From: Jake Colman <colman@ppllc.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Traffic Shaping with Shorewall
Date: Mon, 01 May 2006 14:52:08 +0000 [thread overview]
Message-ID: <7664kpn6g7.fsf@pennsylvania.ppllc.com> (raw)
Does anyone here implement traffic shaping with shorewall? I need to shape
BitTorrent traffic on my network so that upload/downloads do not overwhelm
normal function or, even more importantly, my imminent conversion to VOIP for
all telephone service. I followed the shorewall documentation guide but am
not sure if what I have done is the Right Way Of Doing Things. Nor am I
satsified with the results so far.
I am using CableVision's Optimum Online for my broadband connection and am
about to install SunRocket for my VOIP. I will be attacing the relevant file
settings I have used. I'd appreciate any help with tweaking this
configuration to maximuze my throughput. My goal is to ensure that,
regardless of the number of torrents being downloaded/uploaded, my VOIP
quality does not degrade and that my web/email/etc access works as quickly as
it does without the BitTorrent active.
By the way, I use port forwarding to forward specific BitTorrent ports to
specific inbound computers behind my firewall. This way, I can maximize my
BitTorrent download/upload performance since the connection is two-way. I
still want this limited, however, so that it does not eat up all my
bandwidth. This is a home network with about 5 nodes, several of whom are
teenagers. The network configuration uses a simple two-NIC server; the modem
connects to eth1 and the internal network is on eth0.
Finally, would incorporation of ipp2p into my rules help me in any way? My
kernel (gentoo) is already build to support ipp2p and I already have the
module loaded and iptables is working with it. So if ipp2p would be helpful
I'm already set up for it.
Thanks for any help.
Here are my files:
tcdevices:
eth1 3800kbit 800kbit
tcrules:
1 0.0.0.0/0 0.0.0.0/0 icmp echo-request
1 0.0.0.0/0 0.0.0.0/0 icmp echo-reply
2 0.0.0.0/0 0.0.0.0/0 tcp - 50001:50009
2 0.0.0.0/0 0.0.0.0/0 tcp - 50011:50019
2 0.0.0.0/0 0.0.0.0/0 tcp - 50021:50029
tcclasses:
eth1 1 100kbit full 1 tcp-ack,tos-minimize-delay
eth1 2 100kbit 200kbit 2
eth1 3 full/3 full 3 default
--
Jake Colman
Sr. Applications Developer
Principia Partners LLC
Harborside Financial Center
1001 Plaza Two
Jersey City, NJ 07311
(201) 209-2467
www.principiapartners.com
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next reply other threads:[~2006-05-01 14:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-01 14:52 Jake Colman [this message]
2006-05-01 15:46 ` [LARTC] Traffic Shaping with Shorewall Jody Shumaker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7664kpn6g7.fsf@pennsylvania.ppllc.com \
--to=colman@ppllc.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.