I appeal to the PF masters for some education on how to do something,
because if I can't work out how to do it using PF, I'll have to do it
with iptables. Eep!

We are a small hosting company in a managed building, and we present
ADSL/SDSL-like service over ethernet to other companies in the building,
to capitalise on some of the spare capacity on our 10Mb leased line.

What I want to do:
Provide 2Mb down/256Kb up ADSL-like service, contended at 20 to one.
Provide 2Mb down/2Mb up SDSL-like service, contended at 10 to one.
By contention, I mean that to take the ADSL as the example, each client
should be guaranteed 100Kbps downstream, and 13Kbps upstream, but then
fights on an equal footing with everyone else in their group for the
remainder of the 2Mb/256Kb.

I have tried the following sort of configuration, but the clients never
seem to successfully borrow up to the capacity of their contention
block. I am aware that it is incomplete, lacks a default, etc, I'm just
trying to give an idea of what I've done with the DSL bits.

altq on $ext_if cbq bandwidth 9.1Mb queue { adsl_up, sdsl_up }
altq on $client_if cbq bandwidth 9.1Mb queue { adsl_dn, sdsl_dn }

queue adsl_up bandwidth 256Kb cbq
queue adsl_dn bandwidth 2Mb cbq

queue sdsl_up bandwidth 2Mb cbq
queue sdsl_dn bandwidth 2Mb cbq

queue adsl_client1_up bandwidth 13Kb cbq (borrow)
queue adsl_client1_dn bandwidth 100Kb cbq (borrow)
queue adsl_client2_up bandwidth 13Kb cbq (borrow)
queue adsl_client2_dn bandwidth 100Kb cbq (borrow)

queue sdsl_client1_up bandwidth 100Kb cbq (borrow)
queue sdsl_client1_dn bandwidth 100Kb cbq (borrow)
queue sdsl_client2_up bandwidth 100Kb cbq (borrow)
queue sdsl_client2_dn bandwidth 100Kb cbq (borrow)


#ADSL Clients
pass in on $client_if from $adsl_client1_net to any queue adsl_client1_up
pass out on $client_if from any to $adsl_client1_net queue adsl_client1_dn
pass in on $client_if from $adsl_client2_net to any queue adsl_client2_up
pass in on $client_if from any to $adsl_client2_net queue adsl_client2_dn

And so on, I don't need to waste your time with a huge email of slightly
different repeated lines :-)

That's about it really. If I can get it to work, I can persuade the boss
to let me keep running everything off OpenBSD. If not, I'll have to wrap
my head round iptables syntax, as apparently the boss 'Used to do it on
Red Hat and everything worked fine.' Eugh.

-- 

Richard 'Dave' Wilson
Systems Administrator

Senokian Solutions Ltd.
Business Innovation Centre,
Binley Business Park, Coventry,
United Kingdom
CV3 2TX
T: +44 (0)24 76 233 400
F: +44 (0)24 76 233 401

Reply via email to