I am confused about the tcrules file and the marks value. I currently have 2 ISP''s, and have defined them in providers, as well as using TCCLASSES. I am doing traffic shaping and want to also route VOIP traffic out provider #1. I am confused as to how to do the tcrules properly, so that it will know that I am giving it a provider mark and not a class mark. Is it as simple as making sure my tcclasses mark values do not overlap with the provider mark values? Or should I add a rule such as the following: 1:P <local network> 0.0.0.0/0 udp 5060 Any help would be appreciated -Ronnie #/etc/shorewall/providers #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY twest 1 1 main eth2 25.215.215.162 track,balance,optional atdsl 2 2 main ppp0 detect track,balance,optional #/etc/shorewall/tcclasses #INTERFACE MARK RATE CEIL PRIORITY OPTIONS #voip ppp0 1 128kbit full 1 tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc eth2 1 128kbit full 1 tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc #icmp ppp0 2 full/4 full 2 tcp-ack,tos-minimize-delay eth2 2 full/4 full 2 tcp-ack,tos-minimize-delay #other ppp0 3 3*full/10 full 3 default eth2 3 3*full/10 full 3 default #/etc/shorewall/tcrules #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS # PORT(S) PORT(S) 3 0.0.0.0/0 0.0.0.0/0 all 1 0.0.0.0/0 0.0.0.0/0 udp 4569 1 0.0.0.0/0 0.0.0.0/0 tcp 4569 1 0.0.0.0/0 0.0.0.0/0 udp 5060:5061 1 0.0.0.0/0 0.0.0.0/0 udp 10000:20000 2 0.0.0.0/0 0.0.0.0/0 icmp echo-request 2 0.0.0.0/0 0.0.0.0/0 icmp echo-reply 3 172.16.1.0 0.0.0.0/0 all 3 0.0.0.0/0 172.16.1.0/24 all ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
I''ve HIGH_ROUTE_MARKS=Yes and set the marks for my providers to 256 and 512. Then a new routing rule would be something like: 256:P <local network> 0.0.0.0/0 udp 5060 The rest should stay the same. Brad C On Fri, Jun 18, 2010 at 4:03 PM, Red Baron <redbaron73@gmail.com> wrote:> I am confused about the tcrules file and the marks value. I currently have 2 > ISP''s, and have defined them in providers, as well as using TCCLASSES. I am > doing traffic shaping and want to also route VOIP traffic out provider #1. I > am confused as to how to do the tcrules properly, so that it will know that > I am giving it a provider mark and not a class mark. Is it as simple as > making sure my tcclasses mark values do not overlap with the provider mark > values? Or should I add a rule such as the following: > > 1:P <local network> 0.0.0.0/0 udp 5060 > > Any help would be appreciated > > -Ronnie > > > #/etc/shorewall/providers > #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY > OPTIONS COPY > twest 1 1 main eth2 25.215.215.162 track,balance,optional > atdsl 2 2 main ppp0 detect track,balance,optional > > > #/etc/shorewall/tcclasses > #INTERFACE MARK RATE CEIL PRIORITY OPTIONS > #voip > ppp0 1 128kbit full 1 > tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc > eth2 1 128kbit full 1 > tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc > #icmp > ppp0 2 full/4 full 2 tcp-ack,tos-minimize-delay > eth2 2 full/4 full 2 tcp-ack,tos-minimize-delay > #other > ppp0 3 3*full/10 full 3 default > eth2 3 3*full/10 full 3 default > > #/etc/shorewall/tcrules > #MARK SOURCE DEST PROTO DEST SOURCE USER TEST > LENGTH TOS > # PORT(S) PORT(S) > 3 0.0.0.0/0 0.0.0.0/0 all > 1 0.0.0.0/0 0.0.0.0/0 udp 4569 > 1 0.0.0.0/0 0.0.0.0/0 tcp 4569 > 1 0.0.0.0/0 0.0.0.0/0 udp 5060:5061 > 1 0.0.0.0/0 0.0.0.0/0 udp 10000:20000 > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-request > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-reply > 3 172.16.1.0 0.0.0.0/0 all > 3 0.0.0.0/0 172.16.1.0/24 all > > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED''s GeekDad team up for the Ultimate > GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
So I can keep my marks in classes to be low numbers? Could I accomplish the same thing by not overlapping the marks with providers with classes? On Jun 18, 2010 4:50pm, Brad Clarke <brad@bradclarke.com> wrote:> I''ve HIGH_ROUTE_MARKS=Yes and set the marks for my providers to 256> and 512. Then a new routing rule would be something like:> 256:P 0.0.0.0/0 udp 5060> The rest should stay the same.> Brad C> On Fri, Jun 18, 2010 at 4:03 PM, Red Baron redbaron73@gmail.com> wrote:> > I am confused about the tcrules file and the marks value. I currently > have 2> > ISP''s, and have defined them in providers, as well as using TCCLASSES. > I am> > doing traffic shaping and want to also route VOIP traffic out provider > #1. I> > am confused as to how to do the tcrules properly, so that it will know > that> > I am giving it a provider mark and not a class mark. Is it as simple as> > making sure my tcclasses mark values do not overlap with the provider > mark> > values? Or should I add a rule such as the following:> >> > 1:P 0.0.0.0/0 udp 5060> >> > Any help would be appreciated> >> > -Ronnie> >> >> > #/etc/shorewall/providers> > #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY> > OPTIONS COPY> > twest 1 1 main eth2 25.215.215.162 track,balance,optional> > atdsl 2 2 main ppp0 detect track,balance,optional> >> >> > #/etc/shorewall/tcclasses> > #INTERFACE MARK RATE CEIL PRIORITY OPTIONS> > #voip> > ppp0 1 128kbit full 1> > tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc> > eth2 1 128kbit full 1> > tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc> > #icmp> > ppp0 2 full/4 full 2 tcp-ack,tos-minimize-delay> > eth2 2 full/4 full 2 tcp-ack,tos-minimize-delay> > #other> > ppp0 3 3*full/10 full 3 default> > eth2 3 3*full/10 full 3 default> >> > #/etc/shorewall/tcrules> > #MARK SOURCE DEST PROTO DEST SOURCE USER TEST> > LENGTH TOS> > # PORT(S) PORT(S)> > 3 0.0.0.0/0 0.0.0.0/0 all> > 1 0.0.0.0/0 0.0.0.0/0 udp 4569> > 1 0.0.0.0/0 0.0.0.0/0 tcp 4569> > 1 0.0.0.0/0 0.0.0.0/0 udp 5060:5061> > 1 0.0.0.0/0 0.0.0.0/0 udp 10000:20000> > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-request> > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-reply> > 3 172.16.1.0 0.0.0.0/0 all> > 3 0.0.0.0/0 172.16.1.0/24 all> >> >> > > ------------------------------------------------------------------------------> > ThinkGeek and WIRED''s GeekDad team up for the Ultimate> > GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the> > lucky parental unit. See the prize list and enter to win:> > http://p.sf.net/sfu/thinkgeek-promo> > _______________________________________________> > Shorewall-users mailing list> > Shorewall-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/shorewall-users> >> >> ------------------------------------------------------------------------------> ThinkGeek and WIRED''s GeekDad team up for the Ultimate> GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the> lucky parental unit. See the prize list and enter to win:> http://p.sf.net/sfu/thinkgeek-promo> _______________________________________________> Shorewall-users mailing list> Shorewall-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo