Re: Multiple ISP's and traffic shaping
On Fri, 2003-05-23 at 11:44, Bastian Winkler wrote: > hi, > > it should work if you if you use iproute and iptables. > > add ISP0 and ISP1 to /etc/iproute2/rt_tables > > make a default route for each table: > > ip route add default via $ISP0 table ISP0 > ip route add default via $ISP1 table ISP1 > > then let your linux-box know when to use the tables: > ip rule add fwmark 1 table ISP0 > ip rule add fwmark 2 table ISP1 > > now it should route packages marked with '1' through ISP0 and packages > marked with '2' through ISP1. > > you can mark packages with iptables now. e.g. > iptables -t mangle -s $DMZ -j MARK --set-mark 2 > > > note: in some cases i had to use additional SNAT with iptables to send > the packages with the correct sourceip. > iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source > $ISP1-IP > > > perhaps it helps for you. Thanks, I will try this sollution It sound like a winner ;) Maurice Lucas
Re: Multiple ISP's and traffic shaping
hi, it should work if you if you use iproute and iptables. add ISP0 and ISP1 to /etc/iproute2/rt_tables make a default route for each table: ip route add default via $ISP0 table ISP0 ip route add default via $ISP1 table ISP1 then let your linux-box know when to use the tables: ip rule add fwmark 1 table ISP0 ip rule add fwmark 2 table ISP1 now it should route packages marked with '1' through ISP0 and packages marked with '2' through ISP1. you can mark packages with iptables now. e.g. iptables -t mangle -s $DMZ -j MARK --set-mark 2 note: in some cases i had to use additional SNAT with iptables to send the packages with the correct sourceip. iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to-source $ISP1-IP perhaps it helps for you. buz On Don, 2003-05-22 at 15:48, mslucas wrote: > Hi, > > > > What do I have to install to get the following situation working? > > Except iptables as the firewall. > > I tried it with iptables and then NATing and with "ip route" but it isn't > working > > > > Caution a lot of "is allowed" and "is not allowed" detected > > > >Internet Internet >ISP 0 ISP 1 > | | > vv > Private LAN <-> this server <-> Office LAN > ^ > | > DMZ > > > > Traffic from my private LAN must go to ISP0, and is allowed to go to ISP1 > only if ISP0 is down (bandwidth must be limited) > > > > Traffic from my Office LAN must go to ISP1, and is allowed to go to ISP0 if > ISP1 is down or if there is more traffic than ISP1 can accept. > > > > Traffic from my DMZ must go to ISP1, and is allowed to go to ISP0 only if > ISP1 is down.. > > > > Traffic from my private LAN is not allowed to go to my Office LAN but > traffic from Office to private is allowed. > > > > Can somebody give me a hint which program is able to make my situation work. > > > > Thanks in advance, > > > > Maurice Lucas > > TAOS-IT >
RE: Multiple ISP's and traffic shaping
First I think you need one linux server for every LAN - - so you wouldn't need some kind of source routing (I only knew it from cisco IOS). Second you have to let your routing table to realize a link has gone down. For that you have three basic possibilities: - you have a routing protocol which would realize a down interface - you're running a routing protocol with every isp - you have a kind of cron script pinging and making some 'route add/del ...' I think for the second one you wouldn't find a willing ISP. ;) The last one would be in your hands - so I would prefer it. It's not fast, but possible! Christian -Original Message- From: mslucas [mailto:[EMAIL PROTECTED] Sent: Thursday, May 22, 2003 3:48 PM To: debian-isp@lists.debian.org Subject: Multiple ISP's and traffic shaping ... Traffic from my private LAN must go to ISP0, and is allowed to go to ISP1 only if ISP0 is down (bandwidth must be limited) ... Traffic from my Office LAN must go to ISP1, and is allowed to go to ISP0 if ISP1 is down or if there is more traffic than ISP1 can accept. ... Traffic from my DMZ must go to ISP1, and is allowed to go to ISP0 only if ISP1 is down.. ... Traffic from my private LAN is not allowed to go to my Office LAN but traffic from Office to private is allowed.
Multiple ISP's and traffic shaping
Hi, What do I have to install to get the following situation working? Except iptables as the firewall. I tried it with iptables and then NATing and with "ip route" but it isn't working Caution a lot of "is allowed" and "is not allowed" detected Internet Internet ISP 0 ISP 1 | | vv Private LAN <-> this server <-> Office LAN ^ | DMZ Traffic from my private LAN must go to ISP0, and is allowed to go to ISP1 only if ISP0 is down (bandwidth must be limited) Traffic from my Office LAN must go to ISP1, and is allowed to go to ISP0 if ISP1 is down or if there is more traffic than ISP1 can accept. Traffic from my DMZ must go to ISP1, and is allowed to go to ISP0 only if ISP1 is down.. Traffic from my private LAN is not allowed to go to my Office LAN but traffic from Office to private is allowed. Can somebody give me a hint which program is able to make my situation work. Thanks in advance, Maurice Lucas TAOS-IT
Re: any good idea about smtp traffic shaping?
also sprach Patrick Hsieh <[EMAIL PROTECTED]> [2002.03.25.1737 +0100]: > I'd like to make the bandwidth limit of smtp incoming/outgoing traffic. > I think iproute2 is kind of too sophisticated. Is there any > straightforward configuration for this purpose? incoming that's easy. but outgoing ... do you have a single relay that you send to, or does your machine send directly to whichever MX receives mail for the domain a particular message is going to? -- martin; (greetings from the heart of the sun.) \ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck redistribution of this email via the micros~1 network is prohibited. msg05907/pgp0.pgp Description: PGP signature
any good idea about smtp traffic shaping?
Hello list, I'd like to make the bandwidth limit of smtp incoming/outgoing traffic. I think iproute2 is kind of too sophisticated. Is there any straightforward configuration for this purpose? -- Patrick Hsieh <[EMAIL PROTECTED]> GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Traffic shaping and traffic accounting on one box
Hello all, About a year ago I set up a traffic shaping router using debian and cbq.init to allocate measured bandwidth for a group of clients, and used ipac to measure the actual traffic. After a month or two, I found out that the reports generated by ipacsum were grossly inaccurate (up to 6 times as much traffic was reported as existed). As I was unable to find the error, I simply set up a different accounting package (trafstats) on another system, which works fine. I'm now being asked, however, to put trafstats and cbq on one box, and I've reached the tentative hypothesis that the original problem was not due to a bug in ipac, but because traffic *shaping* occurs at the point where packets exit the computer, while traffic *accounting* occurs at the point where packets arrive at the computer -- so trafstats will suffer the same problem. My gut instinct says I'm right, but can anyone here think of an obvious reason why this might be wrong? Cheers, Shad. -- Rens Houben |opinions are mine Resident linux guru and sysadmin | if my employers have one Systemec Internet Services. |they'll tell you themselves PGP public key at http://suzaku.systemec.nl/shadur.key.asc pgpSrPdxN53qi.pgp Description: PGP signature
Traffic shaping and traffic accounting on one box
Hello all, About a year ago I set up a traffic shaping router using debian and cbq.init to allocate measured bandwidth for a group of clients, and used ipac to measure the actual traffic. After a month or two, I found out that the reports generated by ipacsum were grossly inaccurate (up to 6 times as much traffic was reported as existed). As I was unable to find the error, I simply set up a different accounting package (trafstats) on another system, which works fine. I'm now being asked, however, to put trafstats and cbq on one box, and I've reached the tentative hypothesis that the original problem was not due to a bug in ipac, but because traffic *shaping* occurs at the point where packets exit the computer, while traffic *accounting* occurs at the point where packets arrive at the computer -- so trafstats will suffer the same problem. My gut instinct says I'm right, but can anyone here think of an obvious reason why this might be wrong? Cheers, Shad. -- Rens Houben |opinions are mine Resident linux guru and sysadmin | if my employers have one Systemec Internet Services. |they'll tell you themselves PGP public key at http://suzaku.systemec.nl/shadur.key.asc msg04359/pgp0.pgp Description: PGP signature
Fwd: bytelimit match (traffic shaping)
I forward this to debian-isp in case somebody is interested... I made a patch for netfilter (iptables) allowing to do easy traffic shaping. I tried to make a "clean" patch of my bytelimit match. I don't know if I've done the Right Thing (could someone point me to the house rules for netfilter patches?), but a tarball with patch-o-matic files, a kernel patch, and a diff against the userland tools is available at http://metaone.univ-mlv.fr/~skaya/ipt_bytelimit/ (it's also attached to this mail). I would really appreciate some feedback ; we use this bytelimit match here on a router to control the bandwidth of a high traffic web server, and it runs fine ; I'm planning some evolutions (RED packet dropping, IPV6 support ; and if I'm clever enough to grok something with the conntrack code, fair queuing), but I'd prefer to start on solid ground ... thanks by advance. Jerome Petazzoni <[EMAIL PROTECTED]> ipt_bytelimit.tar.gz Description: ipt_bytelimit.tar.gz
Fwd: bytelimit match (traffic shaping)
I forward this to debian-isp in case somebody is interested... I made a patch for netfilter (iptables) allowing to do easy traffic shaping. I tried to make a "clean" patch of my bytelimit match. I don't know if I've done the Right Thing (could someone point me to the house rules for netfilter patches?), but a tarball with patch-o-matic files, a kernel patch, and a diff against the userland tools is available at http://metaone.univ-mlv.fr/~skaya/ipt_bytelimit/ (it's also attached to this mail). I would really appreciate some feedback ; we use this bytelimit match here on a router to control the bandwidth of a high traffic web server, and it runs fine ; I'm planning some evolutions (RED packet dropping, IPV6 support ; and if I'm clever enough to grok something with the conntrack code, fair queuing), but I'd prefer to start on solid ground ... thanks by advance. Jerome Petazzoni <[EMAIL PROTECTED]> ipt_bytelimit.tar.gz Description: ipt_bytelimit.tar.gz
Re: Traffic shaping
Yeswe used only all QoS modules (for flexibility) and then use cbq init scripts (google the thingie) create your shaping policy in /etc/sysconfig/cbq/cbq-{policy-two-digit-number}definition. As in /etc/sysconfig/cbq/cbq-21outgoingbosses ...and you are on the run!... Start with low bw numbers or bursts will confuse you:) Alex B Step One Group On Thu, 2001-11-08 at 14:59, Craigsc wrote: > Hi again fellas > > Has anyone successfully implemented bandwidth shaping using > debian ? If so what packages / kernel was used and how easy > was it ? > > Any insight is welcome. > > ..Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: Traffic shaping
Yeswe used only all QoS modules (for flexibility) and then use cbq init scripts (google the thingie) create your shaping policy in /etc/sysconfig/cbq/cbq-{policy-two-digit-number}definition. As in /etc/sysconfig/cbq/cbq-21outgoingbosses ...and you are on the run!... Start with low bw numbers or bursts will confuse you:) Alex B Step One Group On Thu, 2001-11-08 at 14:59, Craigsc wrote: > Hi again fellas > > Has anyone successfully implemented bandwidth shaping using > debian ? If so what packages / kernel was used and how easy > was it ? > > Any insight is welcome. > > ..Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic shaping
> Hi again fellas > > Has anyone successfully implemented bandwidth shaping using > debian ? If so what packages / kernel was used and how easy > was it ? We are using the shaper module (shaper.o) from the 2.2 kernel with the debian shaper package for quite a while now and we are satisfied. We only perform simple shaping, the outgoing(!) traffic from one or more network adapters is limited. It's staightforward in its use: For an adapter (eth1, 64Kbit): shapecfg attach shaper0 eth1 shapecfg speed shaper0 64000 ifconfig shaper0 myhost netmask 255.255.255.240 broadcast 1.2.3.4.255 up route add -net some.network netmask a.b.c.d dev shaper0 Hope this helps, Bob van der Kamp Kern Automatiseringsdiensten > > Any insight is welcome. > > ..Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] -- composed with SquirrelMail
Traffic shaping
Hi again fellas Has anyone successfully implemented bandwidth shaping using debian ? If so what packages / kernel was used and how easy was it ? Any insight is welcome. ..Craig
Re: TCPD with traffic shaping capabilities?
On Fri, May 25, 2001 at 10:44:24AM +0300, Dmitry Litovchenko wrote: > Hello, Debian world! > > Does anybody know how to limit incomming (and maybe outgoing) traffic > on tcpd-wrapped service. Some kind of tunnels or queues, I think. > > Yes, yes, I know traffic shaper works only on outgoing traffic. Yes, I > have this. But also I have incoming traffic to shape and just don't > know how to do that. While squid does this well with delay_pools, > sendmail (for example) can receive unneeded mails with 300MByte game > all night away. Okay, I have set mail limit to 2MB per mail, but two > nights later situation repeated, when I had full pool of unsent mails > (mass mail) which unsuccessfully tried to deliver all the night. Again > traffic load was totally up and while we are paying for traffic > percentage per month I do not want to have my load graphs 100% up. Look at the Adv-Routing HOWTO, it's about shaping with 2.2.x/2.4.x kernels using iproute2. (iproute2 is packaged, might be named iproute). for shaping incoming stuff, look at the ingress qdisc > > Maybe tcpd has some options (I haven't found any yet) or another tcpd > wrapper? not afaik -- ,---. > Name: Alson van der Meulen < > Personal: [EMAIL PROTECTED] < > School: [EMAIL PROTECTED]< `---' You can do this patch with the system up... -
Re: TCPD with traffic shaping capabilities?
On Fri, May 25, 2001 at 10:44:24AM +0300, Dmitry Litovchenko wrote: > Hello, Debian world! > > Does anybody know how to limit incomming (and maybe outgoing) traffic > on tcpd-wrapped service. Some kind of tunnels or queues, I think. > > Yes, yes, I know traffic shaper works only on outgoing traffic. Yes, I > have this. But also I have incoming traffic to shape and just don't > know how to do that. While squid does this well with delay_pools, > sendmail (for example) can receive unneeded mails with 300MByte game > all night away. Okay, I have set mail limit to 2MB per mail, but two > nights later situation repeated, when I had full pool of unsent mails > (mass mail) which unsuccessfully tried to deliver all the night. Again > traffic load was totally up and while we are paying for traffic > percentage per month I do not want to have my load graphs 100% up. Look at the Adv-Routing HOWTO, it's about shaping with 2.2.x/2.4.x kernels using iproute2. (iproute2 is packaged, might be named iproute). for shaping incoming stuff, look at the ingress qdisc > > Maybe tcpd has some options (I haven't found any yet) or another tcpd > wrapper? not afaik -- ,---. > Name: Alson van der Meulen < > Personal: [EMAIL PROTECTED] < > School: [EMAIL PROTECTED]< `---' You can do this patch with the system up... - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
TCPD with traffic shaping capabilities?
Hello, Debian world! Does anybody know how to limit incomming (and maybe outgoing) traffic on tcpd-wrapped service. Some kind of tunnels or queues, I think. Yes, yes, I know traffic shaper works only on outgoing traffic. Yes, I have this. But also I have incoming traffic to shape and just don't know how to do that. While squid does this well with delay_pools, sendmail (for example) can receive unneeded mails with 300MByte game all night away. Okay, I have set mail limit to 2MB per mail, but two nights later situation repeated, when I had full pool of unsent mails (mass mail) which unsuccessfully tried to deliver all the night. Again traffic load was totally up and while we are paying for traffic percentage per month I do not want to have my load graphs 100% up. Maybe tcpd has some options (I haven't found any yet) or another tcpd wrapper? -- Sincerely, Dmitry
TCPD with traffic shaping capabilities?
Hello, Debian world! Does anybody know how to limit incomming (and maybe outgoing) traffic on tcpd-wrapped service. Some kind of tunnels or queues, I think. Yes, yes, I know traffic shaper works only on outgoing traffic. Yes, I have this. But also I have incoming traffic to shape and just don't know how to do that. While squid does this well with delay_pools, sendmail (for example) can receive unneeded mails with 300MByte game all night away. Okay, I have set mail limit to 2MB per mail, but two nights later situation repeated, when I had full pool of unsent mails (mass mail) which unsuccessfully tried to deliver all the night. Again traffic load was totally up and while we are paying for traffic percentage per month I do not want to have my load graphs 100% up. Maybe tcpd has some options (I haven't found any yet) or another tcpd wrapper? -- Sincerely, Dmitry -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic shaping & proxy problem
Fraser Campbell wrote: > > José Carlos Ramírez Pérez <[EMAIL PROTECTED]> writes: > > > On the other hand, I have a Squid proxy running on the same machine and > > can't control with CBQ the traffic it generates. This is because the > > communication is between user-proxy, and between proxy-internet, so if I > > choose to limit traffic from proxy to user, internal traffic gets > > vry slow (retrieving pages from cache, and so on) and I'm not sure > > this will be any good because the proxy will try to fill its cache at > > maximum speed, thus getting all available bandwidth from the 64K Frame > > Relay. Can you advice me about any way to solve this problem, please? > > I think you can accomplish what you want with Squid's built in delay pools: > http://squid-docs.sourceforge.net/latest/html/x2087.htm > Thank you for your advice. I've just read it and have found that it's not as hard as it looked to me the first time. This is by far the best documentation I've found about delay pools. I've tried it and seems to work pretty well. My first drawback was that it is not able to 'share' the unused bandwidth between the outgoing connections, but as I've seen by my last tests, this feature on iproute2 seems not to work at all (at least for me), even with unbounded classes, so I finally choosed to divide the available bandwidth between an estimated number of concurrent connections, which gives a reasonable limit to bandwidth consumption and users don't get angry at first click. Now I even can see the advantage on Squid delay pools usage, its capability of limiting bandwidth only to those transfers that exceed a 'maximum size' parameter, which boosts up normal web surfing but slows down large and inconvenient transfers. Thanks a lot. (P.D: any ideas about the problem with unbounded classes? I'm using TBF as the queue discipline (that's cbq.init default)) -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla Tel.: +34955 036 800 - Fax: +34955 036 849 (Spain) web: http://www.isotrol.com/
Re: Traffic shaping & proxy problem
Fraser Campbell wrote: > > José Carlos Ramírez Pérez <[EMAIL PROTECTED]> writes: > > > On the other hand, I have a Squid proxy running on the same machine and > > can't control with CBQ the traffic it generates. This is because the > > communication is between user-proxy, and between proxy-internet, so if I > > choose to limit traffic from proxy to user, internal traffic gets > > vry slow (retrieving pages from cache, and so on) and I'm not sure > > this will be any good because the proxy will try to fill its cache at > > maximum speed, thus getting all available bandwidth from the 64K Frame > > Relay. Can you advice me about any way to solve this problem, please? > > I think you can accomplish what you want with Squid's built in delay pools: > http://squid-docs.sourceforge.net/latest/html/x2087.htm > Thank you for your advice. I've just read it and have found that it's not as hard as it looked to me the first time. This is by far the best documentation I've found about delay pools. I've tried it and seems to work pretty well. My first drawback was that it is not able to 'share' the unused bandwidth between the outgoing connections, but as I've seen by my last tests, this feature on iproute2 seems not to work at all (at least for me), even with unbounded classes, so I finally choosed to divide the available bandwidth between an estimated number of concurrent connections, which gives a reasonable limit to bandwidth consumption and users don't get angry at first click. Now I even can see the advantage on Squid delay pools usage, its capability of limiting bandwidth only to those transfers that exceed a 'maximum size' parameter, which boosts up normal web surfing but slows down large and inconvenient transfers. Thanks a lot. (P.D: any ideas about the problem with unbounded classes? I'm using TBF as the queue discipline (that's cbq.init default)) -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla Tel.: +34955 036 800 - Fax: +34955 036 849 (Spain) web: http://www.isotrol.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic shaping & proxy problem
David Anso wrote: > > Hi there > > I have been trying to get this (traffic shaping) working for a while, what > packages are you using to achieve the CBQ? What debian release are you > using and what kernel version are you using? Well, that's fairly easy... You only have to install iproute from Debian 2.2, and recompile your kernel as stated. I used latest 2.2 'debianized' kernel I found (2.2.18pre21). Just get the source package and use make-kpkg (from kernel-package package) to build it. I enabled the following from `make menuconfig`: # # QoS and/or fair queueing # CONFIG_NET_SCHED=y CONFIG_NETLINK=y CONFIG_RTNETLINK=y CONFIG_NET_SCH_CBQ=m CONFIG_NET_SCH_CSZ=m CONFIG_NET_SCH_PRIO=m CONFIG_NET_SCH_RED=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_TEQL=m CONFIG_NET_SCH_TBF=m CONFIG_NET_QOS=y CONFIG_NET_ESTIMATOR=y CONFIG_NET_CLS=y CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_POLICE=y But cbq.init doesn't seem to come with Debian. I found it inside RedHat 6.2 package shapecfg-2.2.12-2.i386.rpm (it is called cbq). You can extract it from there easily if you install rpm and mc (don't forget to extract README.cbq too!) -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla Tel.: +34 955 036 800 - Fax: +34 955 036 849 Spain web: http://www.isotrol.com/
Re: Traffic shaping & proxy problem
David Anso wrote: > > Hi there > > I have been trying to get this (traffic shaping) working for a while, what > packages are you using to achieve the CBQ? What debian release are you > using and what kernel version are you using? Well, that's fairly easy... You only have to install iproute from Debian 2.2, and recompile your kernel as stated. I used latest 2.2 'debianized' kernel I found (2.2.18pre21). Just get the source package and use make-kpkg (from kernel-package package) to build it. I enabled the following from `make menuconfig`: # # QoS and/or fair queueing # CONFIG_NET_SCHED=y CONFIG_NETLINK=y CONFIG_RTNETLINK=y CONFIG_NET_SCH_CBQ=m CONFIG_NET_SCH_CSZ=m CONFIG_NET_SCH_PRIO=m CONFIG_NET_SCH_RED=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_TEQL=m CONFIG_NET_SCH_TBF=m CONFIG_NET_QOS=y CONFIG_NET_ESTIMATOR=y CONFIG_NET_CLS=y CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_POLICE=y But cbq.init doesn't seem to come with Debian. I found it inside RedHat 6.2 package shapecfg-2.2.12-2.i386.rpm (it is called cbq). You can extract it from there easily if you install rpm and mc (don't forget to extract README.cbq too!) -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla Tel.: +34 955 036 800 - Fax: +34 955 036 849 Spain web: http://www.isotrol.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic shaping & proxy problem
Hi there I have been trying to get this (traffic shaping) working for a while, what packages are you using to achieve the CBQ? What debian release are you using and what kernel version are you using? TIA. Regards David Anso - Original Message - From: "José Carlos Ramírez Pérez" <[EMAIL PROTECTED]> To: Sent: Friday, February 09, 2001 12:08 AM Subject: Traffic shaping & proxy problem > Hello all. > > I've setup a traffic shaper (or should I say a bandwidth control policy) > in my Debian router using CBQ, with the unvaluable help of cbq.init from > Pavel Golubev (I've slightly modified it to be able to create > non-bounded classes and to specify prioritized filter rules). I've > created several classes to divide the overall available bandwidth (only > 64K) between logical sub-classes in the office (7 Kbps each). > > Well, it seems to be working well. Theoretically, the non-used bandwidth > in the other classes is being "spread" between the classes for which > there is traffic. But, I've no clue of what time should it take to > realize there is unused bandwidth and will borrow it for necessitated > classes. This time will be longer if there were more classes? I've been > requested to set up a class for each machine, but something tells me > this will not be any good at all. > > On the other hand, I have a Squid proxy running on the same machine and > can't control with CBQ the traffic it generates. This is because the > communication is between user-proxy, and between proxy-internet, so if I > choose to limit traffic from proxy to user, internal traffic gets > vry slow (retrieving pages from cache, and so on) and I'm not sure > this will be any good because the proxy will try to fill its cache at > maximum speed, thus getting all available bandwidth from the 64K Frame > Relay. Can you advice me about any way to solve this problem, please? > > Thanks in advance. > -- > José Carlos Ramírez Pérez > Área de Internet y Telecomunicaciones > > mailto:[EMAIL PROTECTED] > ___ > ISOTROL S.A. > Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla > (Spain) > Tel.: +34 955 036 800 - Fax: +34 955 036 849 > web: http://www.isotrol.com/ > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
Re: Traffic shaping & proxy problem
José Carlos Ramírez Pérez <[EMAIL PROTECTED]> writes: > On the other hand, I have a Squid proxy running on the same machine and > can't control with CBQ the traffic it generates. This is because the > communication is between user-proxy, and between proxy-internet, so if I > choose to limit traffic from proxy to user, internal traffic gets > vry slow (retrieving pages from cache, and so on) and I'm not sure > this will be any good because the proxy will try to fill its cache at > maximum speed, thus getting all available bandwidth from the 64K Frame > Relay. Can you advice me about any way to solve this problem, please? I think you can accomplish what you want with Squid's built in delay pools: http://squid-docs.sourceforge.net/latest/html/x2087.htm -- fraser campbell <[EMAIL PROTECTED]> starnix inc. tollfree: (905) 771-0017thornhill, ontario, canada http://www.starnix.com/ professional linux services & products
Re: Traffic shaping & proxy problem
Hi there I have been trying to get this (traffic shaping) working for a while, what packages are you using to achieve the CBQ? What debian release are you using and what kernel version are you using? TIA. Regards David Anso - Original Message - From: "José Carlos Ramírez Pérez" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, February 09, 2001 12:08 AM Subject: Traffic shaping & proxy problem > Hello all. > > I've setup a traffic shaper (or should I say a bandwidth control policy) > in my Debian router using CBQ, with the unvaluable help of cbq.init from > Pavel Golubev (I've slightly modified it to be able to create > non-bounded classes and to specify prioritized filter rules). I've > created several classes to divide the overall available bandwidth (only > 64K) between logical sub-classes in the office (7 Kbps each). > > Well, it seems to be working well. Theoretically, the non-used bandwidth > in the other classes is being "spread" between the classes for which > there is traffic. But, I've no clue of what time should it take to > realize there is unused bandwidth and will borrow it for necessitated > classes. This time will be longer if there were more classes? I've been > requested to set up a class for each machine, but something tells me > this will not be any good at all. > > On the other hand, I have a Squid proxy running on the same machine and > can't control with CBQ the traffic it generates. This is because the > communication is between user-proxy, and between proxy-internet, so if I > choose to limit traffic from proxy to user, internal traffic gets > vry slow (retrieving pages from cache, and so on) and I'm not sure > this will be any good because the proxy will try to fill its cache at > maximum speed, thus getting all available bandwidth from the 64K Frame > Relay. Can you advice me about any way to solve this problem, please? > > Thanks in advance. > -- > José Carlos Ramírez Pérez > Área de Internet y Telecomunicaciones > > mailto:[EMAIL PROTECTED] > ___ > ISOTROL S.A. > Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla > (Spain) > Tel.: +34 955 036 800 - Fax: +34 955 036 849 > web: http://www.isotrol.com/ > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Traffic shaping & proxy problem
José Carlos Ramírez Pérez <[EMAIL PROTECTED]> writes: > On the other hand, I have a Squid proxy running on the same machine and > can't control with CBQ the traffic it generates. This is because the > communication is between user-proxy, and between proxy-internet, so if I > choose to limit traffic from proxy to user, internal traffic gets > vry slow (retrieving pages from cache, and so on) and I'm not sure > this will be any good because the proxy will try to fill its cache at > maximum speed, thus getting all available bandwidth from the 64K Frame > Relay. Can you advice me about any way to solve this problem, please? I think you can accomplish what you want with Squid's built in delay pools: http://squid-docs.sourceforge.net/latest/html/x2087.htm -- fraser campbell <[EMAIL PROTECTED]> starnix inc. tollfree: (905) 771-0017thornhill, ontario, canada http://www.starnix.com/ professional linux services & products -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Traffic shaping & proxy problem
Hello all. I've setup a traffic shaper (or should I say a bandwidth control policy) in my Debian router using CBQ, with the unvaluable help of cbq.init from Pavel Golubev (I've slightly modified it to be able to create non-bounded classes and to specify prioritized filter rules). I've created several classes to divide the overall available bandwidth (only 64K) between logical sub-classes in the office (7 Kbps each). Well, it seems to be working well. Theoretically, the non-used bandwidth in the other classes is being "spread" between the classes for which there is traffic. But, I've no clue of what time should it take to realize there is unused bandwidth and will borrow it for necessitated classes. This time will be longer if there were more classes? I've been requested to set up a class for each machine, but something tells me this will not be any good at all. On the other hand, I have a Squid proxy running on the same machine and can't control with CBQ the traffic it generates. This is because the communication is between user-proxy, and between proxy-internet, so if I choose to limit traffic from proxy to user, internal traffic gets vry slow (retrieving pages from cache, and so on) and I'm not sure this will be any good because the proxy will try to fill its cache at maximum speed, thus getting all available bandwidth from the 64K Frame Relay. Can you advice me about any way to solve this problem, please? Thanks in advance. -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla (Spain) Tel.: +34 955 036 800 - Fax: +34 955 036 849 web: http://www.isotrol.com/
Traffic shaping & proxy problem
Hello all. I've setup a traffic shaper (or should I say a bandwidth control policy) in my Debian router using CBQ, with the unvaluable help of cbq.init from Pavel Golubev (I've slightly modified it to be able to create non-bounded classes and to specify prioritized filter rules). I've created several classes to divide the overall available bandwidth (only 64K) between logical sub-classes in the office (7 Kbps each). Well, it seems to be working well. Theoretically, the non-used bandwidth in the other classes is being "spread" between the classes for which there is traffic. But, I've no clue of what time should it take to realize there is unused bandwidth and will borrow it for necessitated classes. This time will be longer if there were more classes? I've been requested to set up a class for each machine, but something tells me this will not be any good at all. On the other hand, I have a Squid proxy running on the same machine and can't control with CBQ the traffic it generates. This is because the communication is between user-proxy, and between proxy-internet, so if I choose to limit traffic from proxy to user, internal traffic gets vry slow (retrieving pages from cache, and so on) and I'm not sure this will be any good because the proxy will try to fill its cache at maximum speed, thus getting all available bandwidth from the 64K Frame Relay. Can you advice me about any way to solve this problem, please? Thanks in advance. -- José Carlos Ramírez Pérez Área de Internet y Telecomunicaciones mailto:[EMAIL PROTECTED] ___ ISOTROL S.A. Avda. de la innovación nº 1, 3ª plta, 41020 Sevilla (Spain) Tel.: +34 955 036 800 - Fax: +34 955 036 849 web: http://www.isotrol.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: traffic shaping
On Tue, 5 Sep 2000, Kevin wrote: > > Is anyone using the kernel shaping support or something similar like > rshaper for traffic shaping? What works best? I need to be able to > limit bw on an ip basis and I need to be able to range from like a > full t1 to 256k. > If you're using 2.2.x kernels, you can use the QoS support, and get the cbq-init script from freshmeat - that's the easiest and simpliest solution. Or, you can just read about CBQ and friends and create some great things.. If you have the time :)
Re: traffic shaping
Last i heard, it wasnt very stable, and was flakey... The only 'software' solution that i've seen referred to in a good tone, would be freebsd's implementation. I dont recall the name, but a quick search on deja should yield positive results. Keep in mind, i havent researched this topic for a full year, which means that linux may have changed SIGNIFICANTLY in this area without my knowledge. The research i did was on the 2.0.XX codebase, and _ALOT_ has changed since then, especially the ip functions, including ipfwadm to ipchains. On Tue, 5 Sep 2000, Kevin wrote: | | Is anyone using the kernel shaping support or something similar like | rshaper for traffic shaping? What works best? I need to be able to | limit bw on an ip basis and I need to be able to range from like a | full t1 to 256k. | | -- | Kevin - [EMAIL PROTECTED] | | | | -- | To UNSUBSCRIBE, email to [EMAIL PROTECTED] | with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] | | -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:00am up 117 days, 16:03, 4 users, load average: 0.01, 0.11, 0.15
traffic shaping
Is anyone using the kernel shaping support or something similar like rshaper for traffic shaping? What works best? I need to be able to limit bw on an ip basis and I need to be able to range from like a full t1 to 256k. -- Kevin - [EMAIL PROTECTED]
Re: traffic shaping
On Tue, 5 Sep 2000, Kevin wrote: > > Is anyone using the kernel shaping support or something similar like > rshaper for traffic shaping? What works best? I need to be able to > limit bw on an ip basis and I need to be able to range from like a > full t1 to 256k. > If you're using 2.2.x kernels, you can use the QoS support, and get the cbq-init script from freshmeat - that's the easiest and simpliest solution. Or, you can just read about CBQ and friends and create some great things.. If you have the time :) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: traffic shaping
Last i heard, it wasnt very stable, and was flakey... The only 'software' solution that i've seen referred to in a good tone, would be freebsd's implementation. I dont recall the name, but a quick search on deja should yield positive results. Keep in mind, i havent researched this topic for a full year, which means that linux may have changed SIGNIFICANTLY in this area without my knowledge. The research i did was on the 2.0.XX codebase, and _ALOT_ has changed since then, especially the ip functions, including ipfwadm to ipchains. On Tue, 5 Sep 2000, Kevin wrote: | | Is anyone using the kernel shaping support or something similar like | rshaper for traffic shaping? What works best? I need to be able to | limit bw on an ip basis and I need to be able to range from like a | full t1 to 256k. | | -- | Kevin - [EMAIL PROTECTED] | | | | -- | To UNSUBSCRIBE, email to [EMAIL PROTECTED] | with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] | | -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 10:00am up 117 days, 16:03, 4 users, load average: 0.01, 0.11, 0.15 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
traffic shaping
Is anyone using the kernel shaping support or something similar like rshaper for traffic shaping? What works best? I need to be able to limit bw on an ip basis and I need to be able to range from like a full t1 to 256k. -- Kevin - [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]