packet shaping - borrow option not working?

Jayel Villamin jarthel at gmail.com
Sun Jan 28 12:25:11 UTC 2007 

I am currently downloading something via FTP (using socks). The socks
queue has been alloted 148Kbps. Without the queue, I can download up
to my max download speed (whatever is the max for a 512/128 Kbps DSL
connection). With the queue, download speed is averaging 157Kbps.

here's the screenshot of pfctl -s queue -vv =>
http://img260.imageshack.us/my.php?image=untitled1mr6.gif

I have looked at the PF FAQ in openbsd.org and I do not see any reason
why BORROW shouldn't be working.

your help is much appreciated.

thank you very much in advance

here's the conf file I used to disable the queues
============
-> cat /root/config/pass_all.conf
scrub all fragment reassemble

ext_if = "tun0"
sakaki_nic2 = "fxp1"

nat on $ext_if from $sakaki_nic2:network to any -> ($ext_if)

pass quick all
====================

here's my /etc/pf.conf
=====================
#copy to /etc
#########################################################################
#macros
##############################################
#interfaces
ext_if = "tun0"
sakaki_nic2_if = "fxp1"
loopback_if = "lo0"

##############################################
#ports
sakaki_nic2_if_in_tcp_to_others = "{ gmail_pop3 gmail_smtp chikka 5050 }"

tomo_only_voip = "{ 5060, 16384:16482 }"

#########################################################################
#Tables
table <osaka> persist { 192.168.0.2/32 }
table <tomo> persist { 192.168.0.3/32 }

#########################################################################
#PF options
set limit { frags 20000, states 20000 }
set loginterface $ext_if
set optimization normal
set block-policy drop

#########################################################################
#Scrub packets
scrub all reassemble tcp fragment reassemble

#########################################################################
#ALTQ
altq on $ext_if priq bandwidth 82Kb queue { q_default, q_ssh,
q_apache, q_udp, q_tcp_ack }
queue q_default priq (default)
queue q_ssh priority 3 priq(red)
queue q_apache priority 5
queue q_udp priority 12
queue q_tcp_ack priority 14

altq on $sakaki_nic2_if cbq bandwidth 100% queue { q2_out, q2_local }

queue q2_out bandwidth 452Kb { q2_out_socks, q2_out_default }
	queue q2_out_socks bandwidth 148Kb  cbq(borrow)
	queue q2_out_default bandwidth 304Kb cbq(default borrow)
queue q2_local bandwidth 97% cbq (red borrow)

#########################################################################
#NAT
#pass in quick on $ext_if inet proto udp from any port voip_proxy to
<tomo> keep state queue q_udp
nat on $ext_if from $sakaki_nic2_if:network to any -> ($ext_if)

#########################################################################
#Redirection
#rdr on $ext_if proto udp from any port voip_proxy -> <tomo>

rdr on $ext_if proto { tcp udp } from any to ($ext_if) port bittorrent
-> <osaka>

#########################################################################
#Packet filtering
##############################################
#Default block
block log all

##############################################
#Outbound rules for ext_if
pass out quick on $ext_if inet proto udp all keep state queue q_udp
pass out quick on $ext_if inet proto tcp all keep state queue
(q_default_out, q_tcp_ack)
pass out quick on $ext_if inet proto icmp all keep state

#Inbound rules for ext_if
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port
apache_squid flags S/SA keep state queue q_apache
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port ssh
flags S/SA keep state queue q_ssh
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port
ident flags S/SA keep state queue q_default

#for the redirect rules above
pass in quick on $ext_if inet proto { tcp udp} from any to <osaka>
port bittorrent flags S/SA keep state queue q_default

##############################################
#Inbound rules for sakaki_nic2_if
pass in quick on $sakaki_nic2_if proto udp from
$sakaki_nic2_if:network to ($sakaki_nic2_if) keep state queue q2_local

pass in quick on $sakaki_nic2_if proto tcp from
$sakaki_nic2_if:network to ($sakaki_nic2_if) port socks flags S/SA
keep state queue q2_out_socks
pass in quick on $sakaki_nic2_if proto tcp from
$sakaki_nic2_if:network to ($sakaki_nic2_if) port squid flags S/SA
keep state queue q2_out_default
pass in quick on $sakaki_nic2_if proto tcp from
$sakaki_nic2_if:network to any port $sakaki_nic2_if_in_tcp_to_others
flags S/SA keep state queue q2_out_default
pass in quick on $sakaki_nic2_if proto tcp from
$sakaki_nic2_if:network to ($sakaki_nic2_if) flags S/SA keep state
queue q2_local

#Outbound rules for sakaki_nic2_if
pass out quick on $sakaki_nic2_if all keep state queue q2_local

##############################################
#Allow loopback connections
pass quick on $loopback_if all

##############################################
#Antispoof all interfaces
antispoof log quick for { $ext_if, $sakaki_nic2_if }
===========================

More information about the freebsd-pf mailing list