All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Basic Traffic Control
@ 2003-10-28  7:21 Edmund Turner
  0 siblings, 0 replies; only message in thread
From: Edmund Turner @ 2003-10-28  7:21 UTC (permalink / raw)
  To: lartc


Hey guys and gals,
Sorry for the 'newbie' question, but I would like to get some help on
configuring my HTB qdiscs for my network. My network setup:

LAN --> Firewall --> Router -->Internet
		|
		|
		--> DMZ

So much for the Ascii artist in me. :)
The firewall has 3 interfaces:
Eth0 = LAN --> 100Mbps NIC
Eth1 = DMZ --> 100Mbps NIC 
Eth2 = Internet --> 4MB link to internet

Backgrond:
DMZ Zone Eth1: Web/FTP, and SMTP servers. (100Mbps switches and NICs) 
WEB/FTP server :10.100.1.1/24
SMTP server:10.100.1.2/24

LAN Eth0: I have 3 different VLANs to categories the 3 different
departments. 
VLAN1 -192.168.1.0/24
VLAN2 -192.168.2.0/24
VLAN3 -192.168.3.0/24

External Eth2 : 4MB Leased line to the internet.

Currently my router that is connected to the 4MB leased line is becoming
the bottleneck! 
1.)How do I make the firewall Eth0 become the bottleneck???? Should I
limit it to 10mbits as such:
tc qdisc add dev eth0 root handle 1: htb default 10 
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit

2.) I want to limit the bandwidth from the WEB/FTP servers from the DMZ
to either the internet or the LAN.
This is what I did:

tc qdisc add dev eth0 root handle 1: htb default 10 
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 128kbps ceil
256kbps prio 7
tc filter add dev eth0 protocol ip parent 1:1 prio 7 handle 7 fw classid
1:10

tc qdisc add dev eth1 root handle 2: htb default 10 
tc class add dev eth1 parent 2: classid 2:1 htb rate 3840kbps 
tc class add dev eth1 parent 2:1 classid 2:10 htb rate 128kbps ceil
128kbps prio 7
tc filter add dev eth1 protocol ip parent 2:1 prio 7 handle 7 fw classid
2:10


tc qdisc add dev eth2 root handle 3: htb default 10 
tc class add dev eth2 parent 3: classid 3:1 htb rate 3840kbps 
tc class add dev eth2 parent 3:1 classid 3:10 htb rate 128kbps prio 7
tc filter add dev eth2 protocol ip parent 3:1 prio 7 handle 7 fw classid
3:10

/sbin/iptables -A PREROUTING -I eth1 -s 10.100.1.1 -t mangle -j MARK
--set-mark 7
/sbin/iptables -A PREROUTING -I eth1 -d 10.100.1.1 -t mangle -j MARK
--set-mark 7

After testing Via FTP/web downloads. It appears that Ive managed to
limit the amount of bandwidth thru and from the FTP/WEB server from the
DMZ. All other traffic (internet surfing etc) will fall into the default
rules correct? Did I miss anything out? 


What I would like to accomplish :
I would like to limit the max amount of bandwidth on Eth0 to 10MB
I would like to limit the max amount of bandwidth on Eth0 to 3840kbps
I would like to limit the max amount of bandwidth on Eth2 to 3840kbps.
(4MB leased line to internet.
Did I accomplish this?

Any help in anyway is appreciated!
Regards
edmund


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2003-10-28  7:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-10-28  7:21 [LARTC] Basic Traffic Control Edmund Turner

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.