > > Recently I configured my DSL link to use pf+ALTQ instead of > ipfw+DUMMYNET, but I encountered following problem: > - no single packet wents through the ALTQ > > I guess, that I miss something very trival, but for checkout: > pf.conf: > iext_if=3D"tun0 > int_if=3D"dc0" > > altq on $ext_if priq queue {dc, ssh_interactive, ssh_bulk, other} > queue dc priority 0 > queue ssh_interactive priority 15 > queue ssh_bulk priority 3 > queue other priority 7 priq(default) > > pass out on $ext_if proto tcp from any to any port 22 tos 0x10 queue > ssh_interactive label ssh_inter pass out log on $ext_if proto tcp from any > to any port 22 tos 0x08 queue ssh_bulk label ssh_bulk pass out log on > $ext_if proto tcp from any to any port 22 queue ssh_interactive label > ssh_inter2 pass out log on $ext_if proto tcp from any to any user dctc > queue dc label dc_transfer #pass out on $ext_if inet proto tcp from > ($ext_if) port 61412 to any queue dc label dc_transfer_port pass out on > $ext_if proto tcp from krz.mine.nu port 61412 to any label dc_transfer_po= rt > pass in log on $ext_if proto tcp from any to ($ext_if) port > {22,80,113,61412} label pass_in_tcp pass in log on $ext_if proto udp from > any to ($ext_if) port 61412 label pass_in_udp pass in on $ext_if proto tcp > from any to any port 4662 label pass_in_mule queue dc pass in on $ext_if > proto udp from any to any port 4672 label pass_in_kad queue dc pass out l= og > on $ext_if proto { tcp, udp } all keep state label pass_out_all queue oth= er > pass out on $ext_if inet proto icmp all icmp-type {0,1,3,4,8,11,12} keep > state pass in on $int_if all label pass_in_internal > pass out on $int_if all label pass_out_internal queue other > > And for example: > # pfctl -v -s rule > [...] > pass out log on tun0 proto tcp all keep state label "pass_out_all" queue > other [ Evaluations: 25193 Packets: 855303 Bytes: 645597787 =20 > States: 13 ] pass out log on tun0 proto udp all keep state label > "pass_out_all" queue other [ Evaluations: 3023 Packets: 10152 =20 > Bytes: 1222129 States: 2 ] [...] > > # pfctl -v -s queue > queue dc priority 0 > [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: = 0 > ] [ qlength: 0/ 50 ] > queue ssh_interactive priority 15 > [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: = 0 > ] [ qlength: 0/ 50 ] > queue ssh_bulk priority 3 > [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: = 0 > ] [ qlength: 0/ 50 ] > queue other priority 7 priq( default ) > [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: = 0 > ] [ qlength: 0/ 50 ] > > > Nothing. Just like ALTQ was not enabled, but then, how to enable it? > Can someone point me out, what I am missing in my configuration? Nothing. This is a problem in ALTQ activation. Please do the following: 1) # pfctl -d; pfctl -Fa; pfctl -ef /etc/pf.conf Your queues should be working now. 2) Make sure to install the updated rc.d/pf script, which will "just do the= =20 right thing"[tm]. 3) A revised ALTQ API (which I haven't found to time to do, yet) will solve= =20 this. If the problem is persistent (which I don't think will be the case), please= =20 report back. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-02=_OSCABvJ9MlRlKPt Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBBACSOXyyEoT62BG0RAnMoAJ0ePr85Pv787C0C4z+xNnkWxnxB6wCeJRQ9 zhc4pYlw7S7/CdeOuUtqpB0= =hDKY -----END PGP SIGNATURE----- --Boundary-02=_OSCABvJ9MlRlKPt--