[LARTC] Please advise how to set up for 5 IPs

From: gypsy <gypsy@iswest.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Please advise how to set up for 5 IPs
Date: Tue, 28 Sep 2004 19:36:31 +0000	[thread overview]
Message-ID: <4159BD3F.45CB63E1@iswest.com> (raw)

I have need to use HTB on multiple (5) IPs.

The present setup has the DSL connection going to a switch and then each
computer with an external IP configures the external interface to listen
on that IP.

I have had TERRIBLE luck trying to use iptables to DNAT so if DNAT needs
to be done, any advice that includes tested and working examples would
be sincerely appreciated.

There are 3 computers connected to the switch:
1) yesican.chsoft.biz 206.72.89.154
  This also listens on eth1:0 to 206.72.89.158 as ns.chsoft.biz
2) news.chsoft.biz    206.72.89.155
3) phil.chsoft.biz    206.72.89.156

yesican (AKA ns) and news are both Slackware Linux boxes and each has a
working HTB script.  news' (non-business hours) script is at
ftp://andthatsjazz.org/pub/lartc/ultimatePM.sh.

phil is a Windows 2000 Server and between it and the switch is a
SonicWall (hardware) firewall.

How should I set up so that one computer can listen to all 5 IPs, shape
and then distribute the shaped packets to the correct server?

How can I implement ingress shaping / policing to limit the combined
incoming rate, regardless of IP, to about 700K (the connection is
actually 730K in and 690K out).  Only because it REALLY annoys me to
drop an already received packet, I would prefer to shape than to drop,
but I am presently policing.

I would like to avoid, for space and room temperature reasons, another
computer if possible.

May I please hear your $.02?  Thanks!

gypsy
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/