As usual, Henning is right, but I'd add that (assuming that the ALTQ+ PF code is negligible) some protocols may be better, even with plenty of available bandwidth.
For example, you could say that TCP SYN,SYN+ACK and ACK packets (connection setup) should have priority - as this would mean that web servers could spawn handling processes earlier, in parallel with the incoming HEAD/GET request. Of course this will add a small delay to normal data, but overall, total wall-clock time to is decreased. For similar reasons, DNS requests/replies would also have priority over everything. The bottom line is that even for unsaturated links, ALTQ can reduce wall-clock time by ordering packets to cause "blocking" packets to be sent earlier. Hmmm, time for some quantitive tests me thinks.... Dom - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dom De Vitto Tel. 07855 805 271 http://www.devitto.com mailto:[EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Henning Brauer Sent: Saturday, May 31, 2003 8:33 PM To: [EMAIL PROTECTED] Subject: Re: pf/altq on a fast link On Sat, May 31, 2003 at 02:01:34AM -0700, Tony Faoro wrote: > > Good day, > > I operate a web-hosting/colocation/game server hosting company with a > generous amount of available banwidth. I have a OpenBSD bridge > firewalling my network but after reading about the 'Prioritizing empty > TCP ACKs with pf and ALTQ' I began to realize that there may be more I > can do to speed things up on my link. > > If anyone out there would be so kind as to share a pf.conf they are > using in a similar circumstance that would be great. I'm somewhat new > to the packet prioritizing world and would love some real world > examples you all have had success with. all traffic priorization has only real effects on saturated links. on non-saturated ones they can be used for bandwidth shaping, and, IMHO the most important thing, make sure that in case of saturation the important stuff does not get delayed too much. the tco ack priorization is mostky a ADSL thing. In theory it has effects elesewhere too, in practice it's mostly ADSL winning. -- Henning Brauer, BS Web Services, http://bsws.de [EMAIL PROTECTED] - [EMAIL PROTECTED] Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
