Hi, I’m new to VyOS and really like it, but I hit some gaps for what seems like a common setup: about 30 user VLANs, a single uplink with SNAT, guaranteed per-VLAN bandwidth with borrowing up to a ceiling, and per-host fairness.
I’ve built and tested these patches on current vyos-1x:
- Allow CAKE as a child queue under HTB shaper classes.
- Add save-connection-mark and redirect-preserve-connmark to keep marks through SNAT/IFB for ingress shaping.
- Add an optional disable-policer so classes can borrow up to their ceiling without being clamped.
Smaller fixes:
- Percent-based rates for policers (and HFSC m1/m2) now use the shaper bandwidth, not interface speed (same as in the CAKE queue patch).
- Ceil-burst tuning for HTB classes (needed on big ceilings jump, e.g., 5→500 Mbit).
With these changes I can guarantee per-VLAN minimums, let them use the full uplink when idle, and get fair per-host sharing via CAKE on both upload and download.
Each feature is in its own branch on my GitHub fork. I plan to file a Phabricator task and open PRs. Does PR order matter - should I start with the smaller ones? I added smoketests; should I also draft docs? Feedback welcome.