openBSD alt-Q weard isue.
hello, again. xD
1st, happy new year to you all.
2nd, i was experimenting again with alt-q on my openBSD box.
the traffic shaping from internet to lan works like a sharm.
but the trafic shapping from the lan to internet goes wrong.
every user gets the default queuing, what is 128Kbit.
i posten my pf.conf below.
i hope other BSD users who got alt-q working can help me with it.
refering to the man pages on openBSD did not solve my problem.
######## START CONFIG ##########
#
ext_if = "fxp0"
int_if = "rl0"
#
local_net = "192.168.0.0/24"
ssh_im_dns_ports = "{ 22,65530,1863,5190,5222,53 }"
# machines
a6000_lan = "192.168.0.224/32"
a6000_wifi = "192.168.0.225/32"
duocore_lan = "192.168.0.242/32"
duocore_wifi = "192.168.0.243/32"
#
megazeul = "192.168.0.234/32"
server2 = "192.168.0.254/32"
#
iphone_ton = "192.168.0.244/32"
iphone_frans = "192.168.0.247/32"
table <desktop> { $server2, $megazeul, $duocore_lan, $duocore_wifi, $a6000_lan, $a6000_wifi, $iphone_ton, $iphone_frans }
#
notebook_jolien = "192.168.0.235/32"
wii_jolien = "192.168.0.250/32"
table <jolien> { $wii_jolien, $notebook_jolien }
#
set block-policy return
set loginterface $ext_if
set limit { frags 5000, states 2500 }
set state-policy if-bound
set optimization high-latency
set skip on lo
#
scrub in on $ext_if all fragment reassemble min-ttl 15 max-mss 1400
scrub in on $ext_if all no-df
scrub on $ext_if all reassemble tcp
#
# intern -> extern
altq on $ext_if cbq bandwidth 1024Kb queue { std_ext, desktop_ext, jolien_ext }
queue std_ext bandwidth 128Kb cbq(default)
queue desktop_ext bandwidth 832Kb cbq
queue jolien_ext bandwidth 64Kb cbq
#
# extern -> intern
altq on $int_if cbq bandwidth 10240Kb queue { std_int, desktop_int, ssh_im_dns_int, jolien_int }
queue std_int bandwidth 256Kb cbq(default)
queue ssh_im_dns_int bandwidth 256Kb cbq
queue desktop_int bandwidth 7680Kb cbq
queue jolien_int bandwidth 2048Kb cbq
#
nat on $ext_if from $int_if:network to any -> ($ext_if)
block on { $ext_if, $int_if } all
#
antispoof for $ext_if inet
#
# intern -> extern
pass out quick on $ext_if from <jolien> to any flags S/SA keep state queue jolien_ext
pass out quick on $ext_if from <desktop> to any flags S/SA keep state queue desktop_ext
pass out quick on $ext_if from any to any flags S/SA keep state queue std_ext
#
# extern -> intern
pass in quick on $int_if proto { tcp udp } from any to any port $ssh_im_dns_ports flags S/SA keep state queue ssh_im_dns_int
pass in quick on $int_if from <desktop> to any flags S/SA keep state queue desktop_int
pass in quick on $int_if from <jolien> to any flags S/SA keep state queue jolien_int
pass in quick on $int_if from any to any flags S/SA keep state queue std_int
#
########## END CONFIG ############
|