* [LARTC] prioritizing INCOMING traffic
@ 2002-01-20 15:09 ronald.phannee
2002-01-20 15:15 ` Martin Devera
2002-01-20 15:31 ` ronald.phannee
0 siblings, 2 replies; 3+ messages in thread
From: ronald.phannee @ 2002-01-20 15:09 UTC (permalink / raw)
To: lartc
Hi All,
I am using iptables mangle table to set the TOS bit of several kinds of
traffic in order to give for instance ssh priority above bulk or normal
traffic.
For using ssh sessions from my linux box to a machine on the internet I use:
iptables -t mangle -A PREROUTING -i ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
iptables -t mangle -A OUTPUT -o ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
Now my question is if the opposite rules do make sense also?
iptables -t mangle -A PREROUTING -i ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
iptables -t mangle -A OUTPUT -o ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
My intention is to give priority to incoming (from internet to my linux
box) ssh sessions also.
Best regards,
--
Ronald Verlaan
http://80.60.86.86
ronald.phannee@planet.nl
--------------------------------------------------------------------------
Mickey Mouse wears a Spiro Agnew watch.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] prioritizing INCOMING traffic
2002-01-20 15:09 [LARTC] prioritizing INCOMING traffic ronald.phannee
@ 2002-01-20 15:15 ` Martin Devera
2002-01-20 15:31 ` ronald.phannee
1 sibling, 0 replies; 3+ messages in thread
From: Martin Devera @ 2002-01-20 15:15 UTC (permalink / raw)
To: lartc
> For using ssh sessions from my linux box to a machine on the internet I use:
> iptables -t mangle -A PREROUTING -i ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
> iptables -t mangle -A OUTPUT -o ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
but this itself will not priorize anything .. depends on routers outside
> Now my question is if the opposite rules do make sense also?
> iptables -t mangle -A PREROUTING -i ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
> iptables -t mangle -A OUTPUT -o ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
> My intention is to give priority to incoming (from internet to my linux
> box) ssh sessions also.
It is nonsence .. Once packet is in your box all QoS decisions was already
made.
devik
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] prioritizing INCOMING traffic
2002-01-20 15:09 [LARTC] prioritizing INCOMING traffic ronald.phannee
2002-01-20 15:15 ` Martin Devera
@ 2002-01-20 15:31 ` ronald.phannee
1 sibling, 0 replies; 3+ messages in thread
From: ronald.phannee @ 2002-01-20 15:31 UTC (permalink / raw)
To: lartc
On Sun, 20 Jan 2002, Martin Devera wrote:
Hi Martin
> > iptables -t mangle -A PREROUTING -i ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
> > iptables -t mangle -A OUTPUT -o ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
>
> but this itself will not priorize anything .. depends on routers outside
I know so that is why I do use:
tc qdisc add dev ppp0 root handle 1: prio
# traffic put by kernel in band 0 based on TOS bit just set by iptables
tc qdisc add dev ppp0 parent 1:1 handle 10: sfq
# traffic put by kernel in band 1 based on TOS bit just set by iptable
tc qdisc add dev ppp0 parent 1:2 handle 20: tbf rate 61kbit latency 50ms burst 1540
# traffic put by kernel in band 2 based on TOS bit just set by iptable
tc qdisc add dev ppp0 parent 1:3 handle 30: sfq
This DOES shape my traffic , or am I wrong?
> > Now my question is if the opposite rules do make sense also?
> > iptables -t mangle -A PREROUTING -i ppp0 -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
> > iptables -t mangle -A OUTPUT -o ppp0 -p tcp --sport ssh -j TOS --set-tos Minimize-Delay
> > My intention is to give priority to incoming (from internet to my linux
> > box) ssh sessions also.
>
> It is nonsence .. Once packet is in your box all QoS decisions was already
> made.
Ok I agree :) But my thinking was that I CAN influence the return traffic
thus slowing down (tcp window mechanism) the BULK connections and not
slowing down the interactive traffic.. Makes sense or totally not? :P
Best regards,
--
Ronald Verlaan
http://80.60.86.86
ronald.phannee@planet.nl
--------------------------------------------------------------------------
Mickey Mouse wears a Spiro Agnew watch.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-01-20 15:31 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-01-20 15:09 [LARTC] prioritizing INCOMING traffic ronald.phannee
2002-01-20 15:15 ` Martin Devera
2002-01-20 15:31 ` ronald.phannee
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.