From: Philip Gaw <admin@darktech.org.uk>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] linux box as vlan p2p limiter and firewall?
Date: Thu, 23 Mar 2006 16:28:24 +0000 [thread overview]
Message-ID: <4422CCA8.2060804@darktech.org.uk> (raw)
In-Reply-To: <1143110605.17746.45.camel@localhost>
Andraz Sraka wrote:
> re
>
> On Thu, 2006-03-23 at 16:58 +0100, Carlos Blanquer wrote:
>
>
>> I recommend (so I haven't done it cos I have no needs up now) use
>> FreeBSD to do that. Bridging in BSD has more sense than do it in a
>> Linux box.
>>
>
> that was my second best choice ;-]
>
>
>
>> It's totally possible, you can use any script found via google or any
>> of that are travelling in this mail list.
>>
>
> True in a way, but still I was hoping that someone can give me more
> specific guidelines what are the possibilities and what's the "best" way
> to do it. Since I've already said, that I need to do p2p limiting and
> some basic firewalling on data stream in trunked (cisco term. = tagged)
> vlan.
>
> regards,
> Andraz
>
>
>
>
> vlans on linux as someone said already, is just a basic eth0.x
> interface, which you just shape/firewall etc in the same way as a
> normal interface.
>
>
>
> its not difficult to setup.
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
hey there. best way to do this is with ebtables + vlans + qos on a linux
box. bsd shaping is basic at best, and junk at worst. altq cannot do
proper shaping over multiple interfaces (couldnt have say 10mbit shared
between 3 or 4 interfaces etc). certainly not in my experience.
linux is far superior for what your wanting to do, can even do layer7
shaping.
vlans on linux as someone said already, is just a basic eth0.x
interface, which you just shape/firewall etc in the same way as a normal
interface.
its not difficult to setup. if you require any more info or help, feel
free to pm me off list. i have this exact setup.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2006-03-23 16:28 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-23 10:43 [LARTC] linux box as vlan p2p limiter and firewall? Andraz Sraka
2006-03-23 15:58 ` Carlos Blanquer
2006-03-23 16:10 ` Andraz Sraka
2006-03-23 16:16 ` Andraz Sraka
2006-03-23 16:18 ` Roberto Scattini
2006-03-23 16:28 ` Philip Gaw [this message]
2006-03-23 16:29 ` Philip Gaw
2006-03-23 16:39 ` Andraz Sraka
2006-03-24 0:20 ` Jason Boxman
2006-03-24 16:54 ` Andraz Sraka
2006-03-24 17:39 ` Klaus
2006-03-24 19:07 ` Jason Boxman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4422CCA8.2060804@darktech.org.uk \
--to=admin@darktech.org.uk \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.