My shorewall firewall will be used to pass VOIP packets. I understand that for VOIP, HFSC traffic shaping is more effective than HTB. The documentation (http://shorewall.net/traffic_shaping.htm) states that Shorewall only supports HTB and SFQ. Does Shorewall really not support HFSC, or do I have to go and use something complicated like Mastershaper? Thanks in advance. Regards Fog_Watch. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Ian wrote:> Does Shorewall really not support HFSCYes -- the traffic shaper built into Shorewall really does not support HFSC. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Tom Eastep wrote:> Ian wrote: >> Does Shorewall really not support HFSC > > Yes -- the traffic shaper built into Shorewall really does not support HFSC.For those of you who might still be interested in this issue, Shorewall 4.3.12 will include support for HFSC (Hierarchical Fair Service Curve). HFSC is superior to HTB when realtime traffic such as VOIP is involved. Beware, though, that HFSC is even harder to configure than HTB. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com
On Sun, 2009-05-24 at 14:51 -0700, Tom Eastep wrote:> > For those of you who might still be interested in this issue, Shorewall > 4.3.12 will include support for HFSC (Hierarchical Fair Service Curve).Hrm. Another huh?> HFSC is superior to HTB when realtime traffic such as VOIP is involved. > Beware, though, that HFSC is even harder to configure than HTB.I guess the problem I always had with HTB and maybe it was just the various explanations and examples I saw, but it was that a high priority class (i.e. voip) was not actually able to use all of the bandwidth if it needed it. I used to do TC without any fancy classifiers and just used queues to put traffic into "priority bands" where the highest priority traffic always got all of the bandwidth it needed, and only if there was bandwidth left after a given priority band took it''s need, would a lower band get any. So yes, it was entirely possible for the lowest band(s) to get starved, but that was the nature of the priorities. Maybe HTB is capable of that. I just never saw it. If it isn''t, is HFSC any better in this regard? b. ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com
Brian J. Murrell wrote:> On Sun, 2009-05-24 at 14:51 -0700, Tom Eastep wrote: >> For those of you who might still be interested in this issue, Shorewall >> 4.3.12 will include support for HFSC (Hierarchical Fair Service Curve). > > Hrm. Another huh? > >> HFSC is superior to HTB when realtime traffic such as VOIP is involved. >> Beware, though, that HFSC is even harder to configure than HTB. > > I guess the problem I always had with HTB and maybe it was just the > various explanations and examples I saw, but it was that a high priority > class (i.e. voip) was not actually able to use all of the bandwidth if > it needed it. > > I used to do TC without any fancy classifiers and just used queues to > put traffic into "priority bands" where the highest priority traffic > always got all of the bandwidth it needed, and only if there was > bandwidth left after a given priority band took it''s need, would a lower > band get any. So yes, it was entirely possible for the lowest band(s) > to get starved, but that was the nature of the priorities. > > Maybe HTB is capable of that.For all practical purposes, it is. You must guarantee each class a non-zero bandwidth but you can make it so low as to be meaningless. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com
Brian J. Murrell wrote:>Maybe HTB is capable of that. I just never saw it. If it isn''t, is >HFSC any better in this regard?Yes it does support it. Say you have 4 classes, and 1024kbps of bandwidth. If you set it so that the rate/ceiling of the classes was : 1 1000/1024 2 8/1024 3 8/1024 4 8/1024 Then class 1 could use virtually all your bandwidth, and if it did so then classes 2-4 would get very little. But if class one is NOT using it all, then the other classes can use it - eg if there were no other traffic, then class 3 could use all 1024kbps. I do this at work, and it works "very nicely". -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com