search for: tcclasses

Hello, I am trying to set up traffic shaping/control for my voip connection. I am running 4.4.22.3. Here is my current configuration: --- tcdevices --- #NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED #INTERFACE INTERFACES eth1 2048kbps 1500kbps -- tcclasses --- #INTERFACE:CLASS MARK RATE: CEIL PRIORITY OPTIONS # DMAX:UMAX eth1 1 100kbps 180kbps 1 tos=0x88/0xfc,tos=0xb8/0xfc eth1 2 full/4 full 2 default -- tcrules --- #MARK SOURCE DEST PROTO DEST SOURCE USER...

Version 3.0.5 with the two-devices setup (eth0 - net, eth1 - loc). Kernel 2.4.29 tcdevices, tcrules, and tcclasses are clones of the wondershaper example (http://www.shorewall.net/traffic_shaping.htm) with eth0 replacing ppp. With TC_ENABLED=Internal in shorewall.conf: ---- Validating /etc/shorewall/tcdevices... Validating /etc/shorewall/tcclasses... ERROR: device A seems not to be configured in tcdevices...

...'m trying to configure QOS , but I''m don''t have success. My files: #/etc/shorewall/tcdevices #INTERFACE IN-BANDWITH OUT-BANDWIDTH eth0 256kbit 256kbit eth1 256kbit 256kbit eth2 256kbit 256kbit #/etc/shorewall/tcclasses #INTERFACE MARK RATE CEIL PRIORITY OPTIONS eth1 1 256Kbit 50Kbit 1 default eth2 2 256Kbit 25Kbit 1 default eth0 3 256kbit 50Kbit 1 default eth0 4 256kbit 2...

hello folks, this is my first post to that list. so I hope I am not completely OT here :-) reading the (excellent!) lartc and then writing my own qos-script I have still some open questions which I will try to formulate now: - "Now we can optionally attach queuing disciplines to the leaf classes. If none is specified the default is pfifo." - I can''t find info about Pfifo.

Hi i want see if my QoS are good because i am not very sure ... the VoIP quality are not very good when i download. I have on my Linux routeur/Firewall Asterisk .. and i have into my config : ================================================ tcdevices: eth0 2000kbit 2000kbit tcclasses: eth0 1 100kbit 180kbit 1 tos=0x68/0xfc,tos=0xb8/0xfc eth0 2 full/4 full 2 tcp-ack,tos-minimize-delay eth0 3 full/4 full 3 default eth0 4 full/8 full*8/10 4 tcrules: 1 $FW 0.0.0.0/0 udp 4569 - -...

...to use. I basically want to give the VoIP ATA top priority over over everything else on the LAN (mark 1), give SSH/ICMP/ACK packets the next priority (mark 2), default traffic is mark 3, and then P2P on mark 4 (I have set all my P2P programs to only use 6881-6889). There was mention of VoIP in the TCCLASSES file, but not in the TCRULES file. TCDEVICES: #INTERFACE IN-BANDWITH OUT-BANDWIDTH ppp0 1200kbit 205kbit TCCLASSES: #INTERFACE MARK RATE CEIL PRIORITY OPTIONS ppp0 1 100kbit 180kbit 1 ppp0 2 full/4 full 2...

...INTERFACES $MID_IF_TC:$MID_IF 0 1000mbit $INET1_IF_TC:$INET1_IF - 2mbit classify $INET1_IFB_TC:$INET1_IFB_IF - 12mbit - $INET1_IF /etc/shorewall/tcclasses: #INTERFACE:CLASS MARK RATE: CEIL PRIORITY OPTIONS # DMAX:UMAX $MID_IF:110 - 30*full/100 95*full/100 1 $MID_IF:120 - 20*full/100 95*full/100 2 tcp-ack $MID_IF:130 - 20*f...

Hi! It''s me again bothering you guys, what I want to do is to give full bandwidth to VPN traffic and limit the rest to 30KB/s (kilobytespersecond), ok? Here''s what I have: tcclasses ################################## eth0 1 1kbps 70kbps 1 eth0 2 1kbps 30kbps 2 default eth1 3 15kbps 10000kbps 1 eth1 4 1kbps 30kbps 2 default ###################################### tcdevices ######################...

...to configure QoS in my shorewall conf but I have a doubt. Now I am using tcrules with prerouting and with the file providers, like this. 2:P 192.168.0.11 0.0.0.0/0 tcp 25 So, with this way I route my smtp traffic with my provider number 2. Well, now I want to configure QoS with tcclasses and tcdevices, but if I do that I need to use the MARK in the tcclasses So, how can I do this and also work with my preroutings rules? Thanks ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you ac...

..... Almost everything (99%) seems to be in the default queue, occasionally something shows up in the "Mark 2 queue" Queue 1 and 4 are never used. I am running a 2.6.24 kernel, on a USparc1 using debian testing and I have attached a shorewall dump. I have created the following tcrules, tcclasses, and tcdevices files. tcrules #MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST # PORT(S) #VoIP 1 192.168.0.62 0.0.0.0/0 tcp 4569,5060,5061 1 192.168.0.62 0.0.0.0/0 tcp - 4569,5060,5061 1 192.16...

hi who can ever help me out with the shaping of torrent traffic? i have a pptp at ppp0 over eth0 (10.0.0.1/8) i would like to shape outgoing traffic of rtorrent on these two interfaces, assume rtorrent is running at port 6999 need 3mbit for ppp0 and 50mbit for eth0 i supposed: [tcclasses] ppp0 1 2mbit 3mbit 1 eth0 2 20mbit 50mbit 2 [tcrules] 1 0.0.0.0/0 0.0.0.0/0 tcp 6999 2 10.0.0.1/8 10.0.0.1/8 tcp 6999 but they do not help shorewall 4.4.0, kernel 2.6.30 (no support for ipp2p) what rules may help me with this task? any ideas? --- thx -----------------...

Hi, my shorewall is version 4.0.15 on Debian Lenny. I have 3 following interfaces: eth0 net (4mbit/512kbit) eth1 loc (100mbit) eth2 loc (100mbit) I want to shape traffic from net on two lan interfaces like: - default is 2000mbit for each local interface - if is no traffic on eth1 is 4mbit for eth2 (and vice versa) My tcdevices eth0 4000mbit 512kbit eth1 -

...te ingress discipline on real device (f.e. eth2) and redirect 'egress' from it to 'ifb0'. tc qdisc add dev eth2 ingress tc filter add dev eth2 parent ffff: protocol ip \ u32 match u32 0 0 action mirred egress redirect dev ifb0 And then we can use 'tcrules' and 'tcclasses' for configuration egress discipline of the 'ifb0' interface as usually. I think that we can add yet one column in 'tcdevices' for such devices as 'ifb' for define list of interfaces whose traffic we want to redirect to it. May be so: #INTERFACE IN-BANDWITH...

Greetings; My syslog is getting 100s of thousands of messages like the following (these are just a sample); (BTW I am running Debian/lenny) > May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0 > May 11 12:41:31 gatekeeper kernel:

...rything was working fine before, after upgrading the script wouldn''t start. First some config files. tcdevices: #INTERFACE IN-BANDWIDTH OUT-BANDWIDTH OPTIONS REDIRECTED eth1 - 6300kbit hfsc,classify ifb0 - 6300kbit hfsc eth1 tcclasses: #INTERFACE MARK RATE(:DMAX:UMAX) CEIL PRIORITY OPTIONS ifb0:110 - full/4:50 full/2 1 tcp-ack,tos-minimize-delay ifb0:130 - full/2 full*9/10 3 flow=nfct-dst ifb0:140 - full/4 full*9/10 4 default,flow=nfct-dst eth1:110 - full...

...and it actually gives that performance with the corresponding outbound traffic limits. Naturally when I stop shorewall this phantom limit disappears. I think I did everything by the book but I might have missed something. So I would like to set the default outbound limit to what''s in the tcclasses and certain inbound ports to their appropriate values. (The dump files are in the attachment with the config files). There is another favour I''d like to ask: I never had the chance to show my firewall settings to anyone with more experiences and I am not very confident whether they are go...

...REJECT net loc ipp2p:all ipp2p This did seem to stop bittorrent but not ares. So first question: is this the correct rule? Has some one successfully done this before? My second attempt was to at least make the use of p2p frustratingly slow. I seemed to have better results. Below are my tcrules, tcclasses, and tcdevices files. tcrules #MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST LENGTH TOS # PORT(S) 5 0.0.0.0/0 0.0.0.0/0 icmp echo-request 5 0.0.0.0/0 0.0.0.0/0 icmp echo-reply RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0 CONTINUE 0.0.0.0/0 0.0.0.0/0 all - - - !0 7 0.0.0.0/0 0.0.0.0/0 i...

I''m trying to use the traffic control features of Shorewall. I share my network with some guys, and I have a tcclasses file like this: #Hunter Fuller eth0 100 1500kbit full 50 tos-maximize-throughput #(other guy''s name) eth0 110 1500kbit full 50 tos-minimize-delay etc., based on their personal preferences. Then for users I cannot identif...

Hi folks, I''m having an issue with rsync between my firewall and an internal box. It seems to be a shorewall issue (or correctly speaking, an issue with my shorewall config) because if I disable shorewall my rsync works fine. And I just can''t find it documented anywhere what I need to do. I have rules like this : root@userver:/etc/shorewall# grep -i Rsync rules

Hello there, I can modify /etc/shorewall/tcdevices to control overall IN-BANDWITH. It is quite effective. Just change 2mbit to 128kbit. However, how do I limit download speed for a certain host IP on the LAN? I want to limit host 192.168.1.140 download speed to 128Kbit. Other hosts on the 192.168.1.0 LAN can still surf at 2mbit. Any input welcome. Kind Regards, Michael