pf(4) queuing and interfaces

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

pf(4) queuing and interfaces

David Higgs
My wireless AP puts traffic from each WiFi network (trusted, guests,
etc.) into a separate VLAN, which are then picked up by my OpenBSD
router and filtered appropriately via pf rules.

In other words:
  em1 is for untagged traffic to the AP itself
  vlan100 has parent em1 and is for my "trusted" WLAN
  vlan200 also has parent em1 and is for my "guest" WLAN

pf.conf includes the following line:
  queue wlan_q on em1 bandwidth 50M max 50M flows 1024 qlimit 1024 default

When I specify only the queuing rule as shown above, is traffic sent
on vlanXXX also receive this queuing policy?

If not, should I divide the physical bandwidth between logical
interfaces?  Does FQ-CoDel work correctly if they are each assigned
the full physical bandwidth?  Or should I be dividing one or both of
the configurable interface rates?

And lastly, if I define a queue as below - does this expand into two
different queues with the same name or one queue with bandwidth shared
between two interfaces?  Running "pfctl -vsq" indicates the former,
but I'd like to be sure.

  queue some_q on { em2, em3 } bandwidth 95M max 95M flows 1024 qlimit
1024 default

Thanks.

--david

Reply | Threaded
Open this post in threaded view
|

Fwd: pf(4) queuing and interfaces

David Higgs
Resending now that the hackathon has died down.

—david

---------- Forwarded message ---------
From: David Higgs <[hidden email]>
Date: Sun, Jul 15, 2018 at 2:12 PM
Subject: pf(4) queuing and interfaces
To: [hidden email] <[hidden email]>


My wireless AP puts traffic from each WiFi network (trusted, guests,
etc.) into a separate VLAN, which are then picked up by my OpenBSD
router and filtered appropriately via pf rules.

In other words:
  em1 is for untagged traffic to the AP itself
  vlan100 has parent em1 and is for my "trusted" WLAN
  vlan200 also has parent em1 and is for my "guest" WLAN

pf.conf includes the following line:
  queue wlan_q on em1 bandwidth 50M max 50M flows 1024 qlimit 1024 default

When I specify only the queuing rule as shown above, is traffic sent
on vlanXXX also receive this queuing policy?

If not, should I divide the physical bandwidth between logical
interfaces?  Does FQ-CoDel work correctly if they are each assigned
the full physical bandwidth?  Or should I be dividing one or both of
the configurable interface rates?

And lastly, if I define a queue as below - does this expand into two
different queues with the same name or one queue with bandwidth shared
between two interfaces?  Running "pfctl -vsq" indicates the former,
but I'd like to be sure.

  queue some_q on { em2, em3 } bandwidth 95M max 95M flows 1024 qlimit
1024 default

Thanks.

--david