All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] am i on the right track ?
@ 2002-01-14  1:44 Chandrashekhar Joshi
  2002-01-14  9:44 ` Martin Devera
                   ` (8 more replies)
  0 siblings, 9 replies; 12+ messages in thread
From: Chandrashekhar Joshi @ 2002-01-14  1:44 UTC (permalink / raw)
  To: lartc

hi,

i am trying to have bandwidth shaping on my linux router.
i have a 64kbps link, on which i want to restrict the link use for http
/ftp access and give more bandwidth priority for vpn access. thanks to
martin devera i am using the htb for this.

|-----------|            |-----------|
| MAIN LINK |-----+------|  CLASS A  |
|-----------|     |      |-----------|
                   |
            |------+-----|
            | CLASS B    |
            |------------|

MAIN LINK  = 64kbps
CLASS A = 24kbps  (for HTTP/ FTP and other internet related activities )
CLASS B = 40kbps  ( reserved for PPTP-VPN access incoming and outgoing)

requirements :
each class should be able to borrow bandwidth from the other class when
excess is available
incoming vpn connections should come through the class B bandwidth policy
outgoing vpn connections should go through the class B bandwidth policy

following is the command set (lifted from the htb manual :-)  ) i am
trying to use :

# tc qdisc add dev eth0 root handle 1: htb default 11
# tc class add dev eth0 parent 1: classid 1:1 htb rate 64kbps ceil 64
kbps burst 2k
# tc class add dev eth0 parent 1: classid 1:10 htb rate 64kbps ceil 64
kbps burst 2k
# tc class add dev eth0 parent 1: classid 1:11 htb rate 64kbps ceil 64
kbps burst 2k
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 21 0xffff flowid \      1:10
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 80 0xffff flowid  \      1:10
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 443 0xffff flowid \    1:10
# tc qdisc add dev eth0 parent 1:10 handle 20: pfifo limit 5
# tc qdisc add dev eth0 parent 1:11 handle 30: sfq perturb 10

first i would like to know whether what i have done is correct or not in
context with my problem , i think i am on right track ?

why i did what i did
now to meet the above requirements what i did was to define bandwidth
shaping only for http, https & ftp (the major bandwidth guzzlers to
class A and made the class B as default.
but because of above rulesets my other inet services (like domain, ssh,
whois, ping etc) will go through the default  policy of class B, which i
want to avoid without adding additional rulesets; can i define a ruleset
for VPN something like below :    (and remove the rulesets for class A
and make clas A as default)

# tc filter add dev eth0 protocol 47 parent 1:0 prio 1 u32 match ip src
192.168.1.0 flowid 1:11
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 1723 0xffff \
    flowid 1:11

but how do i define the ruleset for incoming connections, can the
following be true

# tc filter add dev eth0 protocol 47 parent 1:0 prio 1 u32 match ip dst
192.168.1.0 flowid 1:11
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dst
192.168.1.0 match tcp dst 1723 0xffff \
    flowid 1:11

thanx in advance

regards / shekhar



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 12+ messages in thread
* [LARTC] Am I on the right Track?
@ 2002-01-14 14:08 Sahil Gupta - NET4U
  2002-01-15  0:52 ` Brendan Alderslade
  0 siblings, 1 reply; 12+ messages in thread
From: Sahil Gupta - NET4U @ 2002-01-14 14:08 UTC (permalink / raw)
  To: lartc

Hi there,
Is it possible to somehow have a fairly basic routing level in order to
forward packets from eth1 to eth0?  Simply using "route"?

I have a Cisco that has a local network IP.  It is on eth0 interface.  I
have a Switch on eth1.  I want to supply eth1 with a Real World IP which
comes through the Cisco.

Any guidance available?

I assigned 10.0.0.2 on eth0 and 210.54.149.189 on eth1.
then I did this:
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1 dev eth0
route add -net 210.54.149.160 netmask 255.255.255.224 gw 10.0.0.1 (which
says network unreachable)

Could someone please tell me how I could solve this?

Regards,

Sahil Gupta
NET4U Limited

------------------------------------
      NET4U -- www.net4u.co.nz      
 Home of the new - $24.95 128k ADSL
Nationwide Internet Service Provider
------------------------------------

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 12+ messages in thread
end of thread, other threads:[~2002-01-16  9:39 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-01-14  1:44 [LARTC] am i on the right track ? Chandrashekhar Joshi
2002-01-14  9:44 ` Martin Devera
2002-01-14 12:38 ` Chandrashekhar Joshi
2002-01-14 12:52 ` Martin Devera
2002-01-14 12:57 ` Rob Kaper
2002-01-14 13:01 ` Martin Devera
2002-01-14 13:04 ` Rob Kaper
2002-01-14 13:18 ` Martin Devera
2002-01-14 13:57 ` Chandrashekhar Joshi
2002-01-16  9:39 ` Martin Devera
  -- strict thread matches above, loose matches on Subject: below --
2002-01-14 14:08 [LARTC] Am I on the right Track? Sahil Gupta - NET4U
2002-01-15  0:52 ` Brendan Alderslade

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.