Date: Mon, 29 Jan 2007 18:11:43 -0200 From: "Gilberto Villani Brito" <linux@giboia.org> To: "FreeBSD (PF)" <freebsd-pf@freebsd.org> Subject: Re: packet shaping - borrow option not working? Message-ID: <6e6841490701291211w3629f918l228fdace6a9ef17c@mail.gmail.com> In-Reply-To: <b2d2a5270701280425m7658c5bah69229858f1c45514@mail.gmail.com> References: <b2d2a5270701280425m7658c5bah69229858f1c45514@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Try put q2_out like default:
altq on $sakaki_nic2_if cbq bandwidth 100% queue { q2_out, q2_local }
queue q2_out bandwidth 452Kb cbq(default) { q2_out_socks, q2_out_default }
queue q2_out_socks bandwidth 148Kb cbq(borrow)
queue q2_out_default bandwidth 304Kb cbq(borrow)
queue q2_local bandwidth 97% cbq (red borrow)
Gilberto
2007/1/28, Jayel Villamin <jarthel@gmail.com>:
> I am currently downloading something via FTP (using socks). The socks
> queue has been alloted 148Kbps. Without the queue, I can download up
> to my max download speed (whatever is the max for a 512/128 Kbps DSL
> connection). With the queue, download speed is averaging 157Kbps.
>
> here's the screenshot of pfctl -s queue -vv =>
> http://img260.imageshack.us/my.php?image=untitled1mr6.gif
>
> I have looked at the PF FAQ in openbsd.org and I do not see any reason
> why BORROW shouldn't be working.
>
> your help is much appreciated.
>
> thank you very much in advance
>
> here's the conf file I used to disable the queues
> ============
> -> cat /root/config/pass_all.conf
> scrub all fragment reassemble
>
> ext_if = "tun0"
> sakaki_nic2 = "fxp1"
>
> nat on $ext_if from $sakaki_nic2:network to any -> ($ext_if)
>
> pass quick all
> ====================
>
> here's my /etc/pf.conf
> =====================
> #copy to /etc
> #########################################################################
> #macros
> ##############################################
> #interfaces
> ext_if = "tun0"
> sakaki_nic2_if = "fxp1"
> loopback_if = "lo0"
>
> ##############################################
> #ports
> sakaki_nic2_if_in_tcp_to_others = "{ gmail_pop3 gmail_smtp chikka 5050 }"
>
> tomo_only_voip = "{ 5060, 16384:16482 }"
>
> #########################################################################
> #Tables
> table <osaka> persist { 192.168.0.2/32 }
> table <tomo> persist { 192.168.0.3/32 }
>
> #########################################################################
> #PF options
> set limit { frags 20000, states 20000 }
> set loginterface $ext_if
> set optimization normal
> set block-policy drop
>
> #########################################################################
> #Scrub packets
> scrub all reassemble tcp fragment reassemble
>
> #########################################################################
> #ALTQ
> altq on $ext_if priq bandwidth 82Kb queue { q_default, q_ssh,
> q_apache, q_udp, q_tcp_ack }
> queue q_default priq (default)
> queue q_ssh priority 3 priq(red)
> queue q_apache priority 5
> queue q_udp priority 12
> queue q_tcp_ack priority 14
>
> altq on $sakaki_nic2_if cbq bandwidth 100% queue { q2_out, q2_local }
>
> queue q2_out bandwidth 452Kb { q2_out_socks, q2_out_default }
> queue q2_out_socks bandwidth 148Kb cbq(borrow)
> queue q2_out_default bandwidth 304Kb cbq(default borrow)
> queue q2_local bandwidth 97% cbq (red borrow)
>
> #########################################################################
> #NAT
> #pass in quick on $ext_if inet proto udp from any port voip_proxy to
> <tomo> keep state queue q_udp
> nat on $ext_if from $sakaki_nic2_if:network to any -> ($ext_if)
>
> #########################################################################
> #Redirection
> #rdr on $ext_if proto udp from any port voip_proxy -> <tomo>
>
> rdr on $ext_if proto { tcp udp } from any to ($ext_if) port bittorrent
> -> <osaka>
>
> #########################################################################
> #Packet filtering
> ##############################################
> #Default block
> block log all
>
> ##############################################
> #Outbound rules for ext_if
> pass out quick on $ext_if inet proto udp all keep state queue q_udp
> pass out quick on $ext_if inet proto tcp all keep state queue
> (q_default_out, q_tcp_ack)
> pass out quick on $ext_if inet proto icmp all keep state
>
> #Inbound rules for ext_if
> pass in quick on $ext_if inet proto tcp from any to ($ext_if) port
> apache_squid flags S/SA keep state queue q_apache
> pass in quick on $ext_if inet proto tcp from any to ($ext_if) port ssh
> flags S/SA keep state queue q_ssh
> pass in quick on $ext_if inet proto tcp from any to ($ext_if) port
> ident flags S/SA keep state queue q_default
>
> #for the redirect rules above
> pass in quick on $ext_if inet proto { tcp udp} from any to <osaka>
> port bittorrent flags S/SA keep state queue q_default
>
> ##############################################
> #Inbound rules for sakaki_nic2_if
> pass in quick on $sakaki_nic2_if proto udp from
> $sakaki_nic2_if:network to ($sakaki_nic2_if) keep state queue q2_local
>
> pass in quick on $sakaki_nic2_if proto tcp from
> $sakaki_nic2_if:network to ($sakaki_nic2_if) port socks flags S/SA
> keep state queue q2_out_socks
> pass in quick on $sakaki_nic2_if proto tcp from
> $sakaki_nic2_if:network to ($sakaki_nic2_if) port squid flags S/SA
> keep state queue q2_out_default
> pass in quick on $sakaki_nic2_if proto tcp from
> $sakaki_nic2_if:network to any port $sakaki_nic2_if_in_tcp_to_others
> flags S/SA keep state queue q2_out_default
> pass in quick on $sakaki_nic2_if proto tcp from
> $sakaki_nic2_if:network to ($sakaki_nic2_if) flags S/SA keep state
> queue q2_local
>
> #Outbound rules for sakaki_nic2_if
> pass out quick on $sakaki_nic2_if all keep state queue q2_local
>
> ##############################################
> #Allow loopback connections
> pass quick on $loopback_if all
>
> ##############################################
> #Antispoof all interfaces
> antispoof log quick for { $ext_if, $sakaki_nic2_if }
> ===========================
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6e6841490701291211w3629f918l228fdace6a9ef17c>