[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

matching queues in both directions with stateful rulesets

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: matching queues in both directions with stateful rulesets
From: Tony Sarendal <tsar_(_at_)_polarcap_(_dot_)_org>
Date: Mon, 25 Oct 2004 13:35:29 +0200
Mail-followup-to: Tony Sarendal <tsar_(_at_)_polarcap_(_dot_)_org>, misc_(_at_)_openbsd_(_dot_)_org

Is there a way to assign wich queues stateful traffic
will use in both directions ?

Scenario, multiple customer firewall. Shared uplink (dc0),
customers on vlan interfaces on dc1, which is a trunk.

something like this in config:

altq on dc0 cbq queue { std-up cust1-up cust2-up }
queue std-up cbq(default ecn)
queue cust1-up bandwidth 10Mb cbq(ecn)
queue cust2-up bandwidth 10Mb cbq(ecn)

altq on vlan1 cbq bandwidth 10Mb queue { cust1-dn }
queue cust1-dn bandwidth 100% cbq(default ecn)

altq on vlan2 cbq bandwidth 10Mb queue { cust2-dn }
queue cust2-dn bandwidth 100% cbq(default ecn)

pass in quick ... from <outside> to <cust1> .... keep state ...

For a match on above rule queue for cust1 would be used
for traffic exiting vlan1, and std-up for return traffic.

If anyone is doing something like this I'm very interested in
suggestions and ideas.

/Tony S

-- 
---
Tony Sarendal - tony_(_dot_)_sarendal_(_at_)_polarcap_(_dot_)_org - sip:tony_(_dot_)_sarendal_(_at_)_polarcap_(_dot_)_org
Cisco/Unix/Babies
	-= The scorpion replied,
		"I couldn't help it, it's my nature." =-

Follow-Ups:
- Re: matching queues in both directions with stateful rulesets
  - From: Henning Brauer

Prev by Date: Re: S L O W Linux printing
Next by Date: Re: exim: weird /var/mail permissions problem
Previous by thread: Re: setting runlevel to single-user
Next by thread: Re: matching queues in both directions with stateful rulesets
Index(es):
- Date
- Thread

Visit your host, monkey.org