[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #9 from Kristof Provost  ---
That's a good question. I'd have to find a decent example somewhere myself.

The ioctl codes actually encode the size of the struct, so perhaps there's an
alternate approach.

A good first step would be to find all of the places that need to be fixed. A
patch which doesn't take the backwards compatibility into account would also be
a good thing. 

I still haven't even figured out which ioctl actually sets the altq
configuration. (The DIOCGIFSPEED call just reads the interface link speed.)

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #8 from Mahdi Mokhtari  ---
(In reply to Mahdi Mokhtari from comment #7)
Also, What about structs?
Should we use Macros around/inside them of old/new versions?
Or we should redefine new structs too ?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #7 from Mahdi Mokhtari  ---
(In reply to Kristof Provost from comment #6)
Aha :)
I see.
So you suggest we solve it by adding new IOCTL command.
Okay, lemme do a try.
When i did it, I'll upload a patch for review (if you have time).

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #6 from Kristof Provost  ---
(In reply to Mahdi Mokhtari from comment #4)
The problem with the ABI is that we can't rely on user space and kernel space
running the same code versions. If someone were to update the kernel, but not
the user space code (I don't think we support the reverse) they'd disagree
about the size of the bandwidth fields and things would break.

It'll likely be best to have two versions of the ioctl() command, one which
implements the old 32-bit behaviour (on the same ID as before!), and a new one
which implements the new 64-bit values.

That'd have to be supported for a bit, but hopefully it can be removed
eventually.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #5 from r...@starnet.cz ---
(In reply to Mahdi Mokhtari from comment #4)
Hello,

I have hardware but its production box - so when you say that you have working
patch, I can test it.

Radek

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

--- Comment #4 from Mahdi Mokhtari  ---
(In reply to Kristof Provost from comment #3)
Ah, yes i see most of pf_altq.h is int32.
And i guess we should change it too.

About your point on kernel ABI and ioctl(), i didn't get your point.
Do you mean we should make other version of DIOCGIFSPEED?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

RE: How to set tos to 0

2016-08-10 Thread Radek Krejča 
> On 31 Jul 2016, at 19:46, Radek Krejča wrote:
> > I need to set TOS to 0 and remark it with rules.
> >
> > I am trying to use scrub to set tos to 0, but I have problem:
> >
> > scrub all fragment reassemble no-df set-tos 0
> >
> > give Illegal value
> >
> > but scrub all fragment reassemble no-df set-tos 1
> > is working.
> >
> > I am trying 0x00, 0x0 and still the same.
> >
> > How can I set TOS to 0?
> >
> I think you may have found a bug.
> 
> Can you give this patch a try?
> 
> diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
> index e0cfa3d..980976e 100644
> --- a/sbin/pfctl/parse.y
> +++ b/sbin/pfctl/parse.y
> @@ -3593,8 +3593,8 @@ tos   : STRING{
>  else if ($1[0] == '0' && $1[1] == 'x')
>  $$ = strtoul($1, NULL, 16);
>  else
> -   $$ = 0; /* flag bad argument */
> -   if (!$$ || $$ > 255) {
> +   $$ = 256;   /* flag bad
> argument */
> +   if ($$ < 0 || $$ > 255) {
>  yyerror("illegal tos value %s", $1);
>  free($1);
>  YYERROR;
> @@ -3603,7 +3603,7 @@ tos   : STRING{
>  }
>  | NUMBER{
>  $$ = $1;
> -   if (!$$ || $$ > 255) {
> +   if ($$ < 0 || $$ > 255) {
>  yyerror("illegal tos value %s", $1);
>  YYERROR;
>  }
> 

Hello Kristof,

this patch seems to be working.

I will post bugreport.

Thank you
Radek
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 211730] pf uses 32bit value for bandwith with altq

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211730

Kristof Provost  changed:

   What|Removed |Added

 CC||k...@freebsd.org
   Assignee|freebsd-b...@freebsd.org|freebsd-pf@FreeBSD.org

--- Comment #1 from Kristof Provost  ---
The root cause here is that pf uses 32-bit values for bandwidth values.

Relative values don't help. DIOCGIFSPEED also uses 32-bit values (which in the
kernel are simply assigned from a 64-bit value!).

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

RE: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Radek Krejča 
> Please do file a bug, because you’ve discovered a real problem and
> I’d hate for it to get forgotten about.

Hello Kristof, 

bug sended. 

Thank you very much
Radek
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

RE: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Radek Krejča 
> I’d expect that ‘altq on $int_if cbq bandwidth 85% queue {
> default_nat.’ would do what you want.
> Looking at the code, I’m not at all sure that it’ll end up working
> either, but it’s worth a try.
> 
> Fundamentally, we’ll have to change pf (and worse, the interface to
> user space) to use 64-bit integers to carry bandwidth information, not
> 32-bit ones.
> Can you file a bug so this doesn’t get forgotten?
> 
> > I have 10Gb line and I need to shape my client with exact bandwidth.
> > How can I manage with your advice?
> >
> You can only specify integer percentages (so 85%, not 85.5%), so I’m
> afraid you’ll lose some accuracy.


Hello again,

I have changed bandwidth to 100%, 90% or 95%. Syntax OK, but value stops at 
1.27Gbit (it looks, that 1Gbit is default)

When I give ifconfig, I see:

media: Ethernet autoselect (10Gbase-SR )

It looks that "autodetection" of pf is broken to.

Thank you very much
Radek
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Re: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Kristof Provost 

On 10 Aug 2016, at 14:38, Radek Krejča wrote:
I have changed bandwidth to 100%, 90% or 95%. Syntax OK, but value 
stops at 1.27Gbit (it looks, that 1Gbit is default)


When I give ifconfig, I see:

media: Ethernet autoselect (10Gbase-SR )

It looks that "autodetection" of pf is broken to.



I was afraid of that. I think the issue there is that when pf asks for 
the speed of the interface it puts a 64-bit value in a 32-bit field, so 
the resulting value is incorrect.


Please do file a bug, because you’ve discovered a real problem and 
I’d hate for it to get forgotten about.


Regards,
Kristof
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Re: wan1 as default, wan2 dedicated to a service

2016-08-10 Thread Zeus Panchenko 
Max  wrote:

> Probably you should use
> pass out log on $if_dvr reply-to ($if_wan2 $gw_wan2) to 

thank you, Max, this helped

-- 
Zeus V. Panchenko   jid:z...@im.ibs.dn.ua
IT Dpt., I.B.S. LLC   GMT+2 (EET)
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Re: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Kristof Provost 

On 10 Aug 2016, at 11:19, Radek Krejča wrote:

That looks like you might be hitting the maximum of an unsigned
integer.
Try using relative specifications (i.e. as a percentage) instead.

Yes, I think so. But I dont know, that I can say relative 
specification for inteface bandwidth. Could you show me how?



I don’t run ALTQ myself, so all I can say is what the man page says:
 bandwidth ⟨bw⟩
   The maximum bitrate for all queues on an interface may be 
specified
   using the bandwidth keyword.  The value can be specified as 
an
   absolute value or as a percentage of the interface 
bandwidth.  When
   using an absolute value, the suffixes b, Kb, Mb, and Gb are 
used to

   represent bits, kilobits, megabits, and gigabits per second,
   respectively.  The value must not exceed the interface 
bandwidth.  If
   bandwidth is not specified, the interface bandwidth is used 
(but take
   note that some interfaces do not know their bandwidth, or 
can adapt

   their bandwidth rates).

I’d expect that ‘altq on $int_if cbq bandwidth 85% queue { 
default_nat.’ would do what you want.
Looking at the code, I’m not at all sure that it’ll end up working 
either, but it’s worth a try.


Fundamentally, we’ll have to change pf (and worse, the interface to 
user space) to use 64-bit integers to carry bandwidth information, not 
32-bit ones.

Can you file a bug so this doesn’t get forgotten?

I have 10Gb line and I need to shape my client with exact bandwidth. 
How can I manage with your advice?


You can only specify integer percentages (so 85%, not 85.5%), so I’m 
afraid you’ll lose some accuracy.


Regards,
Kristof
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

RE: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Radek Krejča 
> That looks like you might be hitting the maximum of an unsigned
> integer.
> Try using relative specifications (i.e. as a percentage) instead.
> 

Hello Kristof, 

Yes, I think so. But I dont know, that I can say relative specification for 
inteface bandwidth. Could you show me how?

I have 10Gb line and I need to shape my client with exact bandwidth. How can I 
manage with your advice?

PS: I have 64bit version of FBSD.

Thank you very much
Radek
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 201519] pf NAT translates ICMP type 3 packects incorrectly

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201519

Kristof Provost  changed:

   What|Removed |Added

Version|9.3-RELEASE |10.3-STABLE
 Status|Closed  |In Progress
   Assignee|freebsd-pf@FreeBSD.org  |k...@freebsd.org
 Resolution|FIXED   |---

--- Comment #16 from Kristof Provost  ---
Yes, it's on the top of my list.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Re: Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Kristof Provost 

On 10 Aug 2016, at 9:28, Radek Krejča wrote:
I need to shape 10G traffic, but I cant make bandwidth higher than 
4.26 Gbit:


pfctl shows:

altq on int0 cbq bandwidth 4.26Gb tbrsize 36000 queue { 
default_nat..


but in pf.conf is:

altq on $int_if cbq bandwidth 8550Mb queue { default_nat..

or

altq on $int_if cbq bandwidth 10Gb queue { default_nat


That looks like you might be hitting the maximum of an unsigned integer.
Try using relative specifications (i.e. as a percentage) instead.

Regards,
Kristof
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

[Bug 201519] pf NAT translates ICMP type 3 packects incorrectly

2016-08-10 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201519

Franco Fichtner  changed:

   What|Removed |Added

 CC||fra...@opnsense.org

--- Comment #15 from Franco Fichtner  ---
I can confirm that the patches break traceroute output on 10.3.  Can this be
reopened?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"

Max altq bandwidth 4.26 Gbit

2016-08-10 Thread Radek Krejča 
Hello again,

I need to shape 10G traffic, but I cant make bandwidth higher than 4.26 Gbit:

pfctl shows:

altq on int0 cbq bandwidth 4.26Gb tbrsize 36000 queue { 
default_nat..

but in pf.conf is:

altq on $int_if cbq bandwidth 8550Mb queue { default_nat..

or

altq on $int_if cbq bandwidth 10Gb queue { default_nat

Thank you for help

Radek



___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"