cbq: adds red by default?

B. Cook bcook at poughkeepsieschools.org
Sun Jun 3 22:23:45 UTC 2007 

I am trying to create rules to filter traffic up and down for the place
where I work.

My syntax seems to be correct, as they pass pfctl -vvvvvnf , but after
looking at the rules I wrote, and what pf will interpret them as; I am a
little confused.

on my children queue's most of them are set to borrow and to do ecn.  As
most of my machines are newer FreeBSD 6.2 machines, and a random
sprinkling of Linux machines.  I can not find specific documentation that
says that FreeBSD 6.2 supports ecn, I am hoping that it does.

what I see when I look at the commands parsed by pfctl is that where I wrote:

cbq(ecn borrow)

that it has replaced it with:

cbq( red ecn borrow )

and I can not find things in the pf.conf man page telling me why it does
that :)

Below are my rules after being seen by pfctl:

 [~]# 44 > pfctl -vvvvvonf bsd-pf.conf | cat -n
     1  altq on fxp0 cbq bandwidth 4Mb tbrsize 6000 queue { qUbsd
qUschools qUothers }
     2  queue qUbsd bandwidth 25% priority 6 cbq( red ecn borrow ) { qUack
qUdns qUssh qUmail qUwww }
     3  queue qUack bandwidth 1% priority 6 cbq( red ecn borrow )
     4  queue qUdns bandwidth 1% priority 5 cbq( red ecn borrow )
     5  queue qUssh bandwidth 2% priority 4 cbq( red ecn borrow ) {
qUssh_int qUssh_bulk }
     6  queue qUssh_int bandwidth 50% priority 7 cbq( borrow )
     7  queue qUssh_bulk bandwidth 50% priority 0 cbq( borrow )
     8  queue qUwww bandwidth 1% priority 3 cbq( red ecn borrow )
     9  queue qUmail bandwidth 1% priority 2 cbq( red ecn borrow )
    10  queue qUschools bandwidth 74% priority 5 cbq( red ecn ) {
qUschool1 qUschool2 qUschool3 }
    11  queue qUothers bandwidth 1% priority 4 cbq( default )
    12  queue qUschool1 bandwidth 25% priority 5 cbq( red ecn ) { qUevan
qUfiero qUbram qUdon }
    13  queue qUschool2 bandwidth 25% priority 5 cbq( red ecn ) { qUrhw
qUsears qUeagle qUpnr qUlds qUshea }
    14  queue qUschool3 bandwidth 25% priority 5 cbq( red ecn ) { qUvhwifi
qUvhweb qUvhmail }
    15  queue qUevan bandwidth 25% priority 6 cbq( red ecn borrow )
    16  queue qUfiero bandwidth 25% priority 6 cbq( red ecn borrow )
    17  queue qUbram bandwidth 25% priority 5 cbq( red ecn borrow )
    18  queue qUdon bandwidth 25% priority 3 cbq( red ecn borrow )
    19  queue qUrhw bandwidth 5% priority 6 cbq( red ecn borrow )
    20  queue qUsears bandwidth 5% priority 5 cbq( red ecn borrow )
    21  queue qUeagle bandwidth 5% priority 4 cbq( red ecn borrow )
    22  queue qUpnr bandwidth 5% priority 3 cbq( red ecn borrow )
    23  queue qUlds bandwidth 5% priority 3 cbq( red ecn borrow )
    24  queue qUshea bandwidth 5% priority 3 cbq( red ecn borrow )
    25  queue qUvhwifi bandwidth 5% priority 6 cbq( red ecn borrow )
    26  queue qUvhweb bandwidth 5% priority 5 cbq( red ecn borrow )
    27  queue qUvhmail bandwidth 5% priority 4 cbq( red ecn borrow )
    28  altq on plip0 cbq bandwidth 4Mb tbrsize 6000 queue { qDbsd
qDschools qDothers }
    29  queue qDbsd bandwidth 25% priority 6 cbq( red ecn borrow ) { qDack
qDdns qDssh qDmail qDwww }
    30  queue qDack bandwidth 1% priority 6 cbq( red ecn borrow )
    31  queue qDdns bandwidth 1% priority 5 cbq( red ecn borrow )
    32  queue qDssh bandwidth 2% priority 4 cbq( red ecn borrow ) {
qDssh_int qDssh_bulk }
    33  queue qDssh_int bandwidth 50% priority 7 cbq( borrow )
    34  queue qDssh_bulk bandwidth 50% priority 0 cbq( borrow )
    35  queue qDwww bandwidth 1% priority 3 cbq( red ecn borrow )
    36  queue qDmail bandwidth 1% priority 2 cbq( red ecn borrow )
    37  queue qDschools bandwidth 74% priority 5 cbq( red ecn ) {
qDschool1 qDschool2 qDschool3 }
    38  queue qDothers bandwidth 1% priority 4 cbq( default )
    39  queue qDschool1 bandwidth 25% priority 5 cbq( red ecn ) { qDevan
qDfiero qDbram qDdon }
    40  queue qDschool2 bandwidth 25% priority 5 cbq( red ecn ) { qDrhw
qDsears qDeagle qDpnr qDlds qDshea }
    41  queue qDschool3 bandwidth 25% priority 5 cbq( red ecn ) { qDvhwifi
qDvhweb qDvhmail }
    42  queue qDevan bandwidth 25% priority 6 cbq( red ecn borrow )
    43  queue qDfiero bandwidth 25% priority 6 cbq( red ecn borrow )
    44  queue qDbram bandwidth 25% priority 5 cbq( red ecn borrow )
    45  queue qDdon bandwidth 25% priority 3 cbq( red ecn borrow )
    46  queue qDrhw bandwidth 5% priority 6 cbq( red ecn borrow )
    47  queue qDsears bandwidth 5% priority 5 cbq( red ecn borrow )
    48  queue qDeagle bandwidth 5% priority 4 cbq( red ecn borrow )
    49  queue qDpnr bandwidth 5% priority 3 cbq( red ecn borrow )
    50  queue qDlds bandwidth 5% priority 3 cbq( red ecn borrow )
    51  queue qDshea bandwidth 5% priority 3 cbq( red ecn borrow )
    52  queue qDvhwifi bandwidth 5% priority 6 cbq( red ecn borrow )
    53  queue qDvhweb bandwidth 5% priority 5 cbq( red ecn borrow )
    54  queue qDvhmail bandwidth 5% priority 4 cbq( red ecn borrow )

If you are wondering about the plip0 interface..

These are not in place, they are not running. I am trying to create the
rules here and then put them in place on the other box, so here the rules
use plip0; as that is the only other interface I have on this box :)

More information about the freebsd-pf mailing list