From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 04:04:28 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id ACB4C16A4D1; Thu, 16 Sep 2004 04:04:28 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 46535 invoked by uid 1005); 25 May 2004 23:52:28 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 46532 invoked from network); 25 May 2004 23:52:27 -0000 Received: from moutng.kundenserver.de (212.227.126.171) by pd9e39dcc.dip.t-dialin.net with SMTP; 25 May 2004 23:52:27 -0000 Received: from [212.227.126.147] (helo=mxng04.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSlik-00011b-00 for max@vampire.homelinux.org; Wed, 26 May 2004 01:52:34 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng04.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSlik-0007gv-00 for max@love2party.net; Wed, 26 May 2004 01:52:34 +0200 Received: from localhost (localhost [127.0.0.1])ESMTP id D642272C81B; Tue, 25 May 2004 18:35:30 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30657-36; Tue, 25 May 2004 18:35:30 -0500 (EST) Received: from turing (localhost [127.0.0.1])ESMTP id 16C3E72C821; Tue, 25 May 2004 18:35:30 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Tue, 25 May 2004 18:35:15 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from localhost (localhost [127.0.0.1])ESMTP id 3F4C872C81B for ; Tue, 25 May 2004 18:35:15 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30790-14 for ; Tue, 25 May 2004 18:35:15 -0500 (EST) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.185])ESMTP id 949E772C77B for ; Tue, 25 May 2004 18:35:14 -0500 (EST) Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSliR-0006SA-00; Wed, 26 May 2004 01:52:15 +0200 Received: from [217.227.157.204] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1BSliR-0002Uf-00; Wed, 26 May 2004 01:52:15 +0200 From: Max Laier To: pf4freebsd@freelists.org User-Agent: KMail/1.6.2 References: <40B2DAD4.2040005@computeraddictions.com.au> <200405252226.36338.max@love2party.net> <20040525222907.GA760@arthur.nitro.dk> In-Reply-To: <20040525222907.GA760@arthur.nitro.dk> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_Px9sAzm5FRcB+ak"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405260152.47898.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:e28873fbe4dbe612ce62ab869898ff08 X-Virus-Scanned: by amavisd-new at freelists.org X-archive-position: 312 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: max@love2party.net Precedence: normal X-list: pf4freebsd X-Virus-Scanned: by amavisd-new at freelists.org X-Provags-Forward: max@love2party.net -> max@vampire.homelinux.org X-UID: 428 X-Length: 7778 X-Mailman-Approved-At: Thu, 16 Sep 2004 04:06:09 +0000 cc: "Simon L. Nielsen" Subject: [pf4freebsd] Re: Maturity of this port? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 04:04:28 -0000 X-Original-Date: Wed, 26 May 2004 01:52:40 +0200 X-List-Received-Date: Thu, 16 Sep 2004 04:04:28 -0000 --Boundary-02=_Px9sAzm5FRcB+ak Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 26 May 2004 00:29, Simon L. Nielsen wrote: > On 2004.05.25 22:26:29 +0200, Max Laier wrote: > > On Tuesday 25 May 2004 08:09, Ryan Verner wrote: > > > Do update the webpage; I found the commit in freebsd's cvs tree > > > > Ya, that's a weak spot. I dislike (read hate) HTML with a passion and > > just hacked the "pf homepage" together to have something. No actual > > maintaining ever since. I really have to do something about it. > > If you write the content I don't mind doing the markup.. It could also > be put on the main FreeBSD website, if you like. This is great news, you will be hearing from me. Thanks for the offer! > > > I can certainly test it on my own connections, but I'm looking to > > > replace production-use OpenBSD shapers, and any downtime is a big no-= no > > > (in short, wireless ISP, many customers). I think I'll look further > > > into this project for my intended task once ALTQ matures and reaches > > > the base system; any idea how long that would be? > > > > That depends largely on how much (positive) feeback I get on the patche= s. > > I have limited testing capabilities and won't release this untested to > > the world. If I get some promising results *soon* - including successful > > tests on SMP boxes and possibly GigE NICs (just ask me to mod' the > > drivers if you can't to it yourself) - I will try to get it in before > > 5.3R. The import of pf 3.5 will happen before 5.3R in any case. > > Do you have any specific things that should be tested, or just I just do > a simple ruleset and see if it blows up ? > > I can probably "abuse" a few of the test servers at work which is both > SMP and GigE (em/bge based). I hope to have time to do that sometime > this week. I have put both up-to-date em and bge patches on the site. em(4) extracted= =20 from Pyun YongHyeon's post to the ALTQ-ML and bge(4) from the rofug.ro=20 patchset. If possible test all the tree major disciplines (PRIQ, CBQ and HFSC) with a= =20 fully open pipe (i.e. bandwidth =3D 1Gb) and a fairly restricted (child) qu= eue.=20 Push some traffic through and see if you get the bandwidth you asked for=20 (mind you that pf takes *BIT not *BYTE). Best test scenario is something like: Server1(ALTQ) ---[switch]------ Client1 | +---------- Client2 On Server1 you have a full default queue (=3D1Gb or a bit less) and a small= er=20 child queue[1]. Then you make the the big one the default and force traffic= =20 to Client2 through the small one[2]. Then start a download from both client= s.=20 If that works well (check $pfctl -vvsq output to see dropping in effect) yo= u=20 should redefine the small queue to borrow from the parent[3]. With that in= =20 effect you start a singel download from Client2 (where you should have full= =20 speed now). Then if that works as it should you start downloading from=20 Client1 again and should have the same situation as before (w/o borrow in=20 place). [1] altq on $ext_if bandwidth 1Gb cbq queue { dflt } queue dflt bandwidth 100% cbq(default) { small } queue small bandwidth 5% cbq [2] pass out on $ext_if from any to client2 queue small [3] queue small bandwidth 5% cbq(borrow) NOTE: Always disable and reenable pf after changing altqs or they will not = be=20 setup properly: $ pfctl -Fa -d; pfctl -ef pf.conf =2D-=20 Best regards, | mlaier@freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier@EFnet --Boundary-02=_Px9sAzm5FRcB+ak Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAs9xPXyyEoT62BG0RAiSHAJ0cSysYU4j7bv7drMvEkPFOED5jagCfSFO9 Yrz3G6jLU8rJ8KH+SnBbsH4= =qQUe -----END PGP SIGNATURE----- --Boundary-02=_Px9sAzm5FRcB+ak--