Mike Dent
2005-May-25 08:34 UTC
[Asterisk-Users] Asterisk, 2 x network interfaces and traffic shaping on same box?
Hi, just suppose you have a small LAN in an office with an external ADSL connection. Is there a problem by dual homing the Asterisk box (one interface on the local LAN and the other on the ADSL side). Then making all local traffic heading off site to go via the Asterisk box. On this box you run some kind of traffic shaping and firewall? This would then help you prioritise external VOIP traffic over other traffic leaving/entering the network? Obviously this would not be an ideal setup in a large/critical environment but may be a nice and neat solution for a small office? Comments? thanks Mike
Colin Anderson
2005-May-25 09:53 UTC
[Asterisk-Users] Asterisk, 2 x network interfaces and traffic shaping on same box?
Using the Asterisk box as a user firewall aside, if you set up distro of choice on a box and multihome it; and set Asterisk as the only service running on the box you should have an inherent firewall other than the security weaknesses of SIP and IAX, which you will have to live with or deal with or whatever. Optionally, you can run Apache and / or AMP but bind Apache to the internal LAN NIC only. By default, Asterisk binds to all ethernet interfaces unless you specify otherwise. Run the Wondershaper script and modify the DEV value to bind to the ETHX interface that faces the ADSL side and you should be good. http://www.krisk.org/astlinux/misc/astshape hth -----Original Message----- From: Mike Dent [mailto:mcdent@gmail.com] Sent: Wednesday, May 25, 2005 9:34 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: [Asterisk-Users] Asterisk, 2 x network interfaces and traffic shaping on same box? Hi, just suppose you have a small LAN in an office with an external ADSL connection. Is there a problem by dual homing the Asterisk box (one interface on the local LAN and the other on the ADSL side). Then making all local traffic heading off site to go via the Asterisk box. On this box you run some kind of traffic shaping and firewall? This would then help you prioritise external VOIP traffic over other traffic leaving/entering the network? Obviously this would not be an ideal setup in a large/critical environment but may be a nice and neat solution for a small office? Comments? thanks Mike _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users