On Wed, 1 Nov 2017 13:22:03 +0000 Oliver Humpage <oli...@watershed.co.uk> wrote:
> Hello, > > I have an OpenBSD 6.2 router, set up in a test rig so there's no > traffic apart from my tests. It has vmx interfaces. $int_if is a vlan > on one of them. > > I have an issue where if a child queue has a different “max” from a > parent queue, the bandwidth is throttled down to much less than > either. Hi fellow adventurer in PF queuing :) I'd like authoritative, correct, field-tested answers to a number of questions related to PF queuing, but at the moment it appears there aren't any. pf.conf(5) doesn't say much, PF FAQ's chapter on queuing is in the attic for quite some time now: http://cvsweb.openbsd.org/cgi-bin/cvsweb/www/faq/pf/Attic/queueing.html So I guess it's you and me and maybe someone else on this list who will have to test and get those answers from those tests. I haven't yet get to do any tests on 6.2, but from my experience, the only way for queuing to work as expected is to set all three - declared, min and max bandwidth on parent, and all the child queues to the same value, where sum of child queues has to be less or equal to parent queue. Pay attention to the fact that only new states go to appropriate queues, so (from my experience) every ruleset change needs flushing of states (pfctl -F states). If you have NAT in the mix it complicates things further, and I think tagging packets inbound on internal interface, and queueing them on external interface by tags is the way to go. You will get different answers from different people regarding inbound (interface-wise) queuing - most people say it has no effect, but some people say it puts return traffic into appropriate queues, so it apparently does have effect. Go figure, and let me know if you do :) If you search misc@ list for my posts, you will find quite a number of rants regarding PF queuing. Not much useful info tho. Now, what I'd really like to know is, if I have let's say 4Mbit uplink, and 4x1Mbit declared queues (without min and max values), what is the logic of borrowing bandwidth from non-saturated queues. Because I can't for love of my life make any sense of it. That being said, all the alternatives to OpenBSD are worse. I guess we need to keep trying :) Regards, -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
