pf.conf + altq problem
Muhammad Reza
beastie at mra.co.id
Wed Oct 11 21:16:15 PDT 2006
Dear list.
My pf.conf not working.
I have pf in bridge machine with xl2 to internet firewall and xl1 to
internal switch. Bridging is ok.
This my simple pf.conf
me="172.16.0.228"
altq on xl1 bandwidth 100% cbq queue {me,dflt}
queue me bandwidth 8Kb
queue dflt bandwidth 16Kb cbq (default)
block log on {xl1,xl2} all
pass out log on xl1 from $me to any keep state
pass log on xl2 from $me to any keep state queue (me)
This rule is match when i try to connect to iperf server
# tcpdump -nett -i pflog0 | grep 172.16.0.228
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0, link-type PFLOG
1160655756.150048 rule 3/(match) pass in on xl2: 172.16.0.228.44405 >
128.6.231.102.5001: [|tcp] (DF)
1160655756.150059 rule 2/(match) pass out on xl1: 172.16.0.228.44405 >
128.6.231.102.5001: [|tcp] (DF)
But iperf tell me that this connection is 24.4 Kbits/Sec. (more than
8Kbps)
[root at beastie beastie]# iperf -c lss.rutgers.edu
------------------------------------------------------------
Client connecting to lss.rutgers.edu, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[ 3] local 172.16.0.228 port 44408 connected with 128.6.231.102 port
5001
[ 3] 0.0-16.1 sec 48.0 KBytes 24.4 Kbits/sec
I'm expecting that iperf report it equal with the bandwidth that i
assign to (me) queue pipe.
Is there any thing wrong or i missed something here ???
Please help me
regards
Reza
More information about the freebsd-net
mailing list