From owner-freebsd-net@FreeBSD.ORG Fri Jul 1 05:34:11 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 428CE106564A for ; Fri, 1 Jul 2011 05:34:11 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) by mx1.freebsd.org (Postfix) with ESMTP id D50CB8FC12 for ; Fri, 1 Jul 2011 05:34:10 +0000 (UTC) Received: from julian-mac.elischer.org (home-nat.elischer.org [67.100.89.137]) (authenticated bits=0) by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id p615L2Tg087358 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 30 Jun 2011 22:21:03 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <4E0D593B.7090206@freebsd.org> Date: Thu, 30 Jun 2011 22:20:59 -0700 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11 MIME-Version: 1.0 To: Michael MacLeod References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Bridging Two Tunnel Interfaces For ALTQ X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jul 2011 05:34:11 -0000 On 6/29/11 11:28 AM, Michael MacLeod wrote: > I use pf+ALTQ to achieve some pretty decent traffic shaping results at home. > However, recently signed up to be part of an IPv6 trial with my ISP, and > they've given me a second (dual-stacked) PPPoE login with which to test > with. The problem is that the second login lacks my static IP or my routed > /29. I can have both tunnels up simultaneously, but that becomes a pain to > traffic shape since I can't have them both assigned to the same ALTQ. > > ... unless there is some way for me to turn the ng interfaces (I'm using > mpd5) into ethernet interfaces that could be assigned to an if_bridge. I > could easily disable IPv4 on the IPv6 tunnel, which would clean up any > routing issues, assign both tunnels to the bridge, and put the ALTQ on the > bridge. It just might have the effect I'm looking for. Bonus points if the > solution can be extended to allow it to work with a gif tunnel as well, so > that users of 6in4 tunnels could use it (my ISPs IPv6 beta won't let me do > rDNS delegation, so I might want to try a tunnel from he.net instead). > > I spent some time this morning trying to make netgraph do this with the two > ng interfaces, but didn't have any luck. Google didn't turn up anyone trying > to do anything similar that I could find; closest I got was this: > http://lists.freebsd.org/pipermail/freebsd-net/2004-November/005598.html > > This is all assuming that the best way to use ALTQ on multiple outbound > connections is with a bridge. If there is another or more elegant solution, > I'd love to hear it. rather than trying to shoehorn ng into if_bridge, why not use the netgraph bridge itility, or maybe one of the many other netgraph nodes that can split traffic. fofr example the ng_bpf filter can filter traffic on an almost arbitrary manner that you program using the bpf filter language. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >