Guys After reading through the archives I found some insightful ways to be able to shape traffic to pppoe clients from the server. I have two questions on the topic of setting up a pppoe server however... 1. The clients will all be connected to each other using a normal ethernet network, the segments connected with managed switches. The capacity is roughly 500 nodes. Will these pppoe sessions interfere with each other or not? 2. I''d like to know if anyone has tried to shape pppoe client traffic by placing a transparent bridge between the servers and clients, and shaping on this bridge. I''m just testing the water here, after what I read in other threads it will be easier to just use a set of carefully crafted ip-up & ip-down scripts with pppd rather than the bridge. But nonetheless, opinions are always needed. Thanks guys -- Kenneth Kalmer kenneth.kalmer@gmail.com Folding@home stats http://fah-web.stanford.edu/cgi-bin/main.py?qtype=userpage&username=kenneth%2Ekalmer
Kenneth Kalmer wrote:> Guys > > After reading through the archives I found some insightful ways to be > able to shape traffic to pppoe clients from the server. I have two > questions on the topic of setting up a pppoe server however... > > 1. The clients will all be connected to each other using a normal > ethernet network, the segments connected with managed switches. The > capacity is roughly 500 nodes. Will these pppoe sessions interfere > with each other or not?What do you mean by ''interfere'' here?> > 2. I''d like to know if anyone has tried to shape pppoe client traffic > by placing a transparent bridge between the servers and clients, and > shaping on this bridge. I''m just testing the water here, after what I > read in other threads it will be easier to just use a set of carefully > crafted ip-up & ip-down scripts with pppd rather than the bridge. But > nonetheless, opinions are always needed.I use the ip-up and ip-down scripts, and a radius exec attribute so probably I can help with them. I''m planning on segmenting such a network with linux bridges for better filtering and QoS control. But that''s yet to come ;-)> Thanks guys >-- regards, Georgi Alexandrov key server - http://pgp.mit.edu/ :: key id - 0x37B4B3EE key fingerprint - E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On 5/23/06, Georgi Alexandrov <georgi.alexandrov@gmail.com> wrote:> Kenneth Kalmer wrote: > > Guys > > > > > > 1. The clients will all be connected to each other using a normal > > ethernet network, the segments connected with managed switches. The > > capacity is roughly 500 nodes. Will these pppoe sessions interfere > > with each other or not? > What do you mean by ''interfere'' here?A colleague of mine thought that these sessions might interfere with one another. On second thought, I''m not even going to explain this...> > 2. I''d like to know if anyone has tried to shape pppoe client traffic > > by placing a transparent bridge between the servers and clients, and > > shaping on this bridge. I''m just testing the water here, after what I > > read in other threads it will be easier to just use a set of carefully > > crafted ip-up & ip-down scripts with pppd rather than the bridge. But > > nonetheless, opinions are always needed. > I use the ip-up and ip-down scripts, and a radius exec attribute so probably > I can help with them.I assume that the exec attribute is in essence similair to what ip-up is, executing an arbitrary command under certain circumstances. Will look into it, thanks...> I''m planning on segmenting such a network with linux bridges for better > filtering and QoS control. But that''s yet to come ;-)The keyword here is "better", and that was my argument for using a bridge in the first place. It would appear to be easier to shape & filter away from the messy scripts of pppd & radius servers, but this raises the next issue. For the bridge, is the pppoe sessions identifiable using say source & destination ips, as opposed to pppoe traffic... I know if I perform a tcpdump on the interface that I connect to my adsl modem I only see the traffic as pppoe... Logic tells me that the bridge would suffer the same consequenses...> > Thanks guys > > > > > -- > regards, > Georgi Alexandrov > > key server - http://pgp.mit.edu/ :: key id - 0x37B4B3EE > key fingerprint - E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE-- Kenneth Kalmer kenneth.kalmer@gmail.com Folding@home stats http://fah-web.stanford.edu/cgi-bin/main.py?qtype=userpage&username=kenneth%2Ekalmer
Kenneth Kalmer wrote:> The keyword here is "better", and that was my argument for using a > bridge in the first place. It would appear to be easier to shape & > filter away from the messy scripts of pppd & radius servers, but this > raises the next issue. For the bridge, is the pppoe sessions > identifiable using say source & destination ips, as opposed to pppoe > traffic... I know if I perform a tcpdump on the interface that I > connect to my adsl modem I only see the traffic as pppoe... Logic > tells me that the bridge would suffer the same consequenses...Yes, that was my concern too. Maybe someone else on the list that has already went trought this may share the experience. I will test it as soon as I get my hands on a spare machine ;-) -- regards, Georgi Alexandrov key server - http://pgp.mit.edu/ :: key id - 0x37B4B3EE key fingerprint - E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Georgi Alexandrov wrote:> Kenneth Kalmer wrote: > >>The keyword here is "better", and that was my argument for using a >>bridge in the first place. It would appear to be easier to shape & >>filter away from the messy scripts of pppd & radius servers, but this >>raises the next issue. For the bridge, is the pppoe sessions >>identifiable using say source & destination ips, as opposed to pppoe >>traffic... I know if I perform a tcpdump on the interface that I >>connect to my adsl modem I only see the traffic as pppoe... Logic >>tells me that the bridge would suffer the same consequenses... > > Yes, that was my concern too. Maybe someone else on the list that has > already > went trought this may share the experience. > I will test it as soon as I get my hands on a spare machine ;-)I would have thought you can do it with u32 on ip or mac address. Look up ethertype(s) for pppoe and then give it as the protocol number for the tc filter - I assume ipheader will start 8 bytes after eth payload - never played with pppoe, though. Andy.