Mike Purnell wrote: >Not only is this not shorewall related, but you really don't give enough >information to solve your problem.
I know, it's hard to know where to balance being too terse, and giving too many irrelevant details :-( >What else is on the router? Nothing (apart from Shorewall that is). It will NFS export a directory containing rrd databases of it's logs. >What kind of shaping are you trying to do? What software are you using for the >shaping and what is the underlying operating system? The "wondershaper" config using HTB from the LARTC (15.8.3 on here http://lartc.org/howto/lartc.cookbook.ultimate-tc.html). It's started from Shorewall vi the tcstart file. Debian Etch 386 >It seems like you ought to be able to do this with the hardware you >already have... if you have plenty of ram and the software >configuration is right. The 'new' box I built I would have expected to cope, but I suspect that one of the NICs may have something to do with it - it's not one I would have chosen (sorry, can't remember which one now, I'm at home and the box is at work and not accessible - could be an RTL8139) but this was (at the time) a zero budget job ! I should have access to an Intel NIC to replace it with next week. One thing that makes me suspicious is that if I load up the system and then try to copy a large file off it with SCP then it kernel panics - and it appears to be related to interrupts in the NIC driver. The base machine is a recycled server with Intel server board in it, a Pentium III 1GHz, 512M RAM. The 'old' box seems to handle 2mbps without any problem - that's why I'm surprised at having so much trouble with 6mbps. The old box sits there at 98% idle, except when drawing graphs, some of which can take several seconds of 100% processor utilisation to create. It also runs Nagios and monitors about a 1000 services - one of the reasons for building a new box is to split the routing and monitoring functions. Temporarily I've cloned the setup onto another box, this has dual quad core 2GHz processors - I suspect the multiple cores don't help when the kernel is spending so much time in low level stuff like shovelling packets about. I'm told that these don't have 4off 2GHz cores, but more likely 4off 500MHz cores adding up to 2GHz - sounds 'iffy' to me but I've not kept up with details like this for some years. This bigger box is Dell with dual embedded NICs (btx driver) which can shift the packets AND count them, but still can't manage wirespeed if I turn on the shaping (and yes I HAVE set the shaping speeds so they shouldn't be limiting the rate (yet) !) ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
