Write-up on the PF set prio option
Kristof Provost
kp at FreeBSD.org
Thu Sep 26 09:06:20 UTC 2019
On 26 Sep 2019, at 0:49, Justin Noor wrote:
> Hello community,
>
> I wrote some documentation about PF's 'set-prio' option, which is a
> quick-and-easy form of traffic shaping. It might be a good addition to
> Chapter 30 of the handbook on firewalls. Please let me know what you
> think.
> It's on my Github.
>
> https://github.com/justinnoor/freebsd-handbook-pf-prio
>
> <https://github.com/justinnoor/freebsd-handbook-pf-anchors>
> Thank you,
>
‘set prio’ does not do any actual traffic shaping. It can be used to
set the priority bits in a VLAN header, but it doesn’t prioritise
traffic in case of contention. Not in the FreeBSD machine anyway. It can
help the switch make better prioritisation decisions if it runs into
contended interfaces.
Also, it’s not possible to prioritise incoming packets. Traffic
shaping is in essence the art of throwing away the right packets. It’s
done when forwarding between a fast and a slow interface, and always to
the packets going from the fast to the slow interface. In the reverse
direction there’s no reason to drop packets. All of the packets coming
in from a slow interface will fit out the fast interface, so there’s
no need to drop any.
Regards,
Kristof
More information about the freebsd-doc
mailing list