Date: Mon, 28 May 2007 21:40:53 -0400 (EDT) From: "B. Cook" <bcook@poughkeepsieschools.org> To: freebsd-pf@freebsd.org Subject: multiple vlans and altq Message-ID: <60516.24.161.13.8.1180402853.squirrel@mail.poughkeepsieschools.org>
next in thread | raw e-mail | index | archive | help
I am trying to figure out the best way to do this, and I am quite confused about where I have to altq. I am sure that I am the source of my own confusion, but I can not seem to find anything to help myself. :) I have a new box that we would like to use to replace our aging router that currently does not do any traffic shaping. I am using a P4 2G box w/ 256MB and two em cards running FreeBSD 6.2-p5 and Dell PowerConnects. I have all the vlan interfaces setup, and routing properly in my test area; but I can not seem to figure out how to altq the vlans logically. The new router will have em0 as a /30 facing the provider and em1 will be setup with vlans. What I have is a 4mbit link symmetrical and what I would like to do is make one parent queue on the external interface (cbq). Then split that into three queues (25% servers(borrow), and 74% users and 1% other). And then split the users queue up into 4 queues 25% each that can also borrow. (this is inferred from the 'Building Firewalls with OpenBSD and PF: second edition (paper page211, pdf page225) The mental problem I am having is how do the vlans work with respect to the 4mbit link? As in how can I give all the vlan networks ethernet bandwith when going vlan to vlan? Do I want not want to do that? (this was the problem with our 3620 is that the vlans overwhelm the router when there is too much traffic) If I want to limit their upload ability to the Internet would I have to do that on each vlan interface? Or would I need a second altq rule on the other interface em1? Should I just let them have free run of the ethernet - as this pc can handle it? (I have also been reading the Absolute OpenBSD book from Michael Lucas, in which he uses an example of a dmznet, localnet and a t1. He subtracks the bandwidth of the t1 from the ethernet and makes a local queue of the difference of the two; I do not understand that. This is what got me confused and scared about all of this.) I am not sure if I am helping myself by out thinking myself, or making this harder on myself than it needs to be. Can anyone tell me how to do this? Or what I am thinking that is incorrect? I have something like 20+ vlans that will be going into each of the 4 users queues, so I really need to know what I'm missing and why I think this is so hard. Thank you greatly, - Confused
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60516.24.161.13.8.1180402853.squirrel>