On 2022-02-18, Matthias Pressfreund wrote:
> On 2022-02-17 18:56, Stuart Henderson wrote:
>> On 2022-02-17, Matthias Pressfreund wrote:
>>> On a server with 3 LAN interfaces (re0/1/2):
>>> * re0 connected to the ISP
>>> * re1 connected to the internal network
>>> * re2 so far unused
>>>
>>> I was
On 2022-02-17 18:56, Stuart Henderson wrote:
> On 2022-02-17, Matthias Pressfreund wrote:
>> On a server with 3 LAN interfaces (re0/1/2):
>> * re0 connected to the ISP
>> * re1 connected to the internal network
>> * re2 so far unused
>>
>> I was setting up pf queues for bandwidth control as follow
On 2022-02-17, Matthias Pressfreund wrote:
> On a server with 3 LAN interfaces (re0/1/2):
> * re0 connected to the ISP
> * re1 connected to the internal network
> * re2 so far unused
>
> I was setting up pf queues for bandwidth control as follows:
> * one queue on re0 for outgoing traffic
> * anot
On a server with 3 LAN interfaces (re0/1/2):
* re0 connected to the ISP
* re1 connected to the internal network
* re2 so far unused
I was setting up pf queues for bandwidth control as follows:
* one queue on re0 for outgoing traffic
* another queue on re1 for incoming traffic
Now, I would like to
Hi,
while trying to implement queuing by service inside ipsec tunnel, by
tagging traffic first (both in ipsec.conf or enc0 in pf.conf) and then
setting queue by tag on outbound physical interface, I noticed that all
traffic ends up in same queue - the first one which starts queuing (not
default on
hi all. queueing question here ...
what i have is an openbsd 5.9 firewall with one physical external interface
and one physical internal interface. i have two vlans on the external
interface, each connecting to a different ISP. each ISP provides different
bandwidth.
in an attempt to provide a bit
Hi All,
Can anyone verify (based on my diagram below) if they have had success with
queuing IKEv2 return traffic from the "Server". I have been able to use
IKEv2 based tagging and doing it (as described in iked.conf(5)) when NAT-T
isn't used and when traffic is 'pass out' from the IKEv2 "Client",
Em 14-10-2015 11:15, lists escreveu:
> Hi Everyone,
>
> Under systat q, I see packets that are being dropped / trimmed by PF in
> my prioritized ack queue exceed my default queue. If I'm logged in and
> catch this happening I can usually identify the traffic which I don't
> want using that queue an
Hi Everyone,
Under systat q, I see packets that are being dropped / trimmed by PF in
my prioritized ack queue exceed my default queue. If I'm logged in and
catch this happening I can usually identify the traffic which I don't
want using that queue and add a match rule to pf.conf to push it into my
On Mon, Mar 9, 2015 at 4:51 AM, Henning Brauer wrote:
> * Daniel Melameth [2015-01-23 22:38]:
>> I noticed the following when downloading a large file:
>>
>> queue tcp_ack parent root on fxp0 bandwidth 2M qlimit 50
>> [ pkts: 289461 bytes: 15631434 dropped pkts: 16 bytes:864 ]
>
Hey,
* Daniel Melameth [2015-01-23 22:38]:
> I noticed the following when downloading a large file:
>
> queue tcp_ack parent root on fxp0 bandwidth 2M qlimit 50
> [ pkts: 289461 bytes: 15631434 dropped pkts: 16 bytes:864 ]
> [ qlength: 0/ 50 ]
> [ measured: 3660.9 packet
I noticed the following when downloading a large file:
queue tcp_ack parent root on fxp0 bandwidth 2M qlimit 50
[ pkts: 289461 bytes: 15631434 dropped pkts: 16 bytes:864 ]
[ qlength: 0/ 50 ]
[ measured: 3660.9 packets/s, 1.58Mb/s ]
While the number of dropped packets is v
HI Loïc,
just setting max does not work for me. I reached my intent with
queue root on alc0 bandwidth 600M, min 100M, max 100M default
pass out on alc0 inet from any to 192.168.2.2 flags S/SA set ( queue root )
Thank you for that insight!
On 12 August 2014 04:10, Loïc Blot wrote:
>
> Hi
Hi Raimundo,
please use max directive:
queue root on alc0 bandwidth 600M, max 500M
--
Best regards,
Loïc BLOT, Engineering
UNIX Systems, Security and Network Engineer
http://www.unix-experience.fr
Le mardi 12 août 2014 à 02:11 -0300, Raimundo Santos a écrit :
> Hello misc!
>
> I am with a v
Hello misc!
I am with a very non expected behaviour. With this simple pf.conf
# pfctl -vnf /etc/pf.conf
set skip on { lo }
queue root on alc0 bandwidth 600M default
pass out on alc0 all flags S/SA set ( queue root )
I got this queue output when running tcpbench in client mode
# pfctl -vvvsq
* Matt Carey [2014-07-15 03:18]:
> While trying to upgrade a pf ruleset from 5.4 to 5.5 and make use of the new
> queuing system, I'm running into an issue where the traffic isn't getting
> throttled to what I set for a max on a given queue.
>
> Below is the old ruleset that works well under 5.
While trying to upgrade a pf ruleset from 5.4 to 5.5 and make use of the new
queuing system, I'm running into an issue where the traffic isn't getting
throttled to what I set for a max on a given queue.
Below is the old ruleset that works well under 5.4:
altq on trunk0 bandwidth 9.70Mb hfsc queu
On Tue, Oct 23, 2007 at 02:10:43PM +0200, Henning Brauer wrote:
> * Brian <[EMAIL PROTECTED]> [2007-10-22 20:39]:
> > Joshua Smith wrote:
> > > Out of curiosity what are these two extremely rare cases?
> > [snip]
> >
> > One example off the top of my head (and ipsec.conf(5)) is the enc0
> > interf
* Brian <[EMAIL PROTECTED]> [2007-10-22 20:39]:
> Joshua Smith wrote:
> > Out of curiosity what are these two extremely rare cases?
> [snip]
>
> One example off the top of my head (and ipsec.conf(5)) is the enc0
> interface. You wouldn't set your state-policy to this, but each
> individual rule w
Joshua Smith wrote:
> Out of curiosity what are these two extremely rare cases?
[snip]
One example off the top of my head (and ipsec.conf(5)) is the enc0
interface. You wouldn't set your state-policy to this, but each
individual rule would use if-bound to prevent traffic from going out
your egres
On 10/19/07, Richard Wilson <[EMAIL PROTECTED]> wrote:
> altq on $ext_if cbq bandwidth 9.1Mb queue { adsl_up, sdsl_up }
> altq on $client_if cbq bandwidth 9.1Mb queue { adsl_dn, sdsl_dn }
You probably don't want to use cbq for clients, use hfsc instead.
Unless you enjoy complaints from clients who
Out of curiosity what are these two extremely rare cases?
Thanks,
-Josh
On 10/20/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> * Joshua Smith <[EMAIL PROTECTED]> [2007-10-20 13:05]:
> > Slightly OT, so feel free to move this to a new thread, but exactly
> > what would you use ifbound states to
* Joshua Smith <[EMAIL PROTECTED]> [2007-10-20 13:05]:
> Slightly OT, so feel free to move this to a new thread, but exactly
> what would you use ifbound states to achieve?
there are two extremely rare cases I am aware of, so the general rule
is: YOU DON'T.
--
Henning Brauer, [EMAIL PROTECTED],
Slightly OT, so feel free to move this to a new thread, but exactly
what would you use ifbound states to achieve?
Thanks,
Josh
On 10/20/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> * Joe Gibbens <[EMAIL PROTECTED]> [2007-10-20 02:03]:
> > As Sebastian pointed out, you will need to do some sta
* Joe Gibbens <[EMAIL PROTECTED]> [2007-10-20 02:03]:
> As Sebastian pointed out, you will need to do some state manipulation to
> apply your traffic flows to an up and down queue. You can also do this by
> setting your state-policy to be if-bound.
it is 'advice' like this that makes me wanna rem
As Sebastian pointed out, you will need to do some state manipulation to
apply your traffic flows to an up and down queue. You can also do this by
setting your state-policy to be if-bound.
On 10/19/07, Richard Wilson <[EMAIL PROTECTED]> wrote:
>
> n0g0013 wrote:
> > On 19.10-15:15, Richard Wilson
n0g0013 wrote:
> On 19.10-15:15, Richard Wilson wrote:
> [ ... ]
>> altq on $ext_if cbq bandwidth 9.1Mb queue { adsl_up, sdsl_up }
>> altq on $client_if cbq bandwidth 9.1Mb queue { adsl_dn, sdsl_dn }
>>
>> queue adsl_up bandwidth 256Kb cbq
>> queue adsl_dn bandwidth 2Mb cbq
>
> is there a reason t
On Fri, Oct 19, 2007 at 03:15:03PM +0100, Richard Wilson wrote:
> I appeal to the PF masters for some education on how to do something,
> because if I can't work out how to do it using PF, I'll have to do it
> with iptables. Eep!
[snip the details]
> That's about it really. If I can get it to wor
Richard Wilson([EMAIL PROTECTED]) on 2007.10.19 15:15:03 +:
> What I want to do:
> Provide 2Mb down/256Kb up ADSL-like service, contended at 20 to one.
> Provide 2Mb down/2Mb up SDSL-like service, contended at 10 to one.
> By contention, I mean that to take the ADSL as the example, each client
On 19.10-15:15, Richard Wilson wrote:
[ ... ]
> altq on $ext_if cbq bandwidth 9.1Mb queue { adsl_up, sdsl_up }
> altq on $client_if cbq bandwidth 9.1Mb queue { adsl_dn, sdsl_dn }
>
> queue adsl_up bandwidth 256Kb cbq
> queue adsl_dn bandwidth 2Mb cbq
is there a reason that these have no child que
I appeal to the PF masters for some education on how to do something,
because if I can't work out how to do it using PF, I'll have to do it
with iptables. Eep!
We are a small hosting company in a managed building, and we present
ADSL/SDSL-like service over ethernet to other companies in the buildi
31 matches
Mail list logo
