Tom Eastep schrieb: > Felix Erkinger wrote: >> Tom Eastep schrieb: >>> Felix Erkinger wrote: >>>> Tom Eastep wrote: >>>>> Felix Erkinger wrote: >>>>>> Hi, >>>>>> >>>>>> i have a setup where the firewall creates four pptp tunnels (austrian >>>>>> provider setup for multiple ip addresses) and i have no idea how to >>>>>> setup traffic shaping in this configuration >>>>>> >>>>>> if i shape the encapsulated packets on the link to the modem, the >>>>>> firewall shapes only GRE packets, so this doesnt work. >>>>>> >>>>>> is there a possibility like to put all pptp tunnels to a bridge and >>>>>> reroute them via traffic shaping or can i use a common limit on a bunch >>>>>> of interfaces so the count together, or am i stuck ? >>>>> I believe you are stuck. >>>> Hmm, what about setting up a bridge (eg. "tonet"), >>>> adding a private ip address to that bridge, >>>> setting the default route to the ip address of that bridge, >>>> mark all traffic for the corresponding pptp tunnels with fwmark x >>>> create four ip rules that sorts packets with fwmark x to table ppp-x if >>>> coming from dev tonet, >>>> add four ip routes for the default gw of dev ppp-x and table ppp-x >>>> >>>> Could this work ? >>> I don't understand your proposal. What devices would you add to the >>> bridge (can't be PPtP devices)? >> hmm, none, i just poked arround, and added a bridge, with >> "brctl add tonet" >> and assigned an ip address to it with >> "ifconfig tonet 10.10.0.1" >> after that i can ping it, and assign the default gw route to it, so >> there must be a ip stack answering the ping, so there could be a >> possibility to reroute ? > > Not that I can see. > > What this calls for is an Intermediate Queuing Device (IQD) attached to > your internal interface. Unfortunately, I've never been able to make one > work (but I haven't tried very hard either). Warning: It requires kernel > patching. See the LARTC Howto.
i will investigate a little bit further regarding your information, thank you for your help and trying to make sense out of my ideas :-) , Felix ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
