* [LARTC] Three interfaces and traffic shaping
@ 2003-04-15 13:44 Przemyslaw Kowalczyk
0 siblings, 0 replies; only message in thread
From: Przemyslaw Kowalczyk @ 2003-04-15 13:44 UTC (permalink / raw)
To: lartc
Hi.
I think, I have quite common configuration on my firwall:
eth0 - to provider (1Mbps) (imq0 attached on prerouting)
eth1 - local network (100Mbps) (private IPs) - users with certain
priorities
eth2 - DMZ (100Mbps) (public IPs)
I'm trying to set up traffic shaping that would give both networks (local
and DMZ) 512kbps for connection to/from the Internet and unlimited
traffic between them (local <-> DMZ) while still managing same
priorities for the local users (some of them should have 'better'
service then others within the 512kbps limit).
The problem I cannot overcome is the NAT - packets enter imq0 have public
IP so I can't distinguish the local users packet is heading for. On the
other hand if I try to shape them on eth1 I will have to create a class
with 100Mbps throughput and then a subclass with 512kbps which seems
very 'unelegant' solution to me.
Is there any other way to shape in that kind of situation?
best regards
przem
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-04-15 13:44 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-04-15 13:44 [LARTC] Three interfaces and traffic shaping Przemyslaw Kowalczyk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.