From owner-freebsd-questions@FreeBSD.ORG Wed Apr 23 19:40:19 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EAB001065670 for ; Wed, 23 Apr 2008 19:40:19 +0000 (UTC) (envelope-from LukeD@pobox.com) Received: from sasl.smtp.pobox.com (a-sasl-fastnet.sasl.smtp.pobox.com [207.106.133.19]) by mx1.freebsd.org (Postfix) with ESMTP id A909E8FC14 for ; Wed, 23 Apr 2008 19:40:19 +0000 (UTC) (envelope-from LukeD@pobox.com) Received: from localhost.localdomain (localhost [127.0.0.1]) by a-sasl-fastnet.sasl.smtp.pobox.com (Postfix) with ESMTP id AF11732DC; Wed, 23 Apr 2008 15:40:18 -0400 (EDT) Received: from lukas.is-a-geek.org (pool-71-113-78-181.sttlwa.dsl-w.verizon.net [71.113.78.181]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-sasl-fastnet.sasl.smtp.pobox.com (Postfix) with ESMTP id C6F8F32DA; Wed, 23 Apr 2008 15:40:15 -0400 (EDT) Date: Wed, 23 Apr 2008 12:40:04 -0700 (PDT) From: Luke Dean X-X-Sender: lukas@border.lukas.is-a-geek.org To: Zbigniew Szalbot In-Reply-To: <0cffa49967a87486dca37f253a3c60b5@localhost> Message-ID: <20080423122105.E72531@border.lukas.is-a-geek.org> References: <0cffa49967a87486dca37f253a3c60b5@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-questions@freebsd.org Subject: Re: pf traffic shaping and perfomance X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Luke Dean List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2008 19:40:20 -0000 On Wed, 23 Apr 2008, Zbigniew Szalbot wrote: > > Hello, > > I would like to implement traffic shaping using pf. I know I need to > recompile kernel to be able to achieve this but I have a more general > question. I used to have pf with traffic shaping on a Pentium III 866 > before and as soon as I activated it, the http response of the box was > noticably slower. Here are the defs I used then: > > #altq on $ext_if cbq bandwidth 512Kb queue { def, smtp, udp, http, \ > #ssh, icmp } > #queue def bandwidth 13% cbq(default borrow red) > #queue smtp bandwidth 25% cbq(borrow red) priority 7 > #queue udp bandwidth 10% cbq(borrow red) > #queue http bandwidth 40% cbq(borrow red) > #queue ssh bandwidth 10% cbq(borrow red) > ##{ ssh_interactive, ssh_bulk } > ##queue ssh_interactive priority 7 > #queue ssh_bulk priority 0 > #queue icmp bandwidth 2% cbq > > It is quite possible that I misconfigured the shaping (as seen above). What > would be suggested traffic shaping rules to allow smooth mail operation > (smtp taking up to 40% of allowed bandwidth) and http responses? > > If that matters, uname -v > FreeBSD 7.0-RELEASE #0 > > > Many thanks in advance! I had the same problem with class-based queueing when I tried this. I suspect that the 512Kb in your initial queue definition is the limiting factor. I never did get it to work like I expected it to, however, so maybe I just don't understand it. Eventually I realized that I didn't actually want to chop up my bandwidth like this. What I really wanted to do was simply prioritize the traffic. The most important applications get first shot at the bandwidth, and the less important applications get choked when they need to be. I switched to priority queueing and I've been very happy with it. I'm sorry I can't help more with cbq, but unless you are able to make an accurate guess about how much bandwidth each class will really need to be using constantly, I think you'll find that you're reserving bandwidth unnecessarily. If your goal really is to cut down on your bandwidth usage, then please disregard this opinion.