svn commit: r43924 - head/en_US.ISO8859-1/books/handbook/firewalls

Fri Feb 14 17:19:01 UTC 2014

Author: dru
Date: Fri Feb 14 17:19:01 2014
New Revision: 43924
URL: http://svnweb.freebsd.org/changeset/doc/43924

Log:
  Cleanup the ALTQ section.
  At some point, a FreeBSD specific example should be added.
  
  Sponsored by: iXsystems

Modified:
  head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml

Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
==============================================================================

--- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	Fri Feb 14 09:18:38 2014	(r43923)
+++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	Fri Feb 14 17:19:01 2014	(r43924)
@@ -191,7 +191,7 @@
 
   <sect1 xml:id="firewalls-pf">
     <info>
-      <title>PF and <acronym>ALTQ</acronym></title>
+      <title>PF</title>
 
       <authorgroup>
 	<author>
@@ -347,6 +347,97 @@ device pfsync</programlisting>
     </sect2>
 
     <sect2>
+      <title>Enabling <application>ALTQ</application></title>
+
+      <para>On &os;, <application>ALTQ</application> can be used with
+	<application>PF</application> to provide Quality of Service
+	(<acronym>QOS</acronym>).  Once <application>ALTQ</application> is
+	enabled, queues can be defined in the ruleset which
+	determine the processing priority of outbound packets.
+	</para>  
+
+      <para>Before enabling <application>ALTQ</application>, refer to
+	&man.altq.4;
+	to determine if the drivers for the network cards installed on the system support
+	it.</para>
+
+      <para><application>ALTQ</application> is not available as a
+	loadable kernel module.  If the system's interfaces support <application>ALTQ</application>,
+	create a custom kernel using the instructions in <xref linkend="kernelconfig"/>.
+	The following kernel options are available.  The first is
+	needed to enable
+	<application>ALTQ</application>.  At least one of the other options
+	is necessary to specify the queueing scheduler algorithm:</para>
+
+      <programlisting>options         ALTQ
+options         ALTQ_CBQ        # Class Based Queuing (CBQ)
+options         ALTQ_RED        # Random Early Detection (RED)
+options         ALTQ_RIO        # RED In/Out
+options         ALTQ_HFSC       # Hierarchical Packet Scheduler (HFSC)
+options         ALTQ_PRIQ       # Priority Queuing (PRIQ)</programlisting>
+
+      <para>The following scheduler algorithms are available:</para>
+
+      <variablelist>
+	<varlistentry>
+	  <term>CBQ</term>
+	  <listitem>
+      <para>Class Based Queuing
+	(<acronym>CBQ</acronym>)
+	is used to divide a connection's bandwidth into different
+	classes or queues to prioritize traffic based on filter
+	rules.</para>
+	  </listitem>
+	</varlistentry>
+
+	<varlistentry>
+	  <term>RED</term>
+	  <listitem>
+      <para>Random Early Detection
+	(<acronym>RED</acronym>) is
+	used to avoid network congestion by measuring the length of
+	the queue and comparing it to the minimum and maximum
+	thresholds for the queue.  When the queue is over the maximum,
+	all new packets are randomly dropped.</para>
+	  </listitem>
+	</varlistentry>
+
+	<varlistentry>
+	  <term>RIO</term>
+	  <listitem>
+      <para>In Random Early Detection In and Out (<acronym>RIO</acronym>) mode,
+	<acronym>RED</acronym> maintains multiple average queue
+	lengths and multiple threshold values, one for each
+	<acronym>QOS</acronym> level.</para>
+	  </listitem>
+	</varlistentry>
+
+	<varlistentry>
+	  <term>HFSC</term>
+	  <listitem>
+      <para>Hierarchical Fair Service Curve Packet
+	  Scheduler (<acronym>HFSC</acronym>) is described in
+	<uri
+	  xlink:href="http://www-2.cs.cmu.edu/~hzhang/HFSC/main.html">http://www-2.cs.cmu.edu/~hzhang/HFSC/main.html</uri>.</para>
+	  </listitem>
+	</varlistentry>
+
+	<varlistentry>
+	  <term>PRIQ</term>
+	  <listitem>
+      <para>Priority Queuing
+	(<acronym>PRIQ</acronym>)
+	always passes traffic that is in a higher queue first.</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+  
+      <para>More information about the scheduling
+	algorithms and example rulesets are available at <uri
+	  xlink:href="http://www.openbsd.org/faq/pf/queueing.html">http://www.openbsd.org/faq/pf/queueing.html</uri>.</para>
+    </sect2>
+
+    <sect2>
       <title>Creating Filtering Rules</title>
 
       <para>By default, <application>PF</application> reads its
@@ -429,66 +520,6 @@ device pfsync</programlisting>
       </informaltable>
     </sect2>
 
-    <sect2>
-      <title>Enabling <acronym>ALTQ</acronym></title>
-
-      <para><acronym>ALTQ</acronym> is only available by compiling its
-	support into the &os; kernel.  <acronym>ALTQ</acronym> is not
-	supported by all network card drivers.  Refer to &man.altq.4;
-	for a list of drivers that are supported by the release of
-	&os;.</para>
-
-      <para>The following kernel options will enable
-	<acronym>ALTQ</acronym> and add additional
-	functionality:</para>
-
-      <programlisting>options         ALTQ
-options         ALTQ_CBQ        # Class Based Queuing (CBQ)
-options         ALTQ_RED        # Random Early Detection (RED)
-options         ALTQ_RIO        # RED In/Out
-options         ALTQ_HFSC       # Hierarchical Packet Scheduler (HFSC)
-options         ALTQ_PRIQ       # Priority Queuing (PRIQ)
-options         ALTQ_NOPCC      # Required for SMP build</programlisting>
-
-      <para><literal>options ALTQ</literal> enables the
-	<acronym>ALTQ</acronym> framework.</para>
-
-      <para><literal>options ALTQ_CBQ</literal> enables
-	<emphasis>Class Based Queuing</emphasis>
-	(<acronym>CBQ</acronym>).  <acronym>CBQ</acronym>
-	can be used to divide a connection's bandwidth into different
-	classes or queues to prioritize traffic based on filter
-	rules.</para>
-
-      <para><literal>options ALTQ_RED</literal> enables
-	<emphasis>Random Early Detection</emphasis>
-	(<acronym>RED</acronym>).  <acronym>RED</acronym> is
-	used to avoid network congestion by measuring the length of
-	the queue and comparing it to the minimum and maximum
-	thresholds for the queue.  If the queue is over the maximum,
-	all new packets will be dropped.  <acronym>RED</acronym> drops
-	packets from different connections randomly.</para>
-
-      <para><literal>options ALTQ_RIO</literal> enables
-	<emphasis>Random Early Detection In and Out</emphasis>.</para>
-
-      <para><literal>options ALTQ_HFSC</literal> enables the
-	<emphasis>Hierarchical Fair Service Curve Packet
-	  Scheduler</emphasis> <acronym>HFSC</acronym>.  For more
-	information, refer to <uri
-	  xlink:href="http://www-2.cs.cmu.edu/~hzhang/HFSC/main.html">http://www-2.cs.cmu.edu/~hzhang/HFSC/main.html</uri>.</para>
-
-      <para><literal>options ALTQ_PRIQ</literal> enables
-	<emphasis>Priority Queuing</emphasis>
-	(<acronym>PRIQ</acronym>).  <acronym>PRIQ</acronym> will
-	always pass traffic that is in a higher queue first.</para>
-
-      <para><literal>options ALTQ_NOPCC</literal> enables
-	<acronym>SMP</acronym> support for <acronym>ALTQ</acronym>.
-	This option is required on <acronym>SMP</acronym>
-	systems.</para>
-    </sect2>
-
     <sect2 xml:id="pf-tutorial">
       <info>
 	<title><application>PF</application> Rule Sets and
