Hi, my shorewall is version 4.0.15 on Debian Lenny. I have 3 following interfaces: eth0 net (4mbit/512kbit) eth1 loc (100mbit) eth2 loc (100mbit) I want to shape traffic from net on two lan interfaces like: - default is 2000mbit for each local interface - if is no traffic on eth1 is 4mbit for eth2 (and vice versa) My tcdevices eth0 4000mbit 512kbit eth1 - 100mbit eth2 - 100mbit Class is assigned to the interface and my question is, is it possible to assign a common class for eth1 and eth2? How should look a class for eth1 and eth2? eth1 1 2mbit 4mbit eth2 1 2mbit 4mbit eth1 2 4mbit 4mbit eth2 2 4mbit 4mbit I write because the documentation have an example for one local interface. Thank for advice. Sebastian ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
Sebastian Mazur wrote:>my shorewall is version 4.0.15 on Debian Lenny. I have 3 following >interfaces: > >eth0 net (4mbit/512kbit) >eth1 loc (100mbit) >eth2 loc (100mbit) > >I want to shape traffic from net on two lan interfaces like: >- default is 2000mbit for each local interface >- if is no traffic on eth1 is 4mbit for eth2 (and vice versa)You can only shape outgoing traffic on an interface, and you can''t couple interfaces together. What you''ll need to do is use an IFB (Intermediate Functional Block) and arrange for all traffic in bound on eth0 to be routed through it. You can shape traffic out of this virtual interface and then AFTER it''s shaped, route it out of the two real interfaces. For the shaping you then follow the same steps as you would for a two interface router (ie shape outbound on eth0 and your IFB). For outbound traffic to the net, that''s simple enough to shape on eth0. Sorry, it''s not something I''ve ever done (not had a need to), so I can''t tell you the steps required to set it up. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
Constantine Karnacevych
2009-Oct-31 15:34 UTC
Re: traffic shaping with two internal interfaces
Simon Hobson wrote:> Sebastian Mazur wrote: > > >> my shorewall is version 4.0.15 on Debian Lenny. I have 3 following >> interfaces: >> >> eth0 net (4mbit/512kbit) >> eth1 loc (100mbit) >> eth2 loc (100mbit) >> >> I want to shape traffic from net on two lan interfaces like: >> - default is 2000mbit for each local interface >> - if is no traffic on eth1 is 4mbit for eth2 (and vice versa) >> > > You can only shape outgoing traffic on an interface, and you can''t > couple interfaces together. What you''ll need to do is use an IFB > (Intermediate Functional Block) and arrange for all traffic in bound > on eth0 to be routed through it. You can shape traffic out of this > virtual interface and then AFTER it''s shaped, route it out of the two > real interfaces. For the shaping you then follow the same steps as > you would for a two interface router (ie shape outbound on eth0 and > your IFB). > > For outbound traffic to the net, that''s simple enough to shape on eth0. > > Sorry, it''s not something I''ve ever done (not had a need to), so I > can''t tell you the steps required to set it upsometing like following should help: tcclasses: eth0 1 256kbit 512kbit 2 eth1 2 2mbit 4mbit 1 eth2 3 2mbit 4mbit 1 tcdevices: eth0 4mbit 512kbit eth1 - 110mbit eth2 - 110mbit tcrules: 1:P {ips of eth1 ad eth2} eth0 all 1:T {ips of eth1 ad eth2} eth0 all 2 0.0.0.0/0!{ips of eth1 ad eth2} eth1 all 3 0.0.0.0/0!{ips of eth1 ad eth2} eth2 all cheers ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
Hi, thanks for help. I try configure IFB but I get following error: Validating /etc/shorewall/tcdevices... ERROR: Option default is not defined for any class in tcclasses for interface 1:eth0 My config files are from example on http://www.shorewall.net/traffic_shaping.htm#IFB tcdevices: 1:eth0 - 512kbit classify 2:ifb0 - 4000kbit - eth0 tcclasses: 1:110 - 5*full/10 full 1 tcp-ack,tos-minimize-delay 1:120 - 2*full/10 6*full/10 2 default 1:130 - 2*full/10 6*full/10 3 2:110 - 5*full/10 full 1 tcp-ack,tos-minimize-delay 2:120 - 2*full/10 6*full/10 2 default 2:130 - 2*full/10 6*full/10 3 tcfilters: 1:120 - - 2:110 - 10.0.0.0/9 2:120 - 10.128.0.0/9 Thanks for a piece of advice and help. Sebastian Mazur> You can only shape outgoing traffic on an interface, and you can''t > couple interfaces together. What you''ll need to do is use an IFB > (Intermediate Functional Block) and arrange for all traffic in bound > on eth0 to be routed through it. You can shape traffic out of this > virtual interface and then AFTER it''s shaped, route it out of the two > real interfaces. For the shaping you then follow the same steps as > you would for a two interface router (ie shape outbound on eth0 and > your IFB). > > For outbound traffic to the net, that''s simple enough to shape on eth0. > > Sorry, it''s not something I''ve ever done (not had a need to), so I > can''t tell you the steps required to set it up. > >------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
Sebastian Mazur wrote:> Hi, > > thanks for help. I try configure IFB but I get following error: > Validating /etc/shorewall/tcdevices... > ERROR: Option default is not defined for any class in tcclasses for > interface 1:eth0 >It looks to me that you are running Shorewall-shell. As clearly stated in the documentation, IFB support is only available in Shorewall-perl. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july