On 2010-09-09, Hermes Ojeda Ruiz <[email protected]> wrote: > Ok. That's good. Using hfsc what's the advantage? > https://calomel.org/pf_hfsc.html
You can allow an initial burst (good for standard web traffic etc) and then slow things down. With this tool you can discourage file transfers and streaming traffic which isn't sustainable over a very busy line, while allowing standard http, ssh, imap, etc. to work more normally (small transfers, or low-bandwidth transfers, get through ok; large/ high-bandwidth transfers are throttled). And the end result is much nicer than allowing everyone to have a "fair" share i.e. 10-12Kbit/sec. (Also I doubt that cbq can accurately control traffic down to this sort of speed..) On the down side, the documentation for hfsc is pretty bad, I was just setting it up recently myself and had to to assemble information from about 4 different sources in order to learn enough to start experimenting.. > Can be assigned the altq rules with hsfc by ip? or only by kind of packets? You can assign packets to queues by any criteria PF can match on.. match proto tcp to port ssh queue (fast, highest) match proto tcp queue (standard, fast) match proto udp to port domain queue (highest) match proto udp from 10.0.0.1 queue (aa)
