summaryrefslogtreecommitdiff
path: root/share/pf
diff options
context:
space:
mode:
authorDaniel Hartmeier <dhartmei@cvs.openbsd.org>2003-03-02 12:19:59 +0000
committerDaniel Hartmeier <dhartmei@cvs.openbsd.org>2003-03-02 12:19:59 +0000
commitc79f6542c2be0061cc8e735e7c8056df9d601d54 (patch)
tree138c7356dc5dc7029b948ddfde48f902ffeeef23 /share/pf
parente8e690098213a69ee896b7600665fbf369b2ebb0 (diff)
Add example ruleset which priorizes empty TCP ACKs, with some comments.
Diffstat (limited to 'share/pf')
-rw-r--r--share/pf/Makefile4
-rw-r--r--share/pf/ackpri32
2 files changed, 34 insertions, 2 deletions
diff --git a/share/pf/Makefile b/share/pf/Makefile
index 2d9021d1973..14694fa56f8 100644
--- a/share/pf/Makefile
+++ b/share/pf/Makefile
@@ -1,7 +1,7 @@
#
-# $OpenBSD: Makefile,v 1.3 2002/12/17 20:12:15 henning Exp $
+# $OpenBSD: Makefile,v 1.4 2003/03/02 12:19:57 dhartmei Exp $
#
-FILES= queue1 queue2 queue3
+FILES= queue1 queue2 queue3 ackpri
NOOBJ= noobj
all clean cleandir depend lint tags:
diff --git a/share/pf/ackpri b/share/pf/ackpri
new file mode 100644
index 00000000000..593fb52e4f0
--- /dev/null
+++ b/share/pf/ackpri
@@ -0,0 +1,32 @@
+# $OpenBSD: ackpri,v 1.1 2003/03/02 12:19:58 dhartmei Exp $
+
+# Use a simple priority queue to priorize empty (no payload) TCP ACKs,
+# which dramatically improves throughput on (asymmetric) links when the
+# reverse direction is saturated. The empty ACKs use an insignificant
+# part of the bandwidth, but if they get delayed, downloads suffer
+# badly, so priorize them.
+
+# Example: 512/128 kbps ADSL. Download is 50 kB/s. When a concurrent
+# upload saturates the uplink, download drops to 7 kB/s. With the
+# priority queue below, download drops only to 48 kB/s.
+
+# Replace lo0 with your real external interface
+
+ext_if="lo0"
+
+# For a 512/128 kbps ADSL with PPPoE link, using "bandwidth 100Kb"
+# is optimal. Some experimentation might be needed to find the best
+# value. If it's set too high, the priority queue is not effective, and
+# if it's set too low, the available bandwidth is not fully used.
+# A good starting point would be real_uplink_bandwidth * 90 / 100.
+
+altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def }
+queue q_pri priority 7
+queue q_def priority 1 priq(default)
+
+pass out on $ext_if proto tcp from $ext_if to any flags S/SA \
+ keep state queue (q_def, q_pri)
+
+pass in on $ext_if proto tcp from any to $ext_if flags S/SA \
+ keep state queue (q_def, q_pri)
+