similar to: ip alias question

Hi all, After a long reading of the LARTC, I were able to set up a working HTB config on my firewall. But my question is : Can I use a "ip less" box to do QoS ? With bridging software (or even without?) or thing like this and use an u32 filter to direct the traffic to the right class ? In other words, I can''t modify the existing network config or inster into (netmask is

Hi all, I''ve a routing problem. I''m setting up a router based on debian (kernel 2.4). I need to setup routing to export an ftp service (ftp server is in dmz) to 2 wan (both). I setup prerouting ad forward rule with no problem. The problem is that reply packet use default gateway (default wan) even though they are enter using the other wan. I solved it marking packets in input

Hi all, I have managed to setup a Fedora 7 box with 3 ethernet cards and two ADSL modem/routers from different suppliers as LARTC recommends. I am able to direct traffic for specific internal IPs either to one or the other ADSL line. However, I am faced with two problems I am struggling for the solution: 1. I have opened a few ports on the ADSL router/firewalls to talk to internal hosts; say when

Hi I believe that whole question is in topic. Is there any way to recognize ( and then shape ) p2p traffic which is encrypted? Modern p2p clients have this ability moreover some of them have this enabled by default. Now I''m using ipp2p for iptables but as I know this doesn''t recognize encrypted traffic. Thanks in advance. Pozdrawiam Szymon Turkiewicz

HI all, What is best way to be limited upload speed from LAN users. I read that it is possible to be done with IMQ interface or with limitation over gateway interface of router(eth0 in my "scheme"), but i cannot chose what is preferred way and need from advice. Please for advise, any example scripts or URL with tutorial are welcome :) I read couple times Linux Traffic Control.

Greeting all, I have a bit of a complicated question. I have two ethernet devices, eth1 and eth2. eth1 is where my internet comes from. It is in the form of 202.172.122.208/29. It has another IP range, 202.172.122.72/29. What I want to be able to do is route 202.172.122.72/29 to eth2, so that other machines can use those IPs, any ideas on how to do this, I cannot work out how to do this.

I''m playing with the rather excellent QOS script from Alexander Clouter at http://digriz.org.uk/jdg-qos-script/ So far I am really impressed with it - a very impressive example of the power of linux QOS rules (has pretty much everything in it from the LARTC Howto!) However, the instructions hint that "for QoS to affect locally generated traffic in a non ethernet bridge setup

Hi - Still plugging away at my Linux bridge/firewall and thinking through the consequences. In a normal firewall situation, the Internet is on one side, the internal LAN on the other. Duh! But now, with a Linux bridge in the middle, the whole thing becomes one big messy LAN. So we have a scenario that looks like this: Internal---User---Core-----Firewall---Internet---Internet router Servers

Hello there, Having made quite a lot of expensive mistakes i have finally clobbered together a script for the users on my network. Have a look at it and please suggest as to how can i limit bandwidth to each ip on this network to about 64Kbits. Trevor -- ( >- GNU/LINUX, It''s all about CHOICE -< ) /~\ __ trevor@clovertechnologies.com __ /~\ | \) / Pre Sales

This is a long message. Please use a monospace font :) I''m trying to shape the traffic between my LAN and the Internet. My link is an ADSL 512/128 line. The network is shaped like this: LAN GATEWAY ROUTER ------------------ ------------- ------------ | 192.168.0.1/16 | <----> | 192.168.0.1 | <----> | 10.0.0.138

Hello everybody. I would like to do some kind of shaping inside an ipsec tunnel implemented by Openswan and linux 2.6.18.x with xfrm (no KLIPS): for example, to limit outbound smtp traffic inside the tunnel. Question: where should I attach the qdisc to? Eth0? I''m asking this, because tcpdump only see the ESP packet on the eth0 and not the ''clear'' packet. TIA This is my

Hi all, I am wondering if anyone can help me to resolve a problem. I am trying to use tc command in linux to drop udp packets of specific diffserv value. I am able set diffserv value successfully in the udp packet using command:- [root@scotch src]#iptables --table mangle --append OUTPUT \ --out-interface eth0 --protocol udp --source-port 5060 \ --jump DSCP --set-dscp 8 but i am not able to

Hi All, I am using the script below to limit download rates and manage traffic for a certain IP address and testing the results using iperf. The rate that iperf reports is much higher than the rate I have configured for the HTB qdisc. It''s probably just some newbie trap that''s messing things up but I''m buggered if I can see it. The following script is run on the

Hi there, I am just starting out with the TC and iproute2 tools. I have given Bert Hubert''s Linux Advanced Routing And Traffic Control Howto a couple of reads but know I don''t have a full grasp of concepts yet. My immediate need is to make sure ipsec traffic between two linux firewall/routers is given the greatest priority over all other traffic. In more detail I have

I am developing load balancing router, But I have a question about fail over. The follow diagram is my test environment and scripts. ------------------------------------------------------------------- Environment Setting PC1(192.168.10.2) | (LAN) | PC2-eth2(192.168.10.1) +

I have a firewall with 3 interfaces DMZ, INTERNET, LAN. Does anyone have an example script to do QOS on multiple intefaces using htb? Gareth Segree mailto:Gareth.Segree@gleanerjm.com <mailto:Gareth.Segree@gleanerjm.com> Technical Support Analyst The Gleaner Company Ltd. 7 North Street Kingston Tel: 922-3400

Sir, Thanks for the wondershaper utility! It has improved the response time for my ssh connections to my home server whenever i need to access it from the Internet. However, is there a way to setup a bandwidth, say 10kbits/sec (i only have 128kbits/sec DSL), and assign it to a particular traffic type like kazaa and other P2P file-sharing? This way it will guarantee that my home users of

Greetings, me again. I''m starting to feel miff now. If I have a few vpn tunnels with different tun interfaces. And all this tunnel traffic is coming in on my eth0 interface, it also leave via eth0 again. I would like to share the available bandwidth evenly with tunnel clients. Would applying the bandwidth rule on eth0 with htb & sfq work for sharing the bandwidth or will

Hello How can I filter (i.e. priorize) RTP protocol and SIP? Has anybody wrote a filter for that in the meantime (In 2006 there was none answer from the list ...) Thanks Beat

I''m working with LEAF boxes as gateway machines. I''m trying to implement Proxy-ARP to build a bandwidth manager for my network. I''ve gone as per the lartc howto to implement a transparent bridge in an existing network and plan to put in my tc script after this. I''m configuring the box as a standalone one before plugging it into the network. I''m getting