Hi,
Hopefully this is just a quick question and I'm missing something here, but it
seems that we can no longer use percentages in our PF child queues.
For example;
This:-
altq on $if_trunk bandwidth 4294Mb hfsc queue { _local, _wan }
oldqueue _local on $if_trunk bandwidth 4100Mb priority 4 hfsc(linkshare
4100Mb, upperlimit 4100Mb) { local_kernel, local_pri, local_data }
oldqueue local_kernel on $if_trunk bandwidth 1% qlimit 100 priority 7
hfsc(realtime 1%, linkshare 1%)
oldqueue local_pri on $if_trunk bandwidth 10% qlimit 100 priority 4
hfsc(realtime 10%, linkshare 10%)
oldqueue local_data on $if_trunk bandwidth 89% qlimit 100 priority 0
hfsc(linkshare 89%)
oldqueue _wan on $if_trunk bandwidth 190Mb priority 15 hfsc(linkshare
190Mb, upperlimit 190Mb) { wan_rt, wan_int, wan_pri, wan_vpn, wan_web,
wan_dflt, wan_bulk }
oldqueue wan_rt on $if_trunk bandwidth 20% priority 7 qlimit 100
hfsc(realtime(20%, 5000, 10%), linkshare 20%)
oldqueue wan_int on $if_trunk bandwidth 10% priority 5 qlimit 200
hfsc(realtime 5%, linkshare 10%)
oldqueue wan_pri on $if_trunk bandwidth 10% priority 4 qlimit 300
hfsc(realtime(15%, 2000, 5%), linkshare 10%)
oldqueue wan_vpn on $if_trunk bandwidth 30% priority 3 qlimit 300
hfsc(realtime 15%, linkshare 30%)
oldqueue wan_web on $if_trunk bandwidth 10% priority 2 qlimit 500
hfsc(realtime(10%, 3000, 5%), linkshare 10%)
oldqueue wan_dflt on $if_trunk bandwidth 15% priority 1 qlimit 100
hfsc(realtime(10%, 5000, 5%), linkshare 15%, ecn, default)
oldqueue wan_bulk on $if_trunk bandwidth 5% priority 0 qlimit 100
hfsc(linkshare 5%, upperlimit 30%, ecn, red)
Now has to be written like this:-
queue trunk_root on $if_trunk bandwidth 4294M
queue qlocal on $if_trunk parent trunk_root bandwidth 4.1G
queue local_kern on $if_trunk parent qlocal bandwidth 6M min 6M
queue local_pri on $if_trunk parent qlocal bandwidth 80M min 80M
queue local_data on $if_trunk parent qlocal bandwidth 4G min 1G
default
queue qwan on $if_trunk parent trunk_root bandwidth 190M
queue wan_rt on $if_trunk parent qwan bandwidth 38M min 19M burst 38M
for 5000ms
queue wan_int on $if_trunk parent qwan bandwidth 19M min 9M
queue wan_pri on $if_trunk parent qwan bandwidth 19M min 10M burst 25M
for 2000ms
queue wan_vpn on $if_trunk parent qwan bandwidth 50M min 25M
queue wan_web on $if_trunk parent qwan bandwidth 19M min 10M burst 19M
for 3000ms
queue wan_dflt on $if_trunk parent qwan bandwidth 19M min 10M burst
19M for 5000ms
queue wan_bulk on $if_trunk parent qwan bandwidth 20M max 50M
It looks simpler to read and should be easier for people to get used to, but
not being able to use percentages really affects us.
We use "Puppet" to deploy *many* firewalls around the world, all with
different bandwidth available to them, but with nearly identical PF files. So
we deploy the PF files as a common template and each site just defines a few
simple site specific variables to define the downstream and upstream bandwidth
like this;
altq on $if_lan bandwidth 970Mb hfsc queue { lan_local, lan_wan }
queue lan_local bandwidth 880Mb priority 4 hfsc(upperlimit 881Mb) {
lan_local_kernel, lan_local_data }
queue lan_local_kernel bandwidth 1% priority 4 hfsc(realtime
1%)
queue lan_local_data bandwidth 99% priority 1 hfsc
queue lan_wan bandwidth $downstreambw priority 7 hfsc(linkshare
$downstreambw, upperlimit $downstreambw) { lan_wan_rt, lan_wan_int,
lan_wan_pri, lan_wan_vpn, lan_wan_web, lan_wan_dflt, lan_wan_bulk }
queue lan_wan_rt bandwidth 20% priority 7 qlimit 150
hfsc(realtime(40%, 2500, 20%), linkshare 20%)
queue lan_wan_int bandwidth 10% priority 5 qlimit 200
hfsc(realtime 5%, linkshare 10%)
queue lan_wan_pri bandwidth 20% priority 4 qlimit 300
hfsc(realtime 5%, linkshare 20%)
queue lan_wan_vpn bandwidth 10% priority 3 qlimit 300
hfsc(realtime 5%, linkshare 10%)
queue lan_wan_web bandwidth 20% priority 2 qlimit 500
hfsc(realtime(10%, 3000, 5%), linkshare 20%)
queue lan_wan_dflt bandwidth 10% priority 1 qlimit 100
hfsc(realtime(20%, 3000, 5%), linkshare 10%, default)
queue lan_wan_bulk bandwidth 5% priority 0 qlimit 200
hfsc(upperlimit 20%, linkshare 5%)
How can we use percentages again?
Hoping I'm just being a bit stupid..
Cheers, A
