[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  M0n0wall Dev List <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  ipfw + ALTQ on 5.3
 Date:  Thu, 3 Feb 2005 12:30:46 -0500 
We have made an interesting discovery on pfSense and wanted to share
the outcome with you all since it may be of interest when moving to
FreeBSD 5.3.

It is not necessary to use PF rules to drive ALTQ with the recent
commit of IPFW/ALTQ code to FreeBSD 6-CURRENT.   With help from Chris
Dionissopoulos we compiled IPFW from FreeBSD 6-CURRENT and are now
using it with a FreeBSD 5.3 base system and kernel to drive the
Traffic Shaper!  It's been stable thus far, though we haven't done
widespread extensive testing yet.

Since we already use PF, you might be wondering why use a separate
mechanism for ALTQ rules.  We've found it much easier, and less likely
to cause problems and conflicts, to maintain a completely separate
ruleset for traffic shaping purposes.

Files needed for this are located at: http://pfsense.com/downloads/ipfw/

More information about the recent commit:  http://tinyurl.com/6p3g3

Here's a small snippet of the magic shaper wizard in action with ALTQ!

ipfw show
<<top snipped>>
50070   19   1554 allow altq qHighPri1Upload ip from any to any iplen
0-100 out via fxp0
50071    0      0 allow altq qHighPri1Upload udp from any to any
dst-port 53 out via fxp0
50072    0      0 allow altq qHighPri1Upload ah from any to any out via fxp0
50073  337  61568 allow altq qHighPri1Upload esp from any to any out via fxp0
50074    0      0 allow altq qHighPri1Upload gre from any to any out via fxp0
50075    0      0 allow altq qHighPri1Upload icmp from any to any out via fxp0
50076    0      0 allow altq qHighPri1Upload tcp from any to any iplen
0-80 tcpflags ack out via fxp0
50077    0      0 allow altq qHighPri1Upload ip from any to any out via fxp0
50078    2    168 allow altq qHighPri1Upload icmp from any to any in via fxp0
50079   61   4696 allow altq qHighPri1Upload ip from any to any iplen
0-100 in via fxp0
50080    0      0 allow altq qHighPri1Upload ah from any to any in via fxp0
50081  319  47404 allow altq qHighPri1Upload esp from any to any in via fxp0
50082    0      0 allow altq qHighPri1Upload gre from any to any in via fxp0
50083    5   1968 allow altq qHighPri1Upload ip from any to any in via fxp0
50083    0      0 allow altq qHighPri1Upload ip from any to any in via fxp0
50183  169  45112 allow ip from any to any

pfctl -sq
ALTQ:
queue qHighPri1Upload priority 15
queue qHighPri2Upload priority 13
queue qHighPri3Upload priority 11
queue qBulkUpload priority 4
queue qHatedUpload priority 3
queue qBulkDownload priority 2
queue qHatedDownload priq( default )
queue qHighPriDownloa priority 10

Regards,

Chris, on behalf of the pfSense developer team