Overview ------- While pfctl lets you set-tos for ipv6, it doesn't appear to be implemented on kernel side. Steps to Reproduce ----------- 1. pf.conf: scrub in on em0 inet6 proto {tcp, udp, 58} all set-tos lowdelay fragment reassemble pass log (all) all 2. ping6 the target with traffic class specified: ping6 -n -Q 0x20 -c2 fe80::a00:27ff:feb8:57c0%wlp2s0 Expected result --------------- tcpdump: listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes 09:14:53.083938 rule 0/0(match): pass in on em0: (class 0x10... Actual Result ------------- # tcpdump -vvv -ee -i pflog0 -l -n tcpdump: listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes 09:14:53.083938 rule 0/0(match): pass in on em0: (class 0x20... Build Date & Hardware --------------------- FreeBSD bsd-vbox 13.0-CURRENT FreeBSD 13.0-CURRENT #0 r368820: Tue Jan 5 17:30:19 EST 2021 jcaplan@bsd-vbox:/usr/obj/usr/src-head/amd64.amd64/sys/GENERIC amd64 Additional Information ---------------------- pf_scrub_ip6, unlike pf_scrub_ip doesn't check the PFRULE_SET_TOS flag and doesn't update the traffic class in the ip6_hdr.
I have a diff for this, I will dig it out and tag a review this weekend.
Created attachment 223003 [details] proposed patch Here is a patch that worked for me. I found I needed to scrub on the fragments as well for the expected result.