From mboxrd@z Thu Jan 1 00:00:00 1970 From: nix4me Date: Sun, 22 Aug 2004 02:07:12 +0000 Subject: Re: [LARTC] Wondershaper in internal network Message-Id: <4127FFD0.4090105@cfl.rr.com> List-Id: References: <41277458.7070807@apspektakel.com> In-Reply-To: <41277458.7070807@apspektakel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org gypsy wrote: >Johan Lindqvist wrote: > > >>I've gotten wondershaper to work in my linux box, which is part of a 3 >>computer network that shares the same dsl connection. The linuxbox >>handles most bulk down and uploading, and the other 2 are mainly for >>surfing and such. >> What I need from wiondershaper is that it should perform it's tasks >>with all of the traffic to the dsl modem, but do nothing with the >>internal traffic (traffic to 192.168.). This is important since I do a >>lot of remote x'ing to the linuxbox, and when that traffic to is shaped, >>it's to slow to work. >>/johan >> >> > >You must tell us a lot more about your setup than above if you expect >help. > >Does the linux box have more than one NIC? >Are you DNATting? If not, HOW is the DSL shared? >What makes you say that the wonder script is interfering with internal >traffic? > >In a "normal" setup, the linux box will have 2 NICs, one connected to a >switch/hub serving the internal network and the other directly connected >to the DSL. Wonder then is configured to shape on the internet >(external) interface (only). That means it does not touch anything on >the internal NW. > >You might be able to set up a modified Wonder such that the default / >bulk does 100Mbit (assuming your internal NW is 100) by setting RATE >CEIL = 100Mb and then shape everything where the IP matches your DSL IP >so that internet stuff never gets into the bulk queue. Sort of >"reverse" logic, but that is the way I dealt with an FTP server. In the >absence of a firewall mark in FTP packets, there is no good way to >identify them, so instead handle the stuff you CAN identify and let the >rest go into bulk. > >gypsy >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > Well, there is a better way. I was able to mark ftp outgoing traffic using iptables. I shape all outgoing packets on a port range and throw the rest in a 100mbit bulk. Works like a champ. i have the outbound ftp passive ports and the active port marked. Let me know if you want to see my script. Mark _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/