[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: State/queue question



Henning Brauer wrote:
> * Kelley Reynolds <[email protected]> [2005-03-21 19:40]:
> 
>>This has come up a few times on the list, and I was wondering how difficult it would be to alter the pf syntax so that a stateful rule on a firewall could apply queues on two interfaces so that bidirectional queueing can be done while tracking state?
>>
>>I believe (and please correct me if I'm wrong) that to get bi-directional queueing, one must have a seperate rule per interface and not keep state since that would be a single rule (this limiting the state-associated packets to a single queue, one interface or the other)
> 
> 
> huh? you should create state and just create queues by the same names n 
> different interfaces, it'll Just Work
Was this introduced recently?
When I try something something like
	altq on $mci_if cbq bandwidth 28Mb qlimit $qs queue { serv bulk}
	  queue serv bandwidth 20% priority 6 cbq(borrow)
	  queue bulk bandwidth 80% priority 5 cbq(borrow)
	altq on $mbh_if cbq bandwidth 28Mb qlimit $qs queue { serv bulk}
	  queue serv bandwidth 20% priority 6 cbq(borrow)
	  queue bulk bandwidth 80% priority 5 cbq(borrow)
on PF with FreeBSD 5.3, it errors out with
	queue serv already exists on interface fxp0
	pf.conf:77: errors in queue definition
when I try to create the queue on the second interface.
Or have I just misunderstood how I should create the queues?
Cheers, Martin.