QoS with DragonFlyBSD PF/ALTQ

IntroductionIntroduction

This is just a PoC to validate QoS. UDP vs. TCP is just easy to test with iperf3. Ideally I would want to prioritize other things of course.

The UDP bandwidth test goes 1Mbit/s max for no know reason. This is why we are testing a queue at 500Kbits/s instead of 10Mbit/s, so we check that UDP is prioritized over TCP.

As for ICMP, the test was not successful, there is probably even a lower default rate hard-coded somewhere on Netfilter or GNS3.

DragonFly does not have any kernel parameter for ECN, hopefully it’s enabled by default.

Network architectureNetwork architecture

Nevermind the NATs, it was just to install iperf3 on the leaf nodes and then open a few remote shells for the stress tests.

route delete default
route add default gw 192.168.122.1
cat /etc/resolv.conf
ping -c1 opendns.com
apt update && apt install iperf3 -y
ifdown eth0
ifup eth0

IMAGE HERE

Network preparationNetwork preparation

10.0.0.1        dfly1   # gw 10.0.0.2
10.1.1.254        dfly1

10.0.0.2        dfly2   # gw 10.0.0.1
10.2.2.254        dfly2

10.1.1.1        buster1 # gw 10.1.1.254
192.168.122.201  buster1

10.2.2.1        buster2 # gw 10.2.2.254
192.168.122.202  buster2

enable routing

sysctl -a | grep forward
sysctl -a | grep ecn # none on dfly

sysctl -w net.inet.ip.forwarding=1
sysctl -w net.inet6.ip6.forwarding=1

mv -i /etc/sysctl.conf /etc/sysctl.conf.dist
vi /etc/sysctl.conf

net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1

check buster1 reaches buster2 through the pipeline

ping 10.1.1.254
ping 10.0.0.2
ping 10.2.2.1

Prioritize ICMP over UDP over TCPPrioritize ICMP over UDP over TCP

mv -i /etc/pf.conf /etc/pf.conf.dist
vi /etc/pf.conf

ext_if="vtnet0"
int_if="vtnet1"

altq on $ext_if priq bandwidth 500Kb queue { extq_icmp, extq_udp, extq_def }
    queue extq_icmp priority 7
    queue extq_udp  priority 6
    queue extq_def  priority 1 priq(default)

altq on $int_if priq bandwidth 500Kb queue { intq_icmp, intq_udp, intq_def }
    queue intq_icmp priority 7
    queue intq_udp  priority 6
    queue intq_def  priority 1 priq(default)

pass out on $ext_if inet  proto icmp    from $ext_if to any keep state queue extq_icmp
pass out on $ext_if inet6 proto icmp6   from $ext_if to any keep state queue extq_icmp
pass out on $ext_if proto udp       from $ext_if to any keep state queue extq_udp
pass out on $ext_if proto tcp       from $ext_if to any keep state queue extq_def

pass out on $int_if inet  proto icmp    from $ext_if to any keep state queue intq_icmp
#pass out on $int_if inet6 proto icmp6  from $ext_if to any keep state queue intq_icmp
pass out on $int_if proto udp       from $ext_if to any keep state queue intq_udp
pass out on $int_if proto tcp       from $ext_if to any keep state queue intq_def

apply

pfctl -nf /etc/pf.conf
echo pf=YES >> /etc/rc.conf
/etc/rc.d/pf restart
#/etc/rc.d/pf reload

AcceptanceAcceptance

we’re starting two servers on the right-hand leaf-node and flooding TCP vs UDP vs ICMP from the left-hand node.

buster2

iperf3 -s
iperf3 -s -p 5202

buster1

test UDP vs. TCP – SUCCESS

iperf3 -c 10.2.2.1 --format m
iperf3 -c 10.2.2.1 --udp -p 5202 --format m
# --sctp

test ICMP vs. UDP – FAIL

iperf3 -c 10.2.2.1 --udp -p 5202 --format m
ping -f 10.2.2.1

ResourcesResources

QoS with DragonFlyBSD PF/ALTQ

IntroductionIntroduction

Network architectureNetwork architecture

Network preparationNetwork preparation

Prioritize ICMP over UDP over TCPPrioritize ICMP over UDP over TCP

AcceptanceAcceptance

ResourcesResources

prio

queues

pf/altq – priq

pf/altq – cbq

pf/altq – hfsc

moar

troubles