On Tue, Feb 26, 2013 at 08:54:22PM +0200, Jukka Marin wrote: > Do I also have to add queue rules for the incoming traffic on the external > interface? I have seen this in some examples, but I don't understand why > that would be necessary (unless it's simply required by pf/altq).
It seems that I have to add the same queue specification for both directions, although only one direction is to be bandwidth limited. > Also, should the altq queues become effective immediately after reloading > pf.conf or do they only affect TCP connections created after the reload? Seems they work immediately, now that the packets are put into queues. One more problem. I have the following queues: altq on $ext_if cbq bandwidth 1000Kb queue { ext_ps3, ext_vpn, ext_std, ext_dmz } queue ext_ps3 priority 5 bandwidth 25% cbq(borrow) queue ext_vpn priority 4 bandwidth 10% cbq(borrow) queue ext_std bandwidth 25% cbq(default borrow) queue ext_dmz priority 1 bandwidth 39% { ext_dmz_http, ext_dmz_misc } queue ext_dmz_http bandwidth 50% priority 3 cbq(red borrow) queue ext_dmz_misc bandwidth 50% priority 1 cbq(borrow) Why isn't ext_dmz_http borrowing the full 39% (390 kbps) bw from ext_dmz? Instead, ext_dmz_http only uses around 212 kbps and ext_dmz_misc is idle. Thanks! -jm