On Fri, Jan 26, 2001 at 01:46:57PM -0800, Scott C. Best scribbled:
> Mike, Rick:
>
> I think it'd be *huge* to add some traffic shaping to LEAF,
> with the caveat that we provide a setup interface to it as well, in
> the same manner that we provide one for ipchains. That is, we pick
> a shaper/bw-manager package, and we bundle it with a script of
> the same UI-flavor as our firewall script.
I've been considering writing a script that reads a whitespace-delimited
table of ipchains rule info that would be quite human readable and turns
it into [and runs] a bunch of ipchains rules. It would be no sweat,
according to the link I sent [quoted below], to add traffic shaping
functionality to it.
> I was looking once at a CBQ solution, and convinced
> myself that I could get away with only three bandwidth "classes"
> or "priorities" for most target LEAF installations: high-speed,
> low-speed, and "time-critical" mode. High-speed would be what LRP
> is without shaping, and low speed would be used to intentionally
> sit on some LAN machine's peak bandwidth (eg, Junior's PC can only
> get 56k). The "time-critical" class would be to suit people using
> VoIP, Quake, or other streaming apps that want isochronicity.
I think you can actually assign different priorities based on any
of ipchains's options, not just source or destinatino IP. I have
only briefly scanned the article I linked, but it looks like you
just tag shaping options onto any old ipchains command.
Of course, my memory could have corrupted this since I looked at
it last night about this time, in which case I'm pretty much
talking out of my ass for this whole thing.
> Given the ability to provide one of these three modes
> to every machine on the LAN, one a machine-by-machine basis,
> I think is a 90-percent solution. The ET/BWMGR from Etinc allows
> (shiver) "10 levels of priorities...with multiple class groupings".
> Excessive, IMO. And, from the "Grand Fireewall Paradigm" thread,
> we'd let these modes get specified in the same place and manner
> that we specify port-forwarded services.
>
> IMNSHO, of course. :)
>
> -Scott
>
>
> On Fri, 26 Jan 2001 [EMAIL PROTECTED] wrote:
>
> > Would this be anything like
> > www.securityfocus.com/focus/linux/articles/trafshap.html?&_ref=1208318568
> > ??
> >
> > I was just looking at that last night...
> >
> > On Fri, Jan 26, 2001 at 11:51:15AM -0800, Mike Sensney scribbled:
> > > Here is a link to a commercial bandwidth manager software package I found
> > > recently. Priced at $595 and runs on either Linux or FreeBSD. This thing is
> > > feature rich and sexy.
> > > http://www.etinc.com/bwmgr.htm
> > >
> > > I got to thinking that it sure would be nice to add some of this
> > > functionality to LEAF so I did some looking at FreshMeat:
> > >
> > > rshaper is a Linux kernel module that limits the incoming bandwidth for
> > > packets aimed at different hosts ("incoming" meaning traffic that enters
> > > the shaping host; if that host is a gateway between target hosts and the
> > > rest of the Internet, all the traffic of the target hosts will be
> > > shapeable). It's useful for ISPs who offer housing and want to
> > > differentiate their offers and for limiting download bandwidth from
> > > students' boxes or similar setups.
> > > http://freshmeat.net/projects/rshaper
> > >
> > > The WRR scheduler is an extension to the Linux 2.2 kernels. It is able to
> > > distribute the bandwidth to different machines at a site in a fair way. As
> > > a default every machine will get equally much of the bandwidth if they have
> > > sufficient demand, but it is possible to make machines transferring much
> > > data over a long or short period of time get less bandwidth. A
> > > plug-and-play ready set of scripts setting up such behavior based on a
> > > configuration file is included. The scripts sets up a Linux bridge which
> > > must be placed between the router and the rest of the site.
> > > http://freshmeat.net/projects/wrr
> >
> > --
> > rick -- A mind is like a parachute... it only works when it's open.
> >
> > ICQ# 1590117 [EMAIL PROTECTED] (home)
> > Help with LRP: http://lrp.c0wz.com Home page: http://www.c0wz.com
> >
> > _______________________________________________
> > Leaf-devel mailing list
> > [EMAIL PROTECTED]
> > http://lists.sourceforge.net/lists/listinfo/leaf-devel
> >
>
>
>
> _______________________________________________
> Leaf-devel mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/leaf-devel
--
rick -- A mind is like a parachute... it only works when it's open.
ICQ# 1590117 [EMAIL PROTECTED] (home)
Help with LRP: http://lrp.c0wz.com Home page: http://www.c0wz.com
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
