diff options
author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-03-02 12:19:59 +0000 |
---|---|---|
committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-03-02 12:19:59 +0000 |
commit | c79f6542c2be0061cc8e735e7c8056df9d601d54 (patch) | |
tree | 138c7356dc5dc7029b948ddfde48f902ffeeef23 /share/pf | |
parent | e8e690098213a69ee896b7600665fbf369b2ebb0 (diff) |
Add example ruleset which priorizes empty TCP ACKs, with some comments.
Diffstat (limited to 'share/pf')
-rw-r--r-- | share/pf/Makefile | 4 | ||||
-rw-r--r-- | share/pf/ackpri | 32 |
2 files changed, 34 insertions, 2 deletions
diff --git a/share/pf/Makefile b/share/pf/Makefile index 2d9021d1973..14694fa56f8 100644 --- a/share/pf/Makefile +++ b/share/pf/Makefile @@ -1,7 +1,7 @@ # -# $OpenBSD: Makefile,v 1.3 2002/12/17 20:12:15 henning Exp $ +# $OpenBSD: Makefile,v 1.4 2003/03/02 12:19:57 dhartmei Exp $ # -FILES= queue1 queue2 queue3 +FILES= queue1 queue2 queue3 ackpri NOOBJ= noobj all clean cleandir depend lint tags: diff --git a/share/pf/ackpri b/share/pf/ackpri new file mode 100644 index 00000000000..593fb52e4f0 --- /dev/null +++ b/share/pf/ackpri @@ -0,0 +1,32 @@ +# $OpenBSD: ackpri,v 1.1 2003/03/02 12:19:58 dhartmei Exp $ + +# Use a simple priority queue to priorize empty (no payload) TCP ACKs, +# which dramatically improves throughput on (asymmetric) links when the +# reverse direction is saturated. The empty ACKs use an insignificant +# part of the bandwidth, but if they get delayed, downloads suffer +# badly, so priorize them. + +# Example: 512/128 kbps ADSL. Download is 50 kB/s. When a concurrent +# upload saturates the uplink, download drops to 7 kB/s. With the +# priority queue below, download drops only to 48 kB/s. + +# Replace lo0 with your real external interface + +ext_if="lo0" + +# For a 512/128 kbps ADSL with PPPoE link, using "bandwidth 100Kb" +# is optimal. Some experimentation might be needed to find the best +# value. If it's set too high, the priority queue is not effective, and +# if it's set too low, the available bandwidth is not fully used. +# A good starting point would be real_uplink_bandwidth * 90 / 100. + +altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def } +queue q_pri priority 7 +queue q_def priority 1 priq(default) + +pass out on $ext_if proto tcp from $ext_if to any flags S/SA \ + keep state queue (q_def, q_pri) + +pass in on $ext_if proto tcp from any to $ext_if flags S/SA \ + keep state queue (q_def, q_pri) + |