All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] bridge advice
@ 2002-08-01 16:51 D. Stimits
  2002-08-01 17:37 ` Stef Coene
  0 siblings, 1 reply; 2+ messages in thread
From: D. Stimits @ 2002-08-01 16:51 UTC (permalink / raw)
  To: lartc

I'm about to set up a Linux bridge (kernel 2.4.18.x from Redhat 7.3) 
between a (future) cable modem and several machines in the house. Some 
of those machines are windows, mine is Linux (but dual boots to 
windows). Basically:

  CABLE_MODEM (DHCP issues to each machine)
       |
       |(eth0 -- outer)
  LINUX_BRIDGE (not proxy, but is firewall on some ports)
       |(eth1 -- inner)
       |
8_PORT_SWITCH
       |
       |-Machine1
       |-Machine2
       ...
       |-MachineN

Except for my machine, the other machines will email and web browsing 
machines (I do cvs, ssh, remote web site editing, and write network game 
software in Linux, as well as play games under windows). My goal is 
similar to the cable modem "wonder shaper", but I'm not positive if 
maybe I need to expand on that, and am currently not familiar with the 
more advanced QoS and shaping abilities (I know they are there, I now 
have some docs, and a machine I will be able to test on soon), 
especially with respect to bridges. I want my machine to have low 
latency, but the other machines do not care about latency; all machines 
care about having a fair bandwidth.

A problem I am thinking about (until I get my bridge done I can only 
think about it, can't test anything) is that each machine is assigned 
address via DHCP, so perhaps the Linux bridge will have to find a way to 
know which DHCP address is assigned to which physical machine. If I were 
to simply assign qualities to the inside interface (eth1), then the same 
QoS and general characteristics would apply to all machines...which I do 
not want, so it seems I must deal on a per-IP-address basis, or a 
per-port basis. For port 80 web traffic, this seems just fine. I could 
even assign a quality for telnet and ssh ports. However, if I suddenly 
decide that one machine wants different characteristics for a port, or 
if it is an unknown port (such as some games work with...they may not 
always use the same port, or they can use more than one port at once), 
this breaks. So I am wanting to deal with latency on a per-machine 
basis, and simply assign low latency to my machine in general, and fair 
bandwidth for all machines; perhaps after that, I could override for 
particular ports, and for example, make all machines use port 80 web 
traffic with higher latency, even on my machine (which is otherwise low 
latency).

Is this reasonable with current 2.4.x kernels? Are there particular 
things to watch out for or look for, especially for a bridge?

Also, I have used ipchains in the past, but it seems iptables will be 
the future. What parts of this depend on iptables versus ipchains (if 
any)? The iproute2 package seems to provide most of the features I'm 
looking at, but it is conceivable that the use of ipchains or iptables 
will interact.

D. Stimits, stimits AT idcomm.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] bridge advice
  2002-08-01 16:51 [LARTC] bridge advice D. Stimits
@ 2002-08-01 17:37 ` Stef Coene
  0 siblings, 0 replies; 2+ messages in thread
From: Stef Coene @ 2002-08-01 17:37 UTC (permalink / raw)
  To: lartc

I have some remakst to make.
You can't use iptables on a linux bridge.  (I think there is a patch that you 
can, but I'm not sure).  And try to patch the kernel for htb (it's a 
replacement for cbq).  And maybe you can try to filter on mac-address so you 
don't need to know the ip-addresses.

Stef

On Thursday 01 August 2002 18:51, D. Stimits wrote:
> I'm about to set up a Linux bridge (kernel 2.4.18.x from Redhat 7.3)
> between a (future) cable modem and several machines in the house. Some
> of those machines are windows, mine is Linux (but dual boots to
> windows). Basically:
>
>   CABLE_MODEM (DHCP issues to each machine)
>
>        |(eth0 -- outer)
>
>   LINUX_BRIDGE (not proxy, but is firewall on some ports)
>
>        |(eth1 -- inner)
>
> 8_PORT_SWITCH
>
>        |-Machine1
>        |-Machine2
>
>        ...
>
>        |-MachineN
>
> Except for my machine, the other machines will email and web browsing
> machines (I do cvs, ssh, remote web site editing, and write network game
> software in Linux, as well as play games under windows). My goal is
> similar to the cable modem "wonder shaper", but I'm not positive if
> maybe I need to expand on that, and am currently not familiar with the
> more advanced QoS and shaping abilities (I know they are there, I now
> have some docs, and a machine I will be able to test on soon),
> especially with respect to bridges. I want my machine to have low
> latency, but the other machines do not care about latency; all machines
> care about having a fair bandwidth.
>
> A problem I am thinking about (until I get my bridge done I can only
> think about it, can't test anything) is that each machine is assigned
> address via DHCP, so perhaps the Linux bridge will have to find a way to
> know which DHCP address is assigned to which physical machine. If I were
> to simply assign qualities to the inside interface (eth1), then the same
> QoS and general characteristics would apply to all machines...which I do
> not want, so it seems I must deal on a per-IP-address basis, or a
> per-port basis. For port 80 web traffic, this seems just fine. I could
> even assign a quality for telnet and ssh ports. However, if I suddenly
> decide that one machine wants different characteristics for a port, or
> if it is an unknown port (such as some games work with...they may not
> always use the same port, or they can use more than one port at once),
> this breaks. So I am wanting to deal with latency on a per-machine
> basis, and simply assign low latency to my machine in general, and fair
> bandwidth for all machines; perhaps after that, I could override for
> particular ports, and for example, make all machines use port 80 web
> traffic with higher latency, even on my machine (which is otherwise low
> latency).
>
> Is this reasonable with current 2.4.x kernels? Are there particular
> things to watch out for or look for, especially for a bridge?
>
> Also, I have used ipchains in the past, but it seems iptables will be
> the future. What parts of this depend on iptables versus ipchains (if
> any)? The iproute2 package seems to provide most of the features I'm
> looking at, but it is conceivable that the use of ipchains or iptables
> will interact.
>
> D. Stimits, stimits AT idcomm.com
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-08-01 17:37 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-08-01 16:51 [LARTC] bridge advice D. Stimits
2002-08-01 17:37 ` Stef Coene

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.