On Tue, Apr 21, 2009 at 01:34:48PM -0700, Tom Eastep wrote: > You are *guaranteeing* 20% of the bandwidth for this high-priority > traffic but are limiting it to 40% -- *why*?
This kind of interactive traffic has no *real* reason of using more than 40% of the uplink. Maybe it is a good idea to let it be able to use the full capacity though. > > ppp0 2 20*full/100 30*full/100 2 > > tos=0x68/0xfc,tos=0xb8/0xfc > > Same with VOIP -- why not let it use all of the bandwidth if there is no > lower-priority traffic. Sounds you're right > > > ppp0 3 20*full/100 25*full/100 3 > > ppp0 4 40*full/100 85*full/100 4 > > ppp0 5 5*full/100 40*full/100 4 default > > > > /etc/shorewall/tcdevices: > > ppp0 25000kbit 830kbit > > > > /etc/shorewall/tcrules: > > 1:T 0.0.0.0/0 0.0.0.0/0 icmp echo-request > > 1:T 0.0.0.0/0 0.0.0.0/0 icmp echo-reply > > 1:T 0.0.0.0/0 0.0.0.0/0 tcp ssh > > 2:T 0.0.0.0/0 0.0.0.0/0 udp sip,iax > > 2:T 0.0.0.0/0 0.0.0.0/0 tcp sip,iax > > SIP and IAX traffic that is also marked tos-minimize-delay will go in > this class rather than the first; is that what you want? You mean that sip and iax will all go in class 2 ? > There is no point in saving the packet mark if you don't restore the > mark at the top of the rules and bail out if the connection was already > marked. I'm gonna remove it ;) Cheers ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
