Re: Traffic shaping.
On 2017-01-10 14:17, Joshua Judson Rosen wrote: > Well, that's the other thing that actually wasn't clear: > whether "an OpenVPN network" meant a multitude of OpenVPN clients > all connecting individually to a single server (N:1), > or a network that's being routed (or bridged) through a single > OpenVPN tunnel between local+remote OpenVPN nodes (1:1). > > If you need the N:1 case to work, I'll have to defer to > someone else who's actually familiar with QoS management. :\ And that's pretty much where I find myself. :) Thanks for kicking the tires!! -Ken ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping.
On 01/10/2017 01:51 PM, Ken D'Ambrosio wrote: > On 2017-01-10 13:47, Joshua Judson Rosen wrote: >> On 01/10/2017 01:28 PM, Ken D'Ambrosio wrote: >>> Hey, all. I've got an OpenVPN network talking to a server at a remote >>> site over the corporate WAN. (Reasons for this are complex, and I won't >>> bore you with them, but please trust me that this setup was required >>> "because IT.") Anyway, I'd like to throttle the bandwidth going both >>> ways. Unfortunately, OpenVPN only throttles on the client side going >>> one way, and not at all on the server side. >> >> Are you actually setting the OpenVPN shaper option on both the client >> *and the server*, or only on the client? > > Apparently, irrelevant: it does not work on server: > > https://community.openvpn.net/openvpn/ticket/413 Well, that's the other thing that actually wasn't clear: whether "an OpenVPN network" meant a multitude of OpenVPN clients all connecting individually to a single server (N:1), or a network that's being routed (or bridged) through a single OpenVPN tunnel between local+remote OpenVPN nodes (1:1). If you need the N:1 case to work, I'll have to defer to someone else who's actually familiar with QoS management. :\ -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr." ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping.
On 2017-01-10 13:47, Joshua Judson Rosen wrote: > On 01/10/2017 01:28 PM, Ken D'Ambrosio wrote: >> Hey, all. I've got an OpenVPN network talking to a server at a remote >> site over the corporate WAN. (Reasons for this are complex, and I >> won't >> bore you with them, but please trust me that this setup was required >> "because IT.") Anyway, I'd like to throttle the bandwidth going both >> ways. Unfortunately, OpenVPN only throttles on the client side going >> one way, and not at all on the server side. > > Are you actually setting the OpenVPN shaper option on both the client > *and the server*, or only on the client? Apparently, irrelevant: it does not work on server: https://community.openvpn.net/openvpn/ticket/413 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping.
On 01/10/2017 01:28 PM, Ken D'Ambrosio wrote: > Hey, all. I've got an OpenVPN network talking to a server at a remote > site over the corporate WAN. (Reasons for this are complex, and I won't > bore you with them, but please trust me that this setup was required > "because IT.") Anyway, I'd like to throttle the bandwidth going both > ways. Unfortunately, OpenVPN only throttles on the client side going > one way, and not at all on the server side. Are you actually setting the OpenVPN shaper option on both the client *and the server*, or only on the client? -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr." ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/26/06, Michael ODonnell [EMAIL PROTECTED] wrote: How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? Outbound only, I presume, and even that's a good trick. Inbound aggregation/load balancing would require cooperation from the ISP and I suspect they'd rather just sell him a single go-faster connection for a way larger number of dollars... There's something out there called Trunking where you can make 2 network connections act as one. I think it may be called bonding in Linux. In the past you took 2 PPP connections and bonded them. Some high end switches have Trunking and Sun has Sun Trunking. Both follow some 802.x standard that I can't recall. Again, this would require cooporation from the ISP. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On Tue, 2006-12-26 at 21:43 -0500, Ben Scott wrote: On 12/26/06, hewitt_tech [EMAIL PROTECTED] wrote: How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? How about cutting some text when quoting a message? ;-) (Your 2-line reply quoted 50 lines of original.) Netiquette aside... I wasn't aware of those products. The RV082 looks like a neat little box. Do you have any experience with those boxes doing what Bruce wants to do? That is, have one user (LAN IP address) associated with one WAN feed, and another user associated with the other WAN feed? The user manual doesn't make it clear if that is even supposed to be possible, and LinkSys doesn't always deliver on their claims even when they are clear. :) I had picked out these boxes as possibly being of interest for use here for shared Internet access in the building. Any info on hackability of the RV082/RV042 units? In particular, can they be hacked to run a custom Linux firmware? I found http://tinyurl.com/y7hn9b but it's mainly speculation, and about a year old. I found http://openixp.phj.hu/ but it appears to be stagnant. The source code is available, but the lack of wireless seems to have reduced the overall level of interest. I looked over the software build requirements and decided that just getting the cross-compiler and any debugging emulation to work would be a challenge. How to convince my wife that figuring this stuff out would be a fun project for us in the evenings? http://www.linksys.com/servlet/Satellite?c=L_Download_C2childpagename=US%2FLayoutcid=1115417110138packedargs=sku%3D1115416833289pagename=Linksys%2FCommon%2FVisitorWrapper Cheers, -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ -- Lloyd Kvam Venix Corp ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/26/06, Michael ODonnell [EMAIL PROTECTED] wrote: How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? Outbound only, I presume, and even that's a good trick. Inbound aggregation/load balancing would require cooperation from the ISP and I suspect they'd rather just sell him a single go-faster connection for a way larger number of dollars... The outbound load balance would need to load balance on the per connection level anyway. A go faster then cable connection? Unless he's in the verizon fiber roll out area, not sure how he'd get that without moocho bucks. -- -- Thomas ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/27/06, Thomas Charron [EMAIL PROTECTED] wrote: Outbound only, I presume, and even that's a good trick. Inbound aggregation/load balancing would require cooperation from the ISP and I suspect they'd rather just sell him a single go-faster connection for a way larger number of dollars... The outbound load balance would need to load balance on the per connection level anyway. Which is why true aggregation (be it at the data link level, or the IP level) would be nicer, since that balances at the frame/packet level. But see below about moocho bucks. A go faster then cable connection? Unless he's in the verizon fiber roll out area, not sure how he'd get that without moocho bucks. Exactly. That seems like a good plan to a telco. (Bruce paying moocho bucks.) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/27/06, Tom Buskey [EMAIL PROTECTED] wrote: How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? Outbound only, I presume ... ... Trunking ... Right. Trunking, bonding,link aggregation, teaming are all about taking about the same thing: Taking separate connections and making them act as one, at the data link layer (layer two). ... some 802.x standard that I can't recall. 802.3ad ... Again, this would require cooporation from the ISP. And that's the rub. Like Bruce said, this is a cable ISP. They barely support IP. Anything requiring cooperation with the upstream is right out. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/26/06, Bruce Dawson [EMAIL PROTECTED] wrote: My partner and I use VPNs to access our employer sites, and we frequently find that we're bottlenecking on uploads. So we decided to get a 2nd cable modem so we won't collide with each other. Small, but important question. What kind of VPN? OpenVPN? PPTP? Does anyone know of good reference material regarding aggregating, or otherwise combining the two cable modem's throughput into a single network segment (using a router - preferably a Linksys running OpenWRT or somesuch)? I'm really looking for a HOWTO type document - or if someone knows the commands to execute, that would be a good start! Mostly, ISP's need to offer the ability to do this. A hack and slash quickie would be, as was suggested, to simply have you use one, and him the other. I actually just looked at my m0n0wall install to see if it could agregate multiple WAN connection, but it cannot. pfSense, a fork of m0n0wall, *CAN*, on the other hand, do this out of the box. http://www.pfsense.com/ http://www.pfsense.com/index.php?id=36 has a link to one multi-wan tutorial. Here's a quote from the FAQ: Multiple WAN connections are supported under some circumstances. Only one WAN connection can be PPPoE, BigPond, or PPTP. The other must be static IP or DHCP. Outgoing load balancing is supported, but link monitoring is still currently under development. This means there currently is no automatic failover capacity. Load balancing is on per connection basis, not a bandwidth basis. All packets in a given flow will go over only one link. http://www.pfsense.com/index.php?id=36 -- -- Thomas ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
Thomas Charron wrote: A go faster then cable connection? Unless he's in the verizon fiber roll out area, not sure how he'd get that without moocho bucks. Depends on the cable company. Some throttle the bandwidth for residential service, but offer a (less) throttled connection for business-class service for more money. Some also offer two tiers of bandwidth for residential service with a premium for a less throttled connection. -- Dan Jenkins ([EMAIL PROTECTED]) Rastech Inc., Bedford, NH, USA --- 1-603-206-9951 *** Technical Support Excellence for over a Quarter Century ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/27/06, Thomas Charron [EMAIL PROTECTED] wrote: On 12/26/06, Bruce Dawson [EMAIL PROTECTED] wrote: I actually just looked at my m0n0wall install to see if it could aggregate multiple WAN connection, but it cannot. pfSense, a fork of m0n0wall, *CAN*, on the other hand, do this out of the box. I should add that I use m0n0wall due to it's HD-less mode of operation, storing all network info on a floppy disk. ;-) Unfortionatly, pfSense added a GREAT deal of additional functionality, and floppy-mode wasn't one of them. Maybee I should toss a HD in a spare machine and migrate over.. Looking at pfSense again made me jealous for features. ;-) -- -- Thomas ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On Dec 26, 2006, at 11:30, Bruce Dawson wrote: (using a router - preferably a Linksys running OpenWRT or somesuch)? These guys appear to box up a linux router for said purpose: http://www.peplink.com/productsSpec.php?productName=balance These are also frequently mentioned: http://www.xincom.com/products/502/overview.php -Bill - Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 [EMAIL PROTECTED] Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/26/06, Bruce Dawson [EMAIL PROTECTED] wrote: Although it would make sense that she would use one modem, and I the other; it stops making sense when you consider the various (shared) printers, file servers and other servers on our LAN that we need access to in our daily tasks. The simplest way to solve your problem is to put one cable modem on one LinkSys box, the other modem on a different LinkSys box, configure the LAN sides of each box with their own IP address, and manually configure each workstation to use a particular LinkSys box as the Internet gateway. It's a kludge, but it works. More complicated and somewhat less kludgey would be to use a router with at least three interfaces: One for the LAN and one for each modem. Assign static IP addresses to the nodes you want using a particular modem. Configure policy routing and NAT such that those IP address get routed via a particular interface and address. The Linux Advanced Routing Traffic Control HOWTO at http://lartc.org/ explains the details. One word of warning, last I tried it (on kernel 2.4 a few years ago), port forwarding via iptables was unaware of policy routing. As I recall, port forwarding always ended up using the default tables, or something along those lines. Does anyone know of good reference material regarding aggregating, or otherwise combining the two cable modem's throughput into a single network segment ... Aggregation usually means turning multiple feeds into one, in particular, such that a single node on your LAN would get twice the bandwidth, even for a single TCP connection. There's no real way to aggregate two consumer cable modem feeds like that. The ISP's routing plan doesn't include multiple routes to a single customer site. Two cable modems are effectively two different sites. They also don't support anything like layer two bonding. You can get a form of load balancing on a per-connection basis. That is, one TCP connection would use one modem, the next would use the other, and so on. This has all the same problems as NAT. It also does the wrong thing if two existing connections pinned to one modem start sucking bandwidth. Prolly not what you want. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
- Original Message - From: Ben Scott [EMAIL PROTECTED] To: gnhlug-discuss@mail.gnhlug.org Sent: Tuesday, December 26, 2006 12:06 PM Subject: Re: Traffic shaping/aggregating On 12/26/06, Bruce Dawson [EMAIL PROTECTED] wrote: Although it would make sense that she would use one modem, and I the other; it stops making sense when you consider the various (shared) printers, file servers and other servers on our LAN that we need access to in our daily tasks. The simplest way to solve your problem is to put one cable modem on one LinkSys box, the other modem on a different LinkSys box, configure the LAN sides of each box with their own IP address, and manually configure each workstation to use a particular LinkSys box as the Internet gateway. It's a kludge, but it works. More complicated and somewhat less kludgey would be to use a router with at least three interfaces: One for the LAN and one for each modem. Assign static IP addresses to the nodes you want using a particular modem. Configure policy routing and NAT such that those IP address get routed via a particular interface and address. The Linux Advanced Routing Traffic Control HOWTO at http://lartc.org/ explains the details. One word of warning, last I tried it (on kernel 2.4 a few years ago), port forwarding via iptables was unaware of policy routing. As I recall, port forwarding always ended up using the default tables, or something along those lines. Does anyone know of good reference material regarding aggregating, or otherwise combining the two cable modem's throughput into a single network segment ... Aggregation usually means turning multiple feeds into one, in particular, such that a single node on your LAN would get twice the bandwidth, even for a single TCP connection. There's no real way to aggregate two consumer cable modem feeds like that. The ISP's routing plan doesn't include multiple routes to a single customer site. Two cable modems are effectively two different sites. They also don't support anything like layer two bonding. You can get a form of load balancing on a per-connection basis. That is, one TCP connection would use one modem, the next would use the other, and so on. This has all the same problems as NAT. It also does the wrong thing if two existing connections pinned to one modem start sucking bandwidth. Prolly not what you want. -- Ben How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? -Alex ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic shaping/aggregating
On 12/26/06, hewitt_tech [EMAIL PROTECTED] wrote: How about using the LinkSys RV042/82 series router which has dual wide area network connections and can do load balancing? How about cutting some text when quoting a message? ;-) (Your 2-line reply quoted 50 lines of original.) Netiquette aside... I wasn't aware of those products. The RV082 looks like a neat little box. Do you have any experience with those boxes doing what Bruce wants to do? That is, have one user (LAN IP address) associated with one WAN feed, and another user associated with the other WAN feed? The user manual doesn't make it clear if that is even supposed to be possible, and LinkSys doesn't always deliver on their claims even when they are clear. :) Any info on hackability of the RV082/RV042 units? In particular, can they be hacked to run a custom Linux firmware? I found http://tinyurl.com/y7hn9b but it's mainly speculation, and about a year old. I found http://openixp.phj.hu/ but it appears to be stagnant. Cheers, -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Traffic Shaping?
Jared Watkins wrote: Is anyone on the list familiar with the use of the tc command for traffic shaping? I'm trying to set up a two tiered set of queues... and it's giving me 'Invalid argument' errors when I'm almost certain the syntax is right... I've encountered the same problem. Since it was only a problem with Mandrake 9.0 (kernel 2.4.19) and not 9.1 (kernel 2.4.21) or above, I never took the time to resolve it. What little research I did implied that it was due to a version mismatch between modules and the kernel. -- Dan Jenkins ([EMAIL PROTECTED]) Rastech Inc., Bedford, NH, USA --- 1-603-206-9951 *** Technical Support for over a Quarter Century ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
