I have a T1 and I am breaking it down into 4 parts Ack, voip, mail, and bulk(everything else). The main problem we face is people downloading steaming videos or are even downloading large files. I know that portion of altq doesn't work as well because you can't stop the other person from sending data. It should help by allowing the router to at least see that mail or VOIP is coming though and allow it priority right?
External interface
Code:
altq on $extif bandwidth 1.5Mb hfsc queue {e_ack, e_voip, e_network}
queue e_ack bandwidth 1% priority 7 qlimit 50 hfsc (realtime (450Kb, 10000, 225Kb))
queue e_voip bandwidth 1% priority 6 qlimit 50 hfsc (realtime (300Kb, 20000, 190Kb))
queue e_network bandwidth 1% priority 5 qlimit 50 hfsc (realtime 450Kb linkshare (1200Kb, 20000, 500Kb)) {e_mail, e_bulk}
queue e_mail bandwidth 40% priority 7 qlimit 50 hfsc (linkshare (40%, 15000, 25%))
queue e_bulk bandwidth 40% priority 6 qlimit 50 hfsc (linkshare 40% default)
Internal Interface
Code:
altq on $intif bandwidth 1Gb hfsc queue {ext, int}
queue ext bandwidth 1.5Mb hfsc {i_ack, i_voip, network }
queue i_ack bandwidth 1% priority 7 qlimit 50 hfsc (realtime (400Kb, 10000, 225Kb))
queue i_voip bandwidth 1% priority 6 qlimit 50 hfsc (realtime (300Kb, 20000, 190Kb))
queue network bandwidth 1% priority 5 qlimit 50 hfsc (realtime 450Kb linkshare (1200Kb, 20000, 500Kb)) {i_mail, i_bulk}
queue i_mail bandwidth 40% priority 7 qlimit 50 hfsc (linkshare (180Kb, 15000, 112Kb))
queue i_bulk bandwidth 40% priority 6 qlimit 50 hfsc (linkshare (180Kb, 15000, 112Kb ) default)
queue int bandwidth 997Mb hfsc
So once I have the queues set up I start to assign them to the proper queue
Code:
match out on $extif proto tcp from $mailserver port 25 to any queue (e_mail, e_ack)
match out on $intif proto tcp from any to $mailserver port 25 queue (i_mail, i_ack)
Of course they are allowed to pass through since everything is working. The queues don't work correctly. Everything going out on the internal interface is riding on the correct queue but when I look at the external queue everything is being applied to the bulk queue. When I use tcpdump -nettt -i pflog0 port 25 and host 192.168.5.20 it shows this to me.
Code:
rule 24/(match) pass in on em1: 192.168.5.20.39098 > 209.85.223.42.25: S 1692899968:1692899968(0) win 65535 <mss 1460,nop,nop,sackOK> (DF)
em1 is the internal interface it shows this rule then doesn't show the out rule on em0 which is the external interface. It also looks like nat is being applied on the internal network?
Let me know if you need more information about the setup.