Implementing a Linux gateway via DSL I'd like to do some traffic shaping and have been googling up some info, some of which is conflicting and some questions still remain un-answered so I thought I'd ask the collective wisdom of Slug.
I'd like to rate limit the bandwidth available for web surfing. The googled wisdom on this appears to be that I can either;
1. limit the rate into the internet interface. 2. limit the rate of return ACK packets from the internet interface 3. limit the rate of packets leaving the linux gateways lan interface to the desktop.
Critics of approach 1. state that this is bad because it wastes bandwidth as the packet has already been sent over the DSL and the only way to rate limit is to drop packets which subsequently have to be retransmitted over the DSL (sounds logical).
Approach 2 seems like a neat idea but I haven't been able to grasp how it would work as each ack packet reply is the same size but the packet(s) being replied to could be significantly different in size, how do I semi-accurately limit the rate?
Approach 3 I assume works by slowing down the rate of data into the desktop which in turn slows down the rate of ACK packets the desktop returns, and hence the rate at which the web server delivers the subsequent packets (corrections to this understanding gladly accepted). However, I intend to run Squid as a transparent proxy server, and obviously I'd like to make sure that traffic comming from the local box (squid cache) isn't subjected to the bandwidth throtle. I know I can mark such packets with iptables and I can assign them different priorities within the interfaces packet queue, but how do I allow them a higher bandwidth (as opposed to priority)
Ideas, comments, links flames etc appreciated
TIA's
P.
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
