Re: [LARTC] Two ADSL links and one gateway only
On 2/17/07, Eriberto <[EMAIL PROTECTED]> wrote: Hello! I read the Split access and Load balancing sections into LARTC (Chapter 4). However I have one gateway only and the LARTC says about 2 links. I need to know how to make a load balance with my links. Thanks in advance. Eriberto - Brazil Don't you have different modems for each of the ADSL links ? Or do you mean to say that they assign you IPs from the subnet and have the same IP as their gateway ? -- Manish Kathuria Tux Technologies http://www.tuxtechnologies.co.in/ ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Two ADSL links and one gateway only
Hello! I read the Split access and Load balancing sections into LARTC (Chapter 4). However I have one gateway only and the LARTC says about 2 links. I need to know how to make a load balance with my links. Thanks in advance. Eriberto - Brazil ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] traffic accounting again
HI , Please for advice. How I can get traffic from classes and to write it into mysql database. Probably this question is often asked but I cannot find good solution. Main problem that I try to fix is that when I do traffic accounting for network with huge number of IP addresses from Linux most of accounting systems doesn't work very well and made big load of CPU Is there any tool that just read traffic from classes per IP and write it into SQL database ? Regards Foxy202 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] monitoring hosts from my lan
For traffic accounting you can look at pmacct or ipaudit On 16/02/07, Grzegorz Chwesewicz <[EMAIL PROTECTED]> wrote: On Thu, 15 Feb 2007 11:19:22 -0300, gregori andres wrote > Hi, > > there is a way to graph host's traffic from my lan ? > > I've a linux router (2.4.x kernel), and a lan: > > linux router : 192.168.1.254 > host 1: 192.168.1.1 > host 2: 192.168.1.2 > host 3: 192.168.1.3 > > I'm looking for a way to graph traffic ( in / out ) > from each 3 hosts, and store total traffic on a > mysql table, in order to make statistics later. For logging traffic to mysql You can use ulogd from http://www.netfilter.org/projects/ulogd/index.html -- Grzegorz Chwesewicz ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- С уважение, Владимир Витков http://www.netsecad.com http://www.supportbg.com ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] ?OT? Linux 2.6: bridge + routing firewall
What you might be interested in as well is the physdev match witch will let you filter traffic on physical devices T o M | On Fri, Feb 16, 2007 at 03:37:10PM +0200, ??? ?? wrote: I have some experience. It seems that you should explicitely allow bridging in iptables as well as in ebtables. So, in addition to my bridge roules in ebtables I also have this rule in iptables: iptables -A FORWARD -i br0 -o br0 -j ACCEPT Otherwise, it could block bridging by later rules or the policy. ?? ??, 15/02/2007 ?? 13:44 -0200, Edesio Costa e Silva ??: Hi All! I need to deploy a bridge firewall using linux kernel 2.6. I had success using kernel 2.4 plus br-nf patch. But the configuration does not work with kernel 2.6. If the default policy for the iptables FORWARD chain is ACCEPT I have a bridge. If iptables FORWARD chain is DROP I have an insulator (no packet flows). Any hint? I did some google search and in many places they say "kernel 2.6 is not recommended", "no luck with kernel 2.6", etc. Any link to a success story of a bridge firewall with kernel 2.6? Any personal experience? Thanks in advance, Edésio ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- ?? <[EMAIL PROTECTED]> ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] ?OT? Linux 2.6: bridge + routing firewall
I have some experience. It seems that you should explicitely allow bridging in iptables as well as in ebtables. So, in addition to my bridge roules in ebtables I also have this rule in iptables: iptables -A FORWARD -i br0 -o br0 -j ACCEPT Otherwise, it could block bridging by later rules or the policy. В Чтв, 15/02/2007 в 13:44 -0200, Edesio Costa e Silva пишет: > Hi All! > > I need to deploy a bridge firewall using linux kernel 2.6. I had success > using kernel 2.4 plus br-nf patch. But the configuration does not work with > kernel 2.6. > > If the default policy for the iptables FORWARD chain is ACCEPT I have a > bridge. If iptables FORWARD chain is DROP I have an insulator (no packet > flows). Any hint? > > I did some google search and in many places they say "kernel 2.6 is not > recommended", "no luck with kernel 2.6", etc. > > Any link to a success story of a bridge firewall with kernel 2.6? Any > personal experience? > > Thanks in advance, > > Edésio > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > -- Покотиленко Костик <[EMAIL PROTECTED]> ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] problem with two default routes
Hello, I'm trying to set up a gateway for a local network to use two dsl lines. Ok, I read the LARTC howto and set up two routing tables and the correct balancing default gw. It works fine for connections originating locally on the gw machine. Then I added two iptables rules on the nat table: iptables -t nat -A POSTROUTING -s 192.168.4.0/24 -o $TI_IF -j SNAT --to-source $TI_IP iptables -t nat -A POSTROUTING -s 192.168.4.0/24 -o $MC_IF -j SNAT --to-source $MC_IP ok, now all local ip can go to the internet but all connections go to the second route specified in the default, whatever it is. Here's the default (as found on the howto): ip route add default scope global \ nexthop via $MC_GW dev $MC_IF weight 1 \ nexthop via $TI_GW dev $TI_IF weight 1 If I reverse the position of the two nexthop then traffic from localnet switches to the other dsl line. Order of the iptables rules doesn't affect the behaviour. Am I missing something? TIA Francesco ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] monitoring hosts from my lan
On Thu, 15 Feb 2007 11:19:22 -0300, gregori andres wrote > Hi, > > there is a way to graph host's traffic from my lan ? > > I've a linux router (2.4.x kernel), and a lan: > > linux router : 192.168.1.254 > host 1: 192.168.1.1 > host 2: 192.168.1.2 > host 3: 192.168.1.3 > > I'm looking for a way to graph traffic ( in / out ) > from each 3 hosts, and store total traffic on a > mysql table, in order to make statistics later. For logging traffic to mysql You can use ulogd from http://www.netfilter.org/projects/ulogd/index.html -- Grzegorz Chwesewicz ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HTB policing affects shaping performance? Please, help.
On Wed, 14 Feb 2007 23:01:02 +0200, Radu Oprisan wrote > Bc.Slavomir Danas wrote: > > I'm trying to access shared folders (samba) on ip 10.4.10.10 from > my > > laptop with ip 172.16.0.2. > > Everything works as expected when downloading or uploading (correctly > > shaped and policed at 1Mbit). But when I try to download and upload at > > the same time, my speed drops down rapidly on both download and upload > > (approx. 350kbit and 550kbit). I tried to replace tc filter with > > iptables CLASSIFY but with the same result. > > What is the correct approach when configuring separate queues with > > guaranteed rate without affecting each other? >Try using some other protocol to run your > tests. I was using for this purpose a Linux utility but i can't > remember how it was called. You are probably talking about ttcp tool. -- Grzegorz Chwesewicz ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc