From owner-freebsd-pf@FreeBSD.ORG Tue May 29 05:20:31 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7CC3316A4D6 for ; Tue, 29 May 2007 05:20:31 +0000 (UTC) (envelope-from jsimola@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247]) by mx1.freebsd.org (Postfix) with ESMTP id 3C7B313C458 for ; Tue, 29 May 2007 05:20:31 +0000 (UTC) (envelope-from jsimola@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so552223anc for ; Mon, 28 May 2007 22:20:30 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Qq9f80X+t5HqFcISerrxdSFSrDY67NbFBtTLOV7KIu0jxXCPkZM8Zrpx8xveh4jOAw3uGJ4YZmRMOInHpyTLM+xSoFmwUBZB00KZxEW3AgWbhIWZtXF2+e9w6CMsG2/tW4V7aSgeiMxNx9lm7fWsiJdq9o1rfhBfMeI40TtkzMU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=SFQHZnBpZ1JtB5k4rA8S441n5sTiY328X8FqY2qUxwX/I7RYYteF8CvFqMGNNBOUc5Fj8NzzW5JwpVul2LqMuiPA6a19cnjkeTnMjak0Rz4aZN7B5Z3WzXNyilFa+0FDaDsGABSeMR/TwbF7vmd1lKUjgiRSm5bVCXHAQn647qI= Received: by 10.100.32.1 with SMTP id f1mr4947080anf.1180416030560; Mon, 28 May 2007 22:20:30 -0700 (PDT) Received: by 10.100.9.9 with HTTP; Mon, 28 May 2007 22:20:30 -0700 (PDT) Message-ID: <8eea04080705282220w53d84caao521ef94dfb6cf431@mail.gmail.com> Date: Mon, 28 May 2007 22:20:30 -0700 From: "Jon Simola" To: "B. Cook" In-Reply-To: <60516.24.161.13.8.1180402853.squirrel@mail.poughkeepsieschools.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <60516.24.161.13.8.1180402853.squirrel@mail.poughkeepsieschools.org> Cc: freebsd-pf@freebsd.org Subject: Re: multiple vlans and altq X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 May 2007 05:20:31 -0000 On 5/28/07, B. Cook wrote: > The new router will have em0 as a /30 facing the provider and em1 will be > setup with vlans. You have to queue on the parent interface for the vlans, em1. > What I have is a 4mbit link symmetrical and what I would like to do is > make one parent queue on the external interface (cbq). Then split that > into three queues (25% servers(borrow), and 74% users and 1% other). And > then split the users queue up into 4 queues 25% each that can also borrow. You probably want queues on both interfaces. Traffic can only be shaped as it leaves an interface. So downloads will be queued on em1 (out to the clients) and uploads are queued on em0 at 4Mbit (out to the internet). Because em1 is a LAN, you actually have 100Mbit (or 1000, or 10) that can exit the router on that interface. The max that can come into the router on em0 is 4Mbit, so you want to queue that same traffic to 4Mbit as it leaves the router into your vlans on em1. The rest of the link speed available on em1 can be used for inter-vlan routing. > The mental problem I am having is how do the vlans work with respect to > the 4mbit link? As in how can I give all the vlan networks ethernet > bandwith when going vlan to vlan? Do I want not want to do that? That's up to you. It might help to visualize the router as having 21 interfaces (your 20 vlans plus the external em0). Using a seperate queue for each tuple of [inbound interface, outbound interface] is easy to understand. The only problem might be the 400 queues required (imagine each queue as a one-way water pipe). The other extreme would require 3 queues to address all of your concerns: 1. Traffic headed to the internet leaving on em0 (4Mbit) 2. Traffic from the internet going to servers/clients on em1 (4Mbit) 3. Inter-vlan traffic (Link speed of em1 minus the 4Mbit already used in 2) > (I have also been reading the Absolute OpenBSD book from Michael Lucas, in > which he uses an example of a dmznet, localnet and a t1. He subtracks the > bandwidth of the t1 from the ethernet and makes a local queue of the > difference of the two; I do not understand that. This is what got me > confused and scared about all of this.) Explained above, number 3 in the three queue example. > I am not sure if I am helping myself by out thinking myself, or making > this harder on myself than it needs to be. > > I have something like 20+ vlans that will be going into each of the 4 > users queues, so I really need to know what I'm missing and why I think > this is so hard. PF is a very flexible tool with a broad range of applications. What it can do is an awful lot more than what most people probably need it to do. -- Jon