Date: Thu, 22 Jul 2004 22:33:12 +0200 From: Max Laier <max@love2party.net> To: freebsd-current@freebsd.org Subject: Re: ALTQ and tun Message-ID: <200407222233.18787.max@love2party.net> In-Reply-To: <20040722200436.GM8753@mail.evip.pl> References: <20040722200436.GM8753@mail.evip.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_OSCABvJ9MlRlKPt
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Thursday 22 July 2004 22:04, Wiktor Niesiobedzki wrote:
> Hi,
>
> Recently I configured my DSL link to use pf+ALTQ instead of
> ipfw+DUMMYNET, but I encountered following problem:
> - no single packet wents through the ALTQ
>
> I guess, that I miss something very trival, but for checkout:
> pf.conf:
> iext_if=3D"tun0
> int_if=3D"dc0"
>
> altq on $ext_if priq queue {dc, ssh_interactive, ssh_bulk, other}
> queue dc priority 0
> queue ssh_interactive priority 15
> queue ssh_bulk priority 3
> queue other priority 7 priq(default)
>
> pass out on $ext_if proto tcp from any to any port 22 tos 0x10 queue
> ssh_interactive label ssh_inter pass out log on $ext_if proto tcp from any
> to any port 22 tos 0x08 queue ssh_bulk label ssh_bulk pass out log on
> $ext_if proto tcp from any to any port 22 queue ssh_interactive label
> ssh_inter2 pass out log on $ext_if proto tcp from any to any user dctc
> queue dc label dc_transfer #pass out on $ext_if inet proto tcp from
> ($ext_if) port 61412 to any queue dc label dc_transfer_port pass out on
> $ext_if proto tcp from krz.mine.nu port 61412 to any label dc_transfer_po=
rt
> pass in log on $ext_if proto tcp from any to ($ext_if) port
> {22,80,113,61412} label pass_in_tcp pass in log on $ext_if proto udp from
> any to ($ext_if) port 61412 label pass_in_udp pass in on $ext_if proto tcp
> from any to any port 4662 label pass_in_mule queue dc pass in on $ext_if
> proto udp from any to any port 4672 label pass_in_kad queue dc pass out l=
og
> on $ext_if proto { tcp, udp } all keep state label pass_out_all queue oth=
er
> pass out on $ext_if inet proto icmp all icmp-type {0,1,3,4,8,11,12} keep
> state pass in on $int_if all label pass_in_internal
> pass out on $int_if all label pass_out_internal queue other
>
> And for example:
> # pfctl -v -s rule
> [...]
> pass out log on tun0 proto tcp all keep state label "pass_out_all" queue
> other [ Evaluations: 25193 Packets: 855303 Bytes: 645597787 =20
> States: 13 ] pass out log on tun0 proto udp all keep state label
> "pass_out_all" queue other [ Evaluations: 3023 Packets: 10152 =20
> Bytes: 1222129 States: 2 ] [...]
>
> # pfctl -v -s queue
> queue dc priority 0
> [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: =
0
> ] [ qlength: 0/ 50 ]
> queue ssh_interactive priority 15
> [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: =
0
> ] [ qlength: 0/ 50 ]
> queue ssh_bulk priority 3
> [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: =
0
> ] [ qlength: 0/ 50 ]
> queue other priority 7 priq( default )
> [ pkts: 0 bytes: 0 dropped pkts: 0 bytes: =
0
> ] [ qlength: 0/ 50 ]
>
>
> Nothing. Just like ALTQ was not enabled, but then, how to enable it?
> Can someone point me out, what I am missing in my configuration?
Nothing. This is a problem in ALTQ activation. Please do the following:
1) # pfctl -d; pfctl -Fa; pfctl -ef /etc/pf.conf
Your queues should be working now.
2) Make sure to install the updated rc.d/pf script, which will "just do the=
=20
right thing"[tm].
3) A revised ALTQ API (which I haven't found to time to do, yet) will solve=
=20
this.
If the problem is persistent (which I don't think will be the case), please=
=20
report back.
=2D-=20
/"\ Best regards, | mlaier@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
--Boundary-02=_OSCABvJ9MlRlKPt
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQBBACSOXyyEoT62BG0RAnMoAJ0ePr85Pv787C0C4z+xNnkWxnxB6wCeJRQ9
zhc4pYlw7S7/CdeOuUtqpB0=
=hDKY
-----END PGP SIGNATURE-----
--Boundary-02=_OSCABvJ9MlRlKPt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200407222233.18787.max>