current-users: Re: Current - pf+altq kernel compilation problem.

Subject: Re: Current - pf+altq kernel compilation problem.
To: None <current-users@netbsd.org>
From: Miles Nordin <carton@Ivy.NET>
List: current-users
Date: 10/10/2005 16:18:49
--pgp-sign-Multipart_Mon_Oct_10_16:18:37_2005-1
Content-Type: text/plain; charset=US-ASCII

>>>>> "rp" == Rui Paulo <rpaulo@fnop.net> writes:

    rp> If you want to use pf with altq I think your only option is to
    rp> enable altq in the kernel but not pf and then use the pflkm
    rp> pkg available in pkgsrc.

i'm using PF/ALTQ (the openbsd ALTQ, not the old ALTQ) with NetBSD
3.0_BETA.  I think the LKM will work with NetBSD 2.0 only.  For 3.0
and -current everything goes in the kernel.

You need to apply the PF/ALTQ patch(es):

  http://nedbsd.nl/~ppostma/pf/altq.html

The important one is all kernel patches, then the small pfctl patch to
enable 'pfctl -v -s queue'.

And there are fewer kernel config options.  Here are the ones in my
working 3.0_BETA config file that seem related:

options 	PFIL_HOOKS	# pfil(9) packet filter hooks
#options 	IPFILTER_LOG	# ipmon(8) log support
#options 	IPFILTER_DEFAULT_BLOCK	# block all packets by default

#options        ALTQ_DEBUG
#options        ALTQ_NOPCC	# XXX -- port-alpha -- read out the machine 
				# dependent clock once a second to detect 
				# counter wrap-around.
 
options		ALTQ            # Manipulate network interfaces' output queues
options		ALTQ_CBQ	# Class-Based Queueing
options		ALTQ_HFSC	# Hierarchical Fair Service Curve
options		ALTQ_PRIQ	# Priority Queueing
options		ALTQ_RED	# Random Early Detection
options		ALTQ_RIO	# RED with IN/OUT
options 	ALTQ_CDNR	# Diffserv Traffic Conditioner

#pseudo-device	ipfilter
pseudo-device	pf			# PF packet filter
pseudo-device	pflog			# PF log if
#options	BRIDGE_IPF		# bridge uses IP/IPv6 pfil hooks too

Good luck.  

I'm still having a nasty intermittent problem with HFSC that queues
seem to get ``stuck'' and stop dequeueing packet until doing 
'pfctl -Fq; /etc/rc.d/pf reload'.  but it is fun to play with, and the
link sharing scheduling AFAICT is, albeit ancient, still more advanced
than what proprietary routers have.

--pgp-sign-Multipart_Mon_Oct_10_16:18:37_2005-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iQCVAwUAQ0rMqYnCBbTaW/4dAQKunQP7Bx0UYfdrQ6FZXU8C655ub/2TZz9ahriz
8i2qO577/xaj0wz5YEeJ46Ut8M2CRe31Xl3nTnPwBTqL033CwRIVDQXgZN6qs96x
mj3Qexy85ClyytP8i9OGzDSb2yjSs46HSIEO7d44uWJ8oUqu5yW7JyuGpn7rTgF4
i+V8kB2YcwM=
=B5DX
-----END PGP SIGNATURE-----

--pgp-sign-Multipart_Mon_Oct_10_16:18:37_2005-1--