All of lore.kernel.org
 help / color / mirror / Atom feed
From: Przemyslaw Kowalczyk <PRZEM@it.engine.com.pl>
To: lartc@vger.kernel.org
Subject: [LARTC] Three interfaces and traffic shaping
Date: Tue, 15 Apr 2003 13:44:37 +0000	[thread overview]
Message-ID: <marc-lartc-105041427018247@msgid-missing> (raw)

Hi.

I think, I have quite common configuration on my firwall:
eth0 - to provider (1Mbps) (imq0 attached on prerouting)
eth1 - local network (100Mbps) (private IPs) - users with certain 
priorities
eth2 - DMZ (100Mbps) (public IPs)

I'm trying to set up traffic shaping that would give both networks (local 
and DMZ) 512kbps for connection to/from the Internet and unlimited 
traffic between them (local <-> DMZ) while still managing same 
priorities for the local users (some of them should have 'better' 
service then others within the 512kbps limit).

The problem I cannot overcome is the NAT - packets enter imq0 have public 
IP so I can't distinguish the local users packet is heading for. On the 
other hand if I try to shape them on eth1 I will have to create a class 
with 100Mbps throughput and then a subclass with 512kbps which seems 
very 'unelegant' solution to me.

Is there any other way to shape in that kind of situation?

best regards
przem





_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

                 reply	other threads:[~2003-04-15 13:44 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-105041427018247@msgid-missing \
    --to=przem@it.engine.com.pl \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.