On 08/06/2009 10:02, Tom Eastep wrote: > Simon Hobson wrote: > >> Tom Eastep wrote: >> >> >>> > i think iproute2 is capable of doing this, can anybody suggest me some >>> >>>> toola or utility to configure this. >>>> >>>> >>> iproute2 + iptables + xtables-addons + recent Linux Kernel + lots of >>> knowledge about how all of those things work. >>> >> A situation for using an IFB ? >> >> > I doubt it. Unless the OP has public IP addresses assigned to all > internal systems, an IFB doesn't work for limiting traffic per-host. The > reason is that the destination address of the traffic hasn't been > 'de-NATted' yet when it goes through the IFB. > > One really needs IPMARK applied to shaping on the internal interface. > This will be possible in Shorewall 4.4 but is not available in 4.2. > > -Tom > You can use IMQ configured in AB configuration (you can shape on the external eth based on internal IP). I'm using it with shorewall just adding a few lines to the start script, redirecting traffic to IMQ.
Hope it helps. Pablo. ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
