Re: good tutorial

[Andrew Beverley <andy@andybev.com>]

On Sat, 2011-02-05 at 20:33 +0100, J Webster wrote:
> Thanks.
> Out of interest will this only limit connects incoming to the server and 
> not outgoing?

It will limit the *outgoing* traffic on whichever interface you attach
it to, but from your perspective this may actually result in traffic
incoming to the server (which I guess is what you want).

So if you attach to your LAN interface, and you actually mean "will this
only limit traffic being downloaded from the internet", then the answer
is yes.

> For example, a user connects via VPN to the server, their connection 
> should be limited to 2Mbps (3in the example below) but they are 
> connecting to say www.youtube.com. I do not want the connection to 
> youtube.com to be restricted as maybe 10 users might be accessing 
> youtube at the same time.

It won't in the example. However, even if you were doing egress shaping
on the internet interface, you'd have to specifically specify youtube's
IP address for the above to happen anyway.

> So the server can have an unlimited outgoing connection to youtube but 
> when it passes on the connection to the client (much like a proxy server 
> might do), they should only have 2Mbps.

Sort of - when you say "outgoing" connection to youtube, I assume you
mean traffic "incoming" from youtube to the server. So if you egress
shape on the LAN interface, then there will be no restrictions for the
overall traffic coming the internet, but the client will be limited
depending on your filters. 

Remember that traffic goes both ways - you'll need to egress shape on
the internet interface if you want to also limit the traffic to the
internet (ie uploads).

> Now the reason I asked for a tutorial somewhere is I went through the 
> LARTC tutorial (which just looks like a blank white document) and my 
> understanding of leaf, HTB, U32, qdisc, etc is kind of lacking :)

Well I found this to be pretty good:

http://www.opalsoft.net/qos/DS.htm

Andy