Bruno Afonso wrote: > Holger Kipp wrote: > > Isn't someone working on integrating ALTQ and pf - similar to what > > has been done for OpenBSD? > > here you go: > > http://pf4freebsd.love2party.net/index.html > > I'd love freebsd to have altq and pf or ipf integration on base system.. If it can be one as a kernel module, that's the way to do it, instead of "integrating" it. Alt-Q is experimental code, and, as such, there is academic disagreement on whether it'd be a good idea to integrate it in such a way as it could not be removed. Integrating pf that way would just break the ability to use competing code, for political reasons that not all of us would agree with. So if the code's integratedat all, it should be done as modules. FWIW: Alt-Q does nothing about impedence mismatches; for example, if I have a fast local pipe on a machine acting as a gateway to a slow connection to a much fater network (think NAT box on a DMZ border hooked to a DSL or cable modem), then no matter what I do with Alt-Q, I'm screwed at the network service providers end by the buffer limitations and queueing policy between their OC3 (or whatever) and their DSLM/cable fan out unit. This is because bandwidth usage is asymmetric: if I have two sets of traffic, the NSP's router will fill its buffers alloted to me with one type of traffic/one connections traffic. After that, I can Alt-Q until I'm blue in the face on my end, but without me draining out the NSP's router's packet buffer, no new packets of the right type will gets through. The only way it works is if the NSP is also running Alt-Q, and you have prereserved high water marks for traffic bands, so that even if 90% of your allotted buffers get filled up, there's still 10% reservation for ssh for you to get into and talk to your machine. I much prefer Julian Elischer's approach to solving this problem, which doesn't require cooperation from the NSP. So this recent hard push for Alt-Q in the base system as anything other than a module is a really, really bad idea, in the opinions of some of us. -- TerryReceived on Fri Jun 13 2003 - 01:17:35 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:11 UTC