On Sat, 2007-08-18 at 04:04 -0700, Edwin Koome wrote: > My music server is running on the firewall (shorewall, > single interface, NATed) and therefore the connections > are from net (local network-10.0.0.0/24) to firewall. > Slimserver is running on http port 9000 where > squeezebox connects. > > Since i use the connection for other things including > bittorrent, i had a need to shape the traffic. The > problem is even when the link is idle, the shaper > seems to affect my player (constant rebuffering and > music connection drops). > > With TC disabled, the other aspects of the firewall > are great and don't affect my music.The other ports > don't stream music (control ports) and adding them as > priority 1 on the shaper does not help either. > > I have provided the relevant TCclass and TCrules: > > eth0 1 full full 1 > tcp-ack,tos-maximize-throughput,tos-minimize-delay > > Tcrule > 1:T 0.0.0.0/0 0.0.0.0/0 tcp 9000 > > My default policy from $FW to NET is ACCEPT and > therefore a separate rule in the opposite direction is > uneccesary. > > Hope this helps.
Ask a simple question and get a book.... Given the above description, I'm going to guess that the music is going from fw->net. I'm also going to suppose that the hosts that are pulling this music from the firewall server are on the local LAN -- is that correct? If I'm correct on both counts, then a) your 'full' bandwidth of 250000 bits per second seems terribly small for streaming music. b) Guaranteeing the 'full' bandwidth to one class means that HTB will over-schedule and exceed the 'full' bandwidth anyway (the guarantees in the RATE column should add up to something less than or equal to 'full'). b) Your tcrule above is classifying traffic whose DESTINATION port is 9000 but traffic from the server (on the firewall) to the client hosts would have SOURCE port 9000. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
