Matthew Daubenspeck said: > I am looking into the possibility of using a server as a packet shaper > with Debian. Is this viable? > > I have researched other commercial packet shapers, and, for the most part, > are way out of the possible budget. Plus, if I can do the same thing with > a server and Debian, I would look like a hero when the > budget came in way under projects amounts :)
I've been usin debian since hamm was released. But the linux kernel doesn't have the greatest history for performance in networking. More recently this may of changed a bit but much of the code is too new and untested for my taste. In a traffic shaping enviornment, or a firewall or an IDS, I much prefer freebsd. Although I absolutely despise the freebsd 'distribution' (that whole ports thing pisses me off), the kernel is real good(hoping for the day when there is a stabilized debian/freebsd) when it comes to networking. And has a long positive history of being able to handle fast networks. I currently only use it in these roles, specifically bridging firewalls/NIDS, and it works great, I just dread their upgrade process. it depends on your needs, my traffic shaping needs are quite basic, I read that linux 2.4 has some advanced features which may be useful for some configurations, this seems to be a good place to start if your wanting to use the linux kernel with traffic shaping: http://lartc.org/ perhaps this: http://lartc.org/howto/lartc.ratelimit.single.html I use this under freebsd: http://www.freebsd.org/cgi/man.cgi?query=dummynet&sektion=4 I run my freebsd systems usually with at least 3 network interfaces, 2 of which are in bridged (IP-less) mode, making them transparent to the network. In more complicated networks I use Znyx(or is it Zynx?) 4-port PCI network cards so I can have 8 or more interfaces. Using bridged mode is another reason why I did not choose linux for this task, in all my years of using linux I've only read/heard about a couple people that have tried/and or use the bridging features of linux. And all of those people were discussing IDSs on another mailing list recently. By contrast I've known many people over the years who use free/openbsd in bridged mode and give it high marks. I just get the feeling it's been tested much more. there looks to be bridging for linux info here: http://bridge.sourceforge.net/ nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]