From mboxrd@z Thu Jan 1 00:00:00 1970 From: Damion de Soto Date: Wed, 09 Jun 2004 00:08:04 +0000 Subject: Re: [LARTC] how flexible is ingress traffic policing to bandwidth Message-Id: <40C654E4.6030601@snapgear.com> List-Id: References: <87ekopyk2w.fsf@stark.xeocode.com> In-Reply-To: <87ekopyk2w.fsf@stark.xeocode.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Greg, >>This is effective but is there any way to tell it to choose only certain >>kinds of streams for dropping packets? Minimally I would want to tell it to >>never drop any packets in a certain list of port numbers. > > > ingress is rather weak. You can only really police with it. For what you > want most people setup the IMQ[1] device and you egress filters on it to > control what is shaped and how. You can create different ingress policers that only match specific ports, and give them different priorities, but that still won't work as well as using IMQ, or if your box is a gateway (and you are only shaping traffic going through it), then you can use egress queues on the LAN interface. regards, -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@snapgear.com SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/