From owner-freebsd-net@FreeBSD.ORG Sun Jun 29 15:45:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 66A851065673 for ; Sun, 29 Jun 2008 15:45:15 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by mx1.freebsd.org (Postfix) with ESMTP id EC6528FC19 for ; Sun, 29 Jun 2008 15:45:14 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-066-056-045.pools.arcor-ip.net [88.66.56.45]) by mrelayeu.kundenserver.de (node=mrelayeu8) with ESMTP (Nemesis) id 0ML31I-1KCz5V2JEy-0002Fw; Sun, 29 Jun 2008 17:45:13 +0200 Received: (qmail 19638 invoked from network); 29 Jun 2008 15:42:53 -0000 Received: from myhost.laiers.local (192.168.4.151) by ns1.laiers.local with SMTP; 29 Jun 2008 15:42:53 -0000 From: Max Laier Organization: FreeBSD To: .@babolo.ru Date: Sun, 29 Jun 2008 17:43:14 +0200 User-Agent: KMail/1.9.9 References: <1214651667.267043.71931.nullmailer@cicuta.babolo.ru> In-Reply-To: <1214651667.267043.71931.nullmailer@cicuta.babolo.ru> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200806291743.15021.max@love2party.net> X-Provags-ID: V01U2FsdGVkX1+D0T2TdD9LCzS+FUZXSxLcfOxojFyKBoYXoAO PPpv/Em/hfNN4MvykzoI1gXut9pi12zGtfbGXjfgr79zJ6WVGr Sser+kMLZbKt0OTU4jktw== Cc: freebsd-net@freebsd.org, Giulio Ferro , Alexandre Biancalana Subject: Re: altq on vlan X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2008 15:45:15 -0000 On Saturday 28 June 2008 13:14:27 .@babolo.ru wrote: > [ Charset ISO-8859-1 unsupported, converting... ] > > > On Friday 27 June 2008 18:57:59 Alexandre Biancalana wrote: > > > On 6/27/08, Max Laier wrote: > > > > You don't need a patch at all. What you do is: Queue on the > > > > physical interface, classify on the vlan interface. It is broken > > > > to allow ALTQ on a virtual interface if you can do it otherwise. > > > > > > > > in pf.conf speak: > > > > > > > > If you have "ifconfig vlanX vlandev bge0 ..." > > > > > > > > altq on bge0 .... queue { vlan0, vlan1, ... } > > > > queue vlan0 ... { vlan0_foo, vlan0_bar, ... } > > > > queue vlan0_foo > > > > queue vlan0_bar > > > > ... > > > > > > > > pass on vlanX ... queue vlanX_foobar > > > > > > > > And there you go. No patch - whatsoever - required here. > > > > > > But the patch simplify the cases where you need one queue per vlan. > > > > NO! It is just wrong! There is no relation between vlan queues on > > the same physical interface and thus you can't guarantee anything! > > Can we please stop with this nonsense and not bring up the patch > > every other month. > > Remember vlan anoter end. > > Vlan queues on the same physical interface has sense. > > Let see typical vlan use: > +--------+ 100M untagged vlan1 > | |--------------.. > +---------+ | | 100M untagged vlan2 > 1G | | 1G tagged | |---------------- > --------+ FreeBSD +------------+ switch | 100M untagged vlan3 > | | | |--------------.. > +---------+ | | 100M untagged vlanN > | |--------------- > +--------+ > > There is noting interesting in common queue on 1G physical interface, > the only right queues are that on vlans when number of > vlans < 10. > > More of that, sum traffic on 1G tagged intervace is limited > by incoming traffic from 1G external interface and > so common queue on 1G tagged interface is not > interesting even when number of vlans > 10. Sorry, but you are completely off track here. If you use one queue per vlan one vlan can easily DoS the rest, because once a packet has passed the queue in the vlan it falls into a common queue with all the others and - as you correctly point out - there is no guarantee that a 1G interface can really sent at 1G all the time. The vlan queues, however, will not get any feedback from the parent about it's real send speed. E.g. a vlan sending *a lot* of tiny packets will dominate the 1G link and thus DoS any other vlan that sends big packets. This you can prevent with a common queue. Now please ... let this die, it's stupid! -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News