similar to: interesting expert problem - shaping over VPN

Hi all, ive been reading lartc howto, im new about traffic shaping/police. As far as red (chapter 9 complete) i saw that first the packet passes at the ingress qdisc, then it passes to the ip stack if the packet is directed to the box or its forwarded (is my case), then it falls to the egress classifier/s. Now, i understand if i have an ipsec vpn at the outside interface, the egress

Hello, I''m trying to get lossless VoIP traffic over my 3000k/500k ADSL line. Shaping outgoing traffic is no problem: I set total ceil for outgiong device (ppp0) to 450kbit and put VoIP into highest prio class. Even during full upload the voice is clean on the other end. Now I tried to get the same result for incoming data. I attached HTB to eth1 where the incoming voip traffic is

Hi all, this is really not really very easy to understand, or, to get in. Well, I''ve the following configuration on the router box: LAN - interface: eth0 - network: 192.168.2.5/24 - bandwidth: 100Mbit/s INET interface - interface: ppp0 - network: .dynamic.ip./0 - bandwidth: DOWN=1536kbit/s and UP=256kbit/s the LAN interface is to serve 6 other clients with internet and

hi trevor, well, if you''re controlling whats going over the vpn then there are several options: i''ve been playing with racoon lately (well longer then with freeswan) so i''m not so sure with ipsec, but ... it appears that the meta-data ( i.e. packet marking) is perserved on packets that have not yet been encrypted but are going to be. as a general strategy, i would

On a router, there is no need for and IMQ because there is always an egress path. For example: Internet -> eth1 -> iptables -> routing -> ... -> egress qdisc -> eth0 -> LAN LAN -> eth0 -> iptables -> routing -> .... -> egress qdisc -> eth1 -> Internet Local Process / Proxy -> routing -> iptables -> egress qdisc -> eth1/eth0 ->

Hello all, I am trying to set up a simple htb based system, where packets with source ip 10.0.0.1 should have their own class. I plan to use tcng to set it up easier. Is there something wrong in my tcng file ? ~/tcng$ cat htb /* */ #include "fields.tc" #include "ports.tc" dev eth0 { htb ( ) { class ( rate 600kbps, ceil 600kbps ) {

I''m trying to setup traffic shaping on my linux gateway/router. The system has 3 interfaces: eth0 - My LAN - with IP address 192.168.0.254 eth1 - The ethernet connection to which my ADSL modem is connected. This has a 10.25.x.x IP, more on this later. The ADSL link has an upstream of ~1.2mbit. ppp0 - The PPP connection which is my WAN connection, with a real world IP. The system acts

Hi, I have what to me is an interesting issue. I am wanting to prioritize (QoS) traffic that will be passing through an IPSec (OpenS/WAN) VPN between two (identical) Linux routers. I know that I can apply the IPSec patches (1-4) to the kernel and IPTables (if they are not already applied by now) filter traffic before and after IPSec encapsulation. My problem is that I don''t know

Hello all, I have been doing a lot of archive searching over the last week reading posts on IMQ and it''s apparent stability / instability. I have seen a number of posts about it not being maintained as well. Can anyone talk to me about IMQ''s stability in a heavy throughput environment (20 Mbps) and what was causing IMQ to fail if you know. Thanks, Mike

Guys Considering the festive season is upon us, thanks to everyone contributing to the list and helping all the readers with your great input! I don''t want to mention names, I''ll most certainly leave someone out. With this mail I''d like to test some theory on bandwidth management, with my own successes and failures during the past year. Sharing a link between 200

Hello, I just found the great howto and started shaping my internet connection. The howto''s last update is a liitle in the past now so I have some questions about how things are done the best way nowadays ;-) To ensure a stable and low latency voip communication I added an HFSC qdisc to device ppp0 (1 Mbit SDSL). There are two classes (by now): One for SIP and RTP and one for the

I am successfully running ingress (IMQ) and egress (HTB) shaping on a bridge. Is there any way to combine and share the bandwidth between ingress and egress? Example: I have set up www service for egress at 128 KB and ingress at 256 KB. The shaping on them works fine separately. However, I want to create a single virtual pipe for www traffic and limit both ingress and egress combined to 256 KB.

I''m trying to set up customer egress shaping on concentrator that customers connect to using pptp (which uses pppd). This means customers each have a pppXXX interface when they connect. It''s easy to shape their "down" speed this way, and when they disconnect the interface is gone and thus the shaping rules automatically go away as well. However, shaping their upload

Hi Is there a way of marking packets by mac address instead of ip or ports using a "tc filter u32 match"? I read somewhere that I could use the offset -8 and -14 to grab the mac addresses but if I use anything lower than -8, for example -9, I get an error. I''m modifying the wondershaper script to cap the download speed by mac address. Any sugestions?

Greetings from a newbie! (Well, to this list anyway) I''m having a problem and I hope someone here might be able to help... I am strongly expecting an answer along the lines of "upgrade to v2.4.x", but I would REALLY preffer to avoid that for now... The setup: "Home brewed" v2.2.24 (will patch to v2.2.25 later today) with the DS8 patch applied. Currently

[I sent this earlier but I guess the list is subscriber-only?] I just set up wondershaper, it has a simple filter on the downstream direction to limit the bandwidth usage: tc qdisc add dev $DEV handle ffff: ingress tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \ 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1 This is effective but is there any way to

I have two interfaces, eth0 and eth1 but i can''t discern the egress traffic than ingress traffic. I need to apply htb qdisc in both directions, and I read that I need the IMQ patch to do this, because in ingress qdisc i can''t apply htb qdisc...but where is the ingress qdisc? affect the traffic that goes from eth0 to eth1 or is for the traffic that goes from eth1 to eth0?

I''ve followed this list for quite a long time and have even posted a couple of times. I used the early versions of IMQ from Devik (I think that was his name), and it worked well. I only ever got the chance to implement it in my test environment. I now need to implement it in my production environment. My Linux core router has nine interfaces and has a 27 megabit connection to the

Hello! My goal is to setup an ingress traffic shaping on my PPPOE DSL line with ifb. My old imq stuff used iptables marks (like ''iptables -t mangle -A PREROUTING -p tcp --sport 22 -m length --length :500 -j MARK --set-mark 31'') to classify the traffic and since i am lazy, i tried to to reuse them with ifb. But no luck: iptables marks the packets well, but tc

Hi all I''m new to this list, but not exactly to iproute stuff. I''d like to solve a specific problem with bandwidth coming from different external sources towards the internal network (also the other way around, but I figure that''s not so much a problem, since that is egress traffic shaping). The network looks like this: internet ------ ISP-------[shaping/router]