Network Operation Center
2007-Oct-11 15:36 UTC
Limit Bandwitch based on a Vlan with Shorewall ?
Hi I have a linux router with 3 interfaces : eth0 => Internet eth1 => Lan N°1 eth2 => Lan N°2 on eth2, i use vlan and i have a small lot of eth2.10 => VlanID 10 eth2.20 => VlanID 20 eth2.30 => VlanID 30 That''s work very good actually. But now, i want "limit" the bandwitch by interface: eth0 has 10 Mbits of bandwitch, i want limite: eth1 => 4 Mbits eth2.10 => 2Mbits eth2.20 => 2Mbits eth2.30 => 2Mbits i run on Shorewall 3.2.1, i have a solution ? i have see a limit for a eth2 interface, but not in eth2.XX Thanks bye ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Network Operation Center wrote:>Hi > >I have a linux router with 3 interfaces : > >eth0 => Internet >eth1 => Lan N°1 >eth2 => Lan N°2 > >on eth2, i use vlan and i have a small lot of >eth2.10 => VlanID 10 >eth2.20 => VlanID 20 >eth2.30 => VlanID 30 > >That''s work very good actually. >But now, i want "limit" the bandwitch by interface: > >eth0 has 10 Mbits of bandwitch, i want limite: > >eth1 => 4 Mbits >eth2.10 => 2Mbits >eth2.20 => 2Mbits >eth2.30 => 2Mbits > >i run on Shorewall 3.2.1, i have a solution ? >i have see a limit for a eth2 interface, but not in eth2.XXI assume all the VLANs have different (RFC1918 ?) addresses - in which case you can set up traffic management on egress via eth0 and use address based rules to classify traffic. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Network Operation Center
2007-Oct-11 16:25 UTC
Re: Limit Bandwitch based on a Vlan with Shorewall ?
Simon Hobson a écrit : Network Operation Center wrote: Hi I have a linux router with 3 interfaces : eth0 => Internet eth1 => Lan N°1 eth2 => Lan N°2 on eth2, i use vlan and i have a small lot of eth2.10 => VlanID 10 eth2.20 => VlanID 20 eth2.30 => VlanID 30 That''s work very good actually. But now, i want "limit" the bandwitch by interface: eth0 has 10 Mbits of bandwitch, i want limite: eth1 => 4 Mbits eth2.10 => 2Mbits eth2.20 => 2Mbits eth2.30 => 2Mbits i run on Shorewall 3.2.1, i have a solution ? i have see a limit for a eth2 interface, but not in eth2.XX I assume all the VLANs have different (RFC1918 ?) addresses - in which case you can set up traffic management on egress via eth0 and use address based rules to classify traffic. Hi thanks for your asnwer, yes all vlan use a RFC1918 ... eth1: 172.16.1.0/24 eth2.10: 172.16.2.0/24 eth2.20: 172.16.3.0/24 eth2.30: 172.16.4.0/24 if i understand you say that i can limit on the eth0 based on the 172.16.X.0/24 .. i use too masquerading, it''s not a problemes ? anyone have a small samples ? thanks bye ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
Network Operation Center wrote:> ... > eth1 => 4 Mbits > eth2.10 => 2Mbits > eth2.20 => 2Mbits > eth2.30 => 2Mbits > > i run on Shorewall 3.2.1, i have a solution ? > i have see a limit for a eth2 interface, but not in eth2.XXVLANs in Linux work almost identically to normal interfaces. If you have zones specified by their VLAN interface, then you can apply all the same rules you would to normal interfaces. -- Paul <http://paul.gear.dyndns.org> -- Everyone who voted for slavery was free. Everyone who votes for abortion was born. That''s how oppression works. -- Matt Evans, Harvard law student ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/