Hi all
I have seen the below question asked a few times, but not seen any
answers. Is this because
1) it is not possible
2) It is really simple and I shouldn't even be asking the question :)
Can somebody please enlighten me.
Thanks
Chris
On Thu, 2007-03-08 at 18:48 +0200, Chris P
Hi
I have read various info, and mailing list archives, but have not found
an answer to the following.
I have a few servers with configurations similar to the following:
They each have multiple uplinks to the Internet, and a sample config is
as follows:
eth1 is 192.168.0.1, connected to 19
w if you any more details.
Thanks in advance,
Chris Kloosterman
binPIfENm886s.bin
Description: PGP Public Key
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
jump for joy when the 64kbit link goes down... (keeping in mind that policing is
no guarantee that you'll actually stay below 64kbit usage, especially if a lot
of the traffic is UDP).
- Original Message -
From:
Kenneth Kalmer
To: Chris Bennett ; Taylor
Grant
Cc: lartc
You can't split a particular IP connection
between two links, but can instead only determine which link a
particular connection will occur on. Given this, it sounds like you
want to have some way to detect that Link A is already saturated and then send
all further connections to Link B unti
e the
overhead incurred by bridged mode over ATM (RFC 2684/1483).
I would say "now I can sleep peacefully", but I just woke up a couple of
hours ago... so I'll go for a run instead ;)
- Original Message -
From: "Andy Furniss" <[EMAIL PROTECTED]>
To: &q
Thanks! Very prescient of you, since my latest test results prove exactly
what you said about needing a higher overhead value! :)
- Original Message -
From: "Andy Furniss" <[EMAIL PROTECTED]>
To: "Chris Bennett" <[EMAIL PROTECTED]>
Cc:
Sent: Tuesday,
I was able to do some further testing today with a full crew of players on
my game servers. I cleaned up my script a bit to make it easier to modify
the MPU and OVERHEAD, and also added both settings to the root class for
completeness sake (not sure that matters at all). I'll include the final
I'm running some tests as you suggested. I'll have to wait til there are
more players on my servers again before I can get some more accurate
results, but preliminary tests show that 1) the overhead setting is quite
significant and 2) my overhead value of 24 is a bit too low.
With overhead set
uter did, and I miss that feature a lot, but not enough to buy new ADSL
modems myself.
Chris
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
In the case where you have a router (that is not generating signficant
traffic itself) with one internet facing interface and one LAN facing
interface, you really don't need IMQ.
It becomes very useful in alternate cases where, for example, you have
multiple interfaces facing the internet (eg,
When you say you are so close but can't get your head around the final
part... what do you mean? Exactly what is working and what is not? How far
have you gotten?
- Original Message -
From: "brooke" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, December 29, 2004 4:56 PM
Subject: [LARTC] 2
rashes. I'm going to look into trying a different
kernel in the next day or so to see if that resolves the issue.
Chris
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.298 / Virus Database: 265.6.4 - Release Date: 12/22/2004
___
luck. Try it out.. write a paper, become famous.
----- Original Message -
From: "Gomi" <[EMAIL PROTECTED]>
To: "Chris Bennett" <[EMAIL PROTECTED]>;
<"lartc@mailman.ds9a.nl"@alpha.symbio.com>
Sent: Tuesday, December 21, 2004 8:04 AM
Subject: Re: [LART
I'm not sure what you mean by AI. I suppose you could mean that you're
going to feed various QoS parameters into a neural net and "teach" the
neural net to vary the parameters according to conditions... but somehow I
think it unlikely that this is what you mean.
What is the specific situation
multi-homing approach is working great for me.
Chris
- Original Message -
From:
Antonio Luiz
To: [EMAIL PROTECTED]
Sent: Thursday, November 25, 2004 2:08
PM
Subject: [LARTC] Route based on port /
protocol
I have a Linux Box
with 3 NIC's connected
I don't personally know a way to do that (maybe someone else does), but I
can say that I've tweaked my shaping script with over 50 users playing
online games on my servers, and the script runs so quickly that even though
it drops and rebuilds the qdiscs, no one even notices the blip.
- Orig
s about as elegant as possible
with a script. Very nice. That goes right into my routing script.
Chris
- Original Message -
From: "Martin A. Brown" <[EMAIL PROTECTED]>
To: "Chris Bennett" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday
I've had the same problem. I sorta wish there was an "ip rule flush"
command that would leave only the default rules.
Anyway, what I do to prevent my rules from getting out of hand is every time
I add a rule, I first delete the very same rule. This prevents the
duplicates, at least.
So every
Hi Frank,
I forgot to copy the list earlier so this will be a dup for you (sorry)...
Anyway, in your message you say "contradicting to Chris..." in reference to
me saying that only the IP and MAC of the NAT router would be visible to the
ISP.
I'd like to fill in my knowledge gap
Cloning a MAC address really has nothing to do with particular act of hiding
multiple computers behind a firewall.
Sometimes an ISP will register the MAC address of a particular device to
make sure you don't use any other device. Cloning the MAC address is a way
of getting around this so you c
thing deferred when I send through
procmail for spamassassin...
Chris
- Original Message -
From: "Jake" <[EMAIL PROTECTED]>
To: "'Chris Bennett'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 15, 2004 11:56 PM
Subject: R
given what worked for me, I'd suggest changing from this:
ip rule add from 1.1.1.8/30 lookup 1
ip rule add from 2.2.2.8/30 lookup 2
to this:
ip rule add from 172.16.0.0/24 lookup 1
ip rule add from 192.168.0.0/24 lookup 2
Maybe the LARTC FAQ on this subject needs to be updated a little bit.
What I do is have the linux box claim all of the public IPs as its own, and
then use IPTABLES to DNAT/SNAT to/from private IPs as needed. You can
dedicate a public IP to a specific private IP, so the computer on your
network with that private IP appears to all of the world as if it actually
ha
So are there any problems with this setup? Is there any need for separate
routing tables if both ADSL connections are on the same ethernet port? My
router is a mini-itx so I'm not sure I can easily fit another ethernet port
in it, but I could l
e still affected.
- or you can tag oubound ACK packets and filter them into the faster class.
chris
>>Theory is.. You can only shape outbound traffic.
> Inbound is via tcp windowshaping etc..
>
> In theory yes, but it is shaping inbound transfers to my server.
>
>>> i
e wrong address once, not
sure if the moderator will approve it.]
On Tue, Jul 06, 2004 at 08:22:42AM +0100, Chris Bolton wrote:
> Ok I'm not the best at ASCII diagrams but here goes anyway... (well
> I'll modify the one in the advanced routing howto)
Does this look right? Fo
>>eth1 & eth2 are both connected to the EN5861 router. I've done that
>>because I couldn't work out any other way to use the static IP address
>>that out ISP have given us.
>>
>
>Aha, this is a config question. You can just add as many ip addresses to
each physical card as you like. I forget
>> No I am using the EN5861, just that we have two ADSL lines and only
>> one
>> EN5861 and rather than buying another I'd like to use linux to do the
>> same job as the en5861, if you know what I mean.
>
>You can, but since you have two ADSL lines, you'll need two ADSL devices of
some kind, wh
the EN5861?
I hope I'd made myself clear, it's hard trying to explain something when
your not to sure exactly what your talking about. Anyway any help with be
gladly received.
Cheers,
Chris.
___
LARTC mailing list / [EMAIL PROTECTED]
htt
Hi all,
Our ISP has given us 5 static IP address plus one router IP address and I
was wondering if I could get rid of their stupid EN5861 router and set up
the linux machine to handle all the static addresses and routing. I figured
I'd have to set up alises for other IP addresses eg ifconfig eth0
On Sunday 23 May 2004 22:08, Dmitry Golubev wrote:
> Hello,
>
> > Is it possible to attach filter rules to HTB classes?
> > All my filters belong to some qdisc, so I don't know.
>
> Quote from LATRC: Also, with HTB, you should attach all filters to the
> root!
Sorry, my bad, I'm still coming to te
E-mail: [EMAIL PROTECTED]
Website: http://www.netservers.co.uk.
Thank you for your time.
Cheers, Chris.
--
_ __ __ _
/ __/ / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer |
/ (_ ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk |
\__/_/_/_//_/___/ | 21 Signet Court
> You can't use u32 to filter egress on src if you are NATing - you need
> to mark in POSTROUTING mangle and filter on fw.
>
> Have a look at the kptd on www.docum.org .
Whoops, I was aware of this. I must've sent an old version of the script to
the list, cause I had fixed that, and that's not th
traffic shaper at LARTC, to
try and shape for me and my 3 housemates.
The idea being to give each user approx 1 quarter of the bandwidth, and then
subdivide that into 3 priorities.
None of the traffic seems to get clasiffied though.
Can anyone help me out?
--
Chris Jensen
[EMAIL PROTECTED]
P
autorerouting to work?
Chris
---
Chris Litchfield
Ph. (757)-424-1004
Fax. (757)-424-1602
Senior Scientific Programmer
EDO Corporation
"The views, opinions, and judgments expressed in this
message are solely those o
the IP
>assigned via DHCP begins with one of the following
>10.0
>169.254
>172.16
>192.168
>which are NATted, example, internal IPs.
>Sorry, but I don't have time this morning to say more.
Don't be sorry you responded and that was enough.
Anyway I'm going to do a
thing I have to
change in order to make use of these addreses?
I'm at a total loss with this and I hope I've made myself clear.
Regards,
Chris.
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
example
scripts (preferably commently highly :P hehe)
This was the address of the other script that I found:
http://www.surestorm.com/qos/
I am not "set" on using wondershaper..
Thanks for all your help
Chris
___
LARTC mailing list
I clear the rules I have made with the script??
If I
want it to return to the default for example??
Thanks
Chris
?
Thanks,
Chris
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi,
Found the problem, usb timeout errors in /var/log.messages relating to
speedtouch modems, had the problem before so its nothing new.
Thanks again,
Chris
- Original Message -
From: "Chris Bolton" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, Ja
217.32.68.73 dev ppp1
It works fine again. Whats up with that?
Cheers,
Chris
- Original Message -
From: "andybr" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 15, 2004 1:11 AM
Subject: Re:[LARTC] simple(?!?
the way ppp0 is configured, if
I set it up so 10.0.0.11 uses ppp1 instead of ppp0 (ip rule add
default via xxx.xxx.xxx.xxx dev ppp1 table chris) it works fine but
obviously thers no point in that.
Hope all this makes sence to someone, it baerly
does ti me. May thanks in advance.
Chris
routing to forward the packets on to the
appropriate address(es) on the internal side? And since the PPPoE
headers have been removed, I could then use standard iptables to do the
filtering?
Chris
--
Chris Friesen| MailStop: 043/33/F10
Nortel Networks |
ation is not described in the comments in sch_api.c where enqueue,
dequeue, requeue, reset, init, destroy & change are described (dump isn't
described either).
Chris.
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/
except for the classfull qdiscs which are just propagating the call to the
child qdiscs.
Chris.
- Original Message -
From: "Martin A. Brown" <[EMAIL PROTECTED]>
To: "Chris Paulson-Ellis" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, Augu
I was asked to write some traffic shaping scripts for a 100mbit ethernet
connection on an intel P4 machine running redhat 8.0 (I upgraded 'tc' first
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75486 blah, blah...). The
scripts I normally use and have verified as working against the vani
Q1: What is the best way to prevent arp flux when running HTB 3.6 on 2.4.20
with static route patch?
I've got one nat'ed LAN and four ADSL interfaces and all five interfaces
have a HTB qdisc
Q2: When a cllient on LAN downloading/uplloading something from/to internet
I can see that cllient consum
that does sound reasonable on what is happening.
thx for the help.
NAT =Switch-switch -arpwatch
= two cables
- one cable
also gif version @
http://www.highlandshighspeed.net/images/network.gif
- Original Message -
From: "Martin A. Brown" <[EMAIL PROTECTED]&
ok i have a program called arpwatch on the network, monitors arp/ipmatching,
it sees that the public side of the Snat box has its mac address switch
between the public and private interface.
here i tried to provide most the information that i can think of.
iptables v1.2.7a:
L
http://www.mail-archive.com/[EMAIL PROTECTED]/msg03827.html
you can't add ingress and egress packets into
the same IMQ device from the same physical device.
iptables -t mangle -A POSTROUTING -o eth0 -j IMQ
iptables -t mangle -A PRETROUTING -i eth0 -j IMQ
Is this problem solved?
**
> > For a packet that is not for local host,
> > but comes in on one interface and goes
> > out on another;
(1)
> > Will that packet traverse PREROTING, FORWARD and POSTROUTING
> > on _both_ underface, or
(2)
> > will that packet traverse PREROTING, FORWARD and POSTROUTING
> > only once, where PRE
Hi,
Tell me if I understand this right.
For a packet that is not for local host,
but comes in on one interface and goes
out on another;
Will that packet traverse PREROTING, FORWARD and POSTROUTING
on _both_ underface, or
will that packet traverse PREROTING, FORWARD and POSTROUTING
only once, w
Where and how exactly do I tell that a HTB
class should use which phy. dev.?
>>> You can do this with iptables + fw filter. Mark the packets coming from
>>> each interface with a different mark and put the packets with the fw
filter
>>> in it's own class.
>>
>> But why do I need IMQ for
> > Hi
> >
> > In the introduction of IMQ ( http://luxik.cdi.cz/~patrick/imq/ )
> > it sais:
> >
> > Quote start.
> > "This allows you to treat network devices
> > as classes and distribute bandwidth among
> > them as well as doing real ingress traffic
> > control using egress qdiscs"
> > quote sto
- If this documentation isn't available, would anyone be interested in me
writing some, and would anyone mind if I send the requisite questions to
this list?
Cheers, Chris.
--
___ __ _
/ __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer |
/ (_ / ,\/ _/ /_ \ | Net
Hi Martin,
> : Q1b: Is it possible to set an id as a fuction of the
> : src IP's? Could I mark with id 256*zzz+www when
> : src IP is xxx.yyy.zzz.www ?
> : This because I would like to help iptables not using
> : too much ticks, and it will reduse my code.
>
> I wonder if you might make good
Hi
In the introduction of IMQ ( http://luxik.cdi.cz/~patrick/imq/ )
it sais:
Quote start.
"This allows you to treat network devices
as classes and distribute bandwidth among
them as well as doing real ingress traffic
control using egress qdiscs"
quote stop.
Where and how exactly do I tell tha
Hi,
Q1: How does IMQ know what phy devices it is a "mother" for?
I read the manual, faq and source, but fail to see how.
The closest I get is when reading source where it sais
that IMQ makes it possible to use classes to refer to
phy. dev. but I'm not able to see this relation in examples
where
Hi,
IPTABLES --- HTB
I am running HTB+static-route on multiple adsl
lines
and like to mark
packets in iptables on LAN dev,
so that I can shape traffic so that every machine
in
my LAN will get it's fair share.
Q1: How many different id's is possible for
mark?
I would like to have about
don't have two ends and there is only one
of it.
Chris.
- Original Message -
From: "Martin A. Brown" <[EMAIL PROTECTED]>
To: "Chris Paulson-Ellis" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, February 15, 2003 8:07 PM
Subject:
nterface, but I'm not sure how to route the returning traffic as it comes
out of the loopback (presumably I'd have to do it by both source and
destination address).
Chris.
- Original Message -
From: "Bartek Krajnik" <[EMAIL PROTECTED]>
To: "Chris Paulson
LAN1 & LAN2 respectively on to LAN3 and
Router3 then SNATs from LAN3 onto the public Internet connection.
My question is how I can collapse this into a single router (Router3),
eliminating LAN3, without renumbering LAN 1 or 2 so they don't have
duplicate adresses?
R
lf Of Chris Clark
Sent: Friday, February 14, 2003 12:03 AM
To: [EMAIL PROTECTED]
Subject: [LARTC] tcng and network processor
I am considering a project to translate tcc output (C code or external
interface) to network processor code, so that the NP can do the actual
traffic shaping. I have a pla
reduce the processing load on the host.
Has anyone attempted anything like this?
I have never used tcng before, but I have been reading all of the
available documentation. Is there anything that I should know about tcc
or its output before I attempt this?
Thanks,
Chris
be set in linux kernel so that kernel sets priority for
> packets according to TOS value.I guess this priorty will be used by PRIO
> qdisc(by default) to decide which band the packet belongs.
Yes, it happens by default, with the pfifo_fast qdisc.
Cheers, Chris.
--
___ __ _
/ _
aces.
I believe that implementing these suggestions would make Linux QoS more
powerful, more accessible, and simpler. Does anyone here agree or
disagree? Would anyone like to help me with this project? Where else
should I ask about this, apart from the obvious Netfilter mailing list?
Comments, sugges
* be fine.
I'm wondering if I left something out that the kernel requires to recognize the
new qdisc.
Thanks in advance.
Yell if you need more code/information.
Chris Groenewald.
\"And on the eighth day, we bulldozed it.\"
___
LARTC maili
internet.
(must provide end user with public IP but go through LINUXBOX for CBQ
control.
I hope this make sence and I provided enough info.
Chris Allen
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
does not HTB only shape on outgoing traffic? unless you start doing some
ingress queues?
- Original Message -
From: "Stef Coene" <[EMAIL PROTECTED]>
To: "Roché Compaan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, July 29, 2002 5:54 AM
Subject: Re: [LARTC] Bridge with Traffic sh
what kinda bridge are you using?
bridge-nf? if you are it says it only supports iptables, you would have to
mark the packets then use filter to put the marked packets into teh correct
queue for managing
- Original Message -
From: "Roché Compaan" <[EMAIL PROTECTED]>
To: "Stef Coene" <[EMAIL
-Original Message-
From: Radoslav Kolev [mailto:[EMAIL PROTECTED]]
Sent: Monday, 22 July 2002 9:17 PM
To: Chris Harrison
Subject: Re: [LARTC] squid marking packets
Chris Harrison wrote:
>No, but how would it help anyway?
>
>The packets are on different OSI levels to begin wi
shap out going traffic
you can also check out the bridges list serve @ [EMAIL PROTECTED]
they are a good source for bridging problems
Chris
- Original Message -
From: "ALBRECHT, BENJAMIN" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 11, 2002 1:35 AM
add the changes permenatly to a script, I couldn't
replicate it.
Thanks for any help you can offer,
Chris.
This e-mail message is meant solely for the person or organisation to whom it is
adressed. If you receive this email in error please do not distribute, further publish
or relay upo
when i go to install htb i know i need to patch the kernel (DONE)
and do i need grab the iprotue2+tc and patch then make or just use the tc
binary from the tgz file and replace the tc file curently located on the
system?
i am useing Gentoo
Chris K Ellsworth
what you want to do is setup a bridgeing firewall
http://bridge.sourceforge.net/
- Original Message -
From: "Neil Aggarwal" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 31, 2002 2:55 PM
Subject: [LARTC] How to make Linux server transparent to internal machines?
> Hello:
first thing to remember is to limit on the outgoing network card and 2nd
look into either HTB or CBQ under TC.
also check out
www.docum.org
- Original Message -
From: "mdew" <[EMAIL PROTECTED]>
To: "lartc" <[EMAIL PROTECTED]>
Sent: Wednesday, May 29, 2002 10:47 PM
Subject: [LARTC] newbie
I have been trying to shape the traffice on a bridge i have iptables
succesfully marking packes but have not been able to get TC to read
the marked packets from Iptables and filter them into CBQ my current
config is as follows
tcclass_add="tc class add dev brint_ext parent 1: classid"
tc
I have been trying to shape the traffice on a bridge i have iptables
succesfully marking packes but have not been able to get TC to read
the marked packets from Iptables and filter them into CBQ my current
config is as follows
tcclass_add="tc class add dev brint_ext parent 1: classid"
tc
Since monitoring this list and others i see people use both iptables
and tc to assign packets on a bridge to the correct class for
bandwidth control, what is the plus/minus of each?
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailm
81 matches
Mail list logo