[LARTC] traffic shaping question

[LARTC] traffic shaping question

[Shawn]

I have a variation of the wondershaper script, but I'm not sure that I
know how to make it do what I want it to do... which is: prioritize
traffic from a particular host for which my gentoo linux box is a
router.

Specifically, 192.168.0.106 is a Cisco ATA 186 VoIP box serving me with
phone goodness. I want that to be top priority. Problem is, wondershaper
doesn't exactly fit the bill here.

The docs don't seem to specifically cover this. I'd like to know about
"tc", and how all it's "N:N" and "prio N" syntax mean too.

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] traffic shaping question

[Shawn]

Is the following sounding logical? I'm trying to
     1. Make all traffic from 192.168.0.106 highest priority
     2. Make all traffic to 192.168.0.106 highest priority

tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 \
	match ip src 192.168.0.106/32 flowid 10:1 
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 \
	match ip dst 192.168.0.106/32 flowid 10:1

Furthur, how can I track (besides subjectively) the activity,
like, dropped packets, etc?

On Tue, 2003-06-03 at 14:24, Shawn wrote:
> I have a variation of the wondershaper script, but I'm not sure that I
> know how to make it do what I want it to do... which is: prioritize
> traffic from a particular host for which my gentoo linux box is a
> router.
> 
> Specifically, 192.168.0.106 is a Cisco ATA 186 VoIP box serving me with
> phone goodness. I want that to be top priority. Problem is, wondershaper
> doesn't exactly fit the bill here.
> 
> The docs don't seem to specifically cover this. I'd like to know about
> "tc", and how all it's "N:N" and "prio N" syntax mean too.

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[LARTC] traffic shaping question

[Nagy Gabor Peter]

Hi list,

I have read the lartc 9th chapter, the bandwidth management part.

I think I understand the principle, but I have a question.

So I have a firewall that has several different interfaces. The most
important for my question is the Internet interface, which is a 2mbps
leased line.
I have an interface into the protected network, I have a DMZ interface,
and I have an interface with direct connection to a client.

Here is what I need:
Internet -> DMZ + Internet -> LAN + Internet -> firewall traffic
together should not exceed 1.5mbps

At the moment I have a tbf, that limits everything that goes to the LAN,
and another that limits everything going to the internet.

I would like to shape the incoming traffic from the internet. OK, I
understand that I cannot influence the senders out there not to try to
send me packets, I can only influence how fast these packets are sent
from me.

But can I somehow treat all incoming traffic together?

Because my knowledge at the moment is only some shaping possibilities on
the LAN interface and on the DMZ interface.

I have only one idea, but I don't know if it is feasible, and if it is,
how to do that.

So I thought that I will create a virtual interface, and route all
traffic from the Internet through this one. So incoming on Internet
interface, outgoing on virtual interface, and from there incoming on the
firewall machine, or outgoing on the LAN or the DMZ interface.

Does it sound good? How can I do that? (I suppose I have to read other
chapters in the lartc guide. Could you point me out where to start? What
to look for?)

Or is there another solution? What would you recommend?

Cheers,
Gabor
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Re: [LARTC] traffic shaping question

[Marco Berizzi]

Nagy Gabor Peter wrote:

> So I thought that I will create a virtual interface, and route all
> traffic from the Internet through this one. So incoming on Internet
> interface, outgoing on virtual interface, and from there incoming on
the
> firewall machine, or outgoing on the LAN or the DMZ interface.
>
> Does it sound good? How can I do that? (I suppose I have to read other
> chapters in the lartc guide. Could you point me out where to start?
What
> to look for?)

Yes. The virtual interface is called IFB. Look at
the iproute2 package source under doc/actions


_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc