Hello,
Hello!
I do understand that limits on u32 filters 2000 have never been
encountered. Run this script which is base on htb and lemme know. You
will need 2.4.20 and tc compiled for htb.
It gives me a lot of RTNETLINK answers: File exists.
This doesn't seems to be a limit.
Can you
im in the process of configurating our network to have two upstream providers, it will
be loadbalanced
under normal operation and a complete failover if one of the lines would fail.
internetinternet
| |
border border
|
Hello,
If this isn't a limit of U32 filters then whats wrong with the way i
have set things up???. The issue has to be somewhere right.
Also, i do appreciate you not wanting to give me your config. But at
least give me a couple of lines of your U32 filter usage such that i can
make 5000
HELP!!
Trevor
On Wed, 2003-06-25 at 12:55, Catalin BOIE wrote:
Hello,
Hello!
I do understand that limits on u32 filters 2000 have never been
encountered. Run this script which is base on htb and lemme know. You
will need 2.4.20 and tc compiled for htb.
It gives me a lot
Thx a lot for help , I finally managed to rebuild my firewall script,
for people who have same problem as I had, I can say that
the problem lies in propper packet marking (iptables) , sample lines from my
firewall script :
iptables -t mangle -I PREROUTING -i eth0 -p tcp --dport 21 -j
MARK
Hello All,
I have 1.5Mbits Backbone connection with 16 public ip address.
I like to provide share my connection with someother my friends how will
have public ip addess.
So i wanted to configre linux router with bandwidth controll for my friends
connection.
Actully i tried with single
If you put your friends in NAT (Private IP), no problem ..
They have webserver, all you have to do is forward packets going to port 80
to private ip:80
Further more read iptables-howto
Regards,
Rio Martin.
Original Message:
-
From: Joe [EMAIL PROTECTED]
Date: Wed, 25 Jun 2003
Hey Joe,
One possible configuration is to configure your linux box as an ethernet bridge
between your client machines and the public router
|==|
| PC 1 |
|==|\
\
|==| \ |===| ||
| PC 2 |---O--| LINUX |-| ROUTER |
|==| /
Hello Martin,
Currently i am using this configuration.
In future they may run mail server then i have to go for new configuration
where i have to give them the public ip address.
Thanks
Sathyan
If you put your friends in NAT (Private IP), no problem ..
They have webserver, all you have to do
Hello Leigh,
Thanks, I will look into this configuration and i will get back to you
tomorrow.
Regards,
Joe
Hey Joe,
One possible configuration is to configure your linux box as an ethernet
bridge
between your client machines and the public router
|==|
| PC 1 |
|==|\
\
Hi Joe,
I see no real reason giving the servers real IP addresses, you're better
keeping the NAT and forward the ports to the private address.
If you have more than one mail server, you can map diffrent public IP
address
to a diffrent private address. this will also keep your servers safe...
Hi Joe,
I see no real reason giving the servers real IP addresses, you're better
keeping the NAT and forward the ports to the private address.
If you have more than one mail server, you can map diffrent public IP
address
to a diffrent private address. this will also keep your servers
Hello everyone!
I would like to do a linux router to limit the connection for some
servers to 1 mbs per server.
[SERVERS] --- [Linux 1MBS per server router] --- Internet
I did some searches about routing and bandwidth on the net and the
solution seems to be 'tc'. Well, 'tc' is not
On Wed, 2003-06-25 at 04:35, Tomas Bonnedahl wrote:
the problem im having is that i will not do nat on the core router, but on the
border routers.
I was faced with the same problem and ended up doing two rounds of
NAT/PAT. The next step to that is to stop doing any NAT on the routers
and let
Perhaps I missed the original point of the first message, but why exactly
don't you just use BGP, as it was basically designed for this purpose?
There are at least two good implementations of BGP for Linux, one of which
is easy to use, the other obfuscated. (Zebra and GateD) Of course, that
I am successfully running ingress (IMQ) and egress (HTB) shaping on a
bridge.
Is there any way to combine and share the bandwidth between ingress and
egress?
Example:
I have set up www service for egress at 128 KB and ingress at 256 KB. The
shaping on them works fine separately. However, I want
Hello,
If you just wanna reduce the b/w pipe per server wrr could be a
simplistic implementation that would work.
For real functionality see htb which works like a charm. For something
more complex see cbq.
Trevor
On Wed, 2003-06-25 at 21:47, Jean-Francois Levesque wrote:
Hello everyone!
Hi!
I have done that script to test my router :
#include fields.tc
#include ports.tc
#define INTERFACE eth0
#define LIMITEDRATE 1kBps
Hello Jean,
For all that i know your tcng config would be perfectly fine. I will
mail you my 4000 node config. Please try the same out and lemme know it
if works for you.
Trevor
On Thu, 2003-06-26 at 00:23, Jean-Francois Levesque wrote:
Hi!
I have done that script to test my router :
Trevor Warren wrote:
Hello Jean,
For all that i know your tcng config would be perfectly fine. I will
mail you my 4000 node config. Please try the same out and lemme know it
if works for you.
Trevor
It's not working :-( Maybe because of my iptables rules :
[EMAIL PROTECTED] root]# iptables
Hi,
This is the script I'm using to create tc configuration to shape
currently about 8000 ips separately so that each ip has guaranteed
bandwith and cannot exceed it. The script can be used to
shape up to class B. The configuration is using double hashing
for filtering rules. I haven't used it
I have two Linux (RH v9) routers connected to the Internet (separate DSL
connections), each with two EtherNet cards.
Router #1 has static IP address a.a.a.1 for the internal LAN,
and static IP address x.x.x.x for the Internet
connection; here's what the route command shows:
Kernel IP routing
On Wed, 2003-06-25 at 13:44, Aaron Dewell wrote:
Of course, that
requires having globally routable address space in the first place, but I
assume that you do.
Most of the time this is the exact reason why BGP is not used. I have
considered purchasing a block. However I doubt many ISP's would
On Wed, 2003-06-25 at 19:02, Aaron Dewell wrote:
DSL can be an option, if you have at least a /24, which if you have 3 routers,
you probably do. Some ISPs will think about it over DSL (business class).
Covad no
BellSouth no
PacBell no
assume mom and pops
Sonic no
ATG no
So for most no. Not
The way I understand it is summed up in a quote from LEAF Bering user's
guide
---
In many cases like those of ISPs, the bandwidth allocation is for incoming and
outgoing combined. Under such situations, in stock linux, a virtual device
called IMQ has been created through which all traffic
Hi all,
About servers in private network, could you all mention good points why
servers should be put in private network. I must write down some reports
about these, because during this week, i have new jobs maintaining new
organisation that still put their servers in public ip range. I ve just
[LARTC] Combining ingress and egress ( IMQ+HTB)I checked the guide and you
are right about it. However, I cannot get it to work,
if I remove egress qdisc the traffic stops following any rules.
Has anyone done this successfully before? Any pointers are welcome.
Thanks
Rajesh
Your script produces the same errors, after running for a while.
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: File exists
RTNETLINK answers: File exists
Hmmm...
- Giannis
___
LARTC mailing list / [EMAIL PROTECTED]
[debian sarge]
Hi
I am planning to use kernel 2.4.21-ac3 with the IMQ patch, since the
vanilla 2.4.21 kernel does not compile with gcc 3.3 (the default
compiler on debian sarge).
Are there any known issues/gotchas with ac3 patch?
Thanks in Advance
Regards
--
K S Sreeram
Director of Research
29 matches
Mail list logo