PF+PRIQ

Michal Koblizek michal at dvorska.net
Thu Sep 7 14:02:56 CEST 2006

Previous message: RE: PF+PRIQ
Next message: Re: PF+PRIQ
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cizek.Milan wrote:
>>  Neslo by nekam vystavit odkaz na cely pf.conf? Tahle cast vypada v poradku.
>>  Nebo IP, login a heslo, ze bysme se na to podivali.
>>     
>
> Ahoj,
> tohle je cely pf.conf, nic vic tam schvalne nemam.
>
> Milan
>   
Ahoj,
tohle je moje QoS v ramci LAN a funguje docela dobre. Kdy to srovnam s 
tim Tvym, tak tobe tam chybi direktiva "quick", protoze jinak bere PF 
pouze posledni pravidlo ktere vyhovuje. Kdyz tam das quick, tak PF bere 
okamzite to pravidlo ktere vyhovuje...

iface0="wi0"

mail="{ smtp smtps pop3 pop3s imap imaps }"
data= "{ ftp ftps ftp-data ftps-data  }"
voip="{ 5060 }"
int="{ 27000:27390 16567 10000:10020 3784 3788 50050 }"

set optimization aggressive
scrub in all no-df random-id fragment reassemble
scrub out all no-df random-id fragment reassemble

altq on $iface0 priq bandwidth 2Mb queue { iface0_ssh, iface0_voip, 
iface0_int, iface0_web, iface0_mail, iface0_data, iface0_bulk }
    queue iface0_ssh priority 15 priq(red ecn)
    queue iface0_voip priority 13 priq
    queue iface0_int priority 11 priq
    queue iface0_mail priority 9 priq(red ecn)
    queue iface0_web priority 8 priq(red ecn)
    queue iface0_data priority 3 priq(red ecn)
    queue iface0_bulk priority 1 priq(red ecn default)

pass out quick on $iface0 inet proto tcp from any port ssh to any queue 
iface0_ssh
pass out quick on $iface0 inet proto tcp from any to any port ssh queue 
iface0_ssh
pass out quick on $iface0 inet proto udp from any port $voip to any 
queue iface0_voip
pass out quick on $iface0 inet proto udp from any to any port $voip 
queue iface0_voip
pass out quick on $iface0 inet proto icmp from any to any queue iface0_int
pass out quick on $iface0 inet proto udp from any port $int to any queue 
iface0_int
pass out quick on $iface0 inet proto udp from any to any port $int queue 
iface0_int
pass out quick on $iface0 inet proto { tcp,udp } from any port { 
http,https } to any queue iface0_web
pass out quick on $iface0 inet proto { tcp,udp } from any to any port { 
http,https } queue iface0_web
pass out quick on $iface0 inet proto { tcp,udp } from any port $mail to 
any queue iface0_mail
pass out quick on $iface0 inet proto { tcp,udp } from any to any port 
$mail queue iface0_mail
pass out quick on $iface0 inet proto { tcp,udp } from any port $data to 
any queue iface0_data
pass out quick on $iface0 inet proto { tcp,udp } from any to any port 
$data queue iface0_data
pass out on $iface0 from any to any queue iface0_bulk

Jeste poznamka k te rychlosti wi - mas tam 5 - podle mych mereni je 
realna rychlost wi v jednom smeru cca 4Mbit. Kdyz povolis na obou 
koncich spoje plnou rychlost a obe strany by opravdu zacaly naplno 
posilat, tak ten spoj stejne zahltis a QoS bude k nicemu. Ja to mam 
nastaveny na 2Mbit na kazde strane - je to sice pomalejsi, ale nikdy se 
to jeste nerozhodilo. Prip. me napada, ze by se to dalo udelat 
asymetricky, tj. na jeden konec 3Mbit a na druhej 1Mbit.

At se dari.
Michal

Previous message: RE: PF+PRIQ
Next message: Re: PF+PRIQ
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list