On Jan 11, 2011, at 1:35 AM, Bonnie Packet wrote: > Note that I know PF reasonably well and have altq queuing / rate > limiting working perfectly already in ONE direction (right now, the > high-bandwidth download side) - I just can't figure out how to get it > working in both directions, up and down, simultaneously. I've beat my > head against TFM and nothing seems applicable - though this can't be > an uncommon need...?
Are you creating your in/out queues on a single interface? If so, that might be your problem. We have our box set up with both a "lan" interface and a "wan" interface. The "outbound" queues are children of the "wan" interface, but the "inbound" queues are children of the "lan" interface. The folklore you hear about "only being able to shape outbound traffic" is sort of true; you can only shape the packets as they leave the PF box. However, as packets traverse your box, they come IN, get processed, and then go OUT to be delivered, so you always have the opportunity to shape them. You just need to make sure you're doing it at the right end. Essentially, for "inbound" traffic (from the internet to your lan), PF queues (and possibly drops) packets *just before* they would be delivered to your boxes on the inside. It's a little tragic (as others have mentioned) since those packets have already consumed your DSL bandwidth only to be dropped, but it's necessary to force the congestion-control to slow the flow for future packets. With a 2-interface 2-queue setup, we've been able to manage asymmetrical bandwidth amounts. We now have a symmetric connection, but I know we had one working back when we were on a 16up/2down cable connection... Jason -- Jason Healy | jhe...@logn.net | http://www.logn.net/