Traffic mysteriously dropping

[Bill Marquette]

On 3/31/06, Christopher McGee <chris at xecu.net> wrote:
> A quick follow up since I realize I left out a little detail.  I have
> tried this on 5.4-RELEASE-p8 and 6.0-RELEASE-p6.  I've been trying to
> get altq working properly also, but it's been disabled until I work out
> the above problem.
>
> The problem I've had with altq is trying to implement hfsc on the 6.0
> firewall.  I thought it was a pretty simple configuration.  I want to
> limit outgoing traffic to 100Mbit/s and have one queue higher priority,
> with a guaranteed 3 Mb of bandwidth, and a second lower priority queue
> with no guaranteed bandwidth.  The 2 queues should share the 97Mb of
> spare bandwidth evenly when the firewalls are busy, and queue2 should
> not be allowed to exceed 95Mb ever.  This is what I put together but it
> errors:
>
> altq on $ext_if bandwidth 100Mb hfsc queue { queue1, queue2 }
> queue queue1 priority 3 hfsc(realtime 3Mb linkshare 50% default red)
> queue queue2 hfsc(upperlimit 95Mb linkshare 50% red)
>
> I get the following error:
> pfctl: the sum of the child bandwidth higher than parent "root_em0"

You've got two issues here.  The one causing the pfctl error is easy
to solve, you need to put a bandwidth keyword on the queue statement
(it can be 0Kb - it's ignored).  The second, is that priority and
linkshare are mutually exclusive.  If linkshare is in use, priority is
ignored.  Use one or the other.

--Bill