--On Friday, April 24, 2020 10:32 AM -0700 Dave Taht <[email protected]>
wrote:
That's miserable. 480ms latency on fiber?? You can do so much better.
But why centos? sure the sqm-scripts work with that but you should be
able to shape 45Mbits with even a wndr3800. openwrt works great on x86
hw, also. :)
The same box is providing a bunch of other public-facing services, so I
need some moderately heavy iron. (Still a cheap server, though.) If it were
JUST a NAT router, I'd consider a cheap OpenWrt-capable router like the one
I'm using at home.
Note that this test was without any shaping parameters. I think CentOS
(like Fedora) defaults to fq_codel, though.
do you get dedicated ipv6 with that AT&T service?
Yep, they give us a /56, which seems to be the default for "sites" unless
you ask for something bigger. So I'm assigning a /64 to the link between
our box and their gateway, and another to our LAN. That leaves 254 more for
whatever. I need to assign a AAAA to the public side and test. Haven't
gotten to that, yet.
We also get some VOIP lines that their gateway deals with. So no SIP yet
within the LAN. We do use the "WiFi calling" feature on our mobiles,
though. Cellular coverage at our location is terrible.
What will be the vpn type? ipsec, terminating on the router, works
well with fq_codel because the hash is propagated to the tunnel,
wireguard and openvpn currently do not.
I'm using OpenVPN with proto udp and dev tun. Our main use is to run Remote
Desktop from home to our office and lab PCs. If I need to move files, I
usually use scp. Outbound, we use Cisco's VPN to connect to customers to
check binaries into their Subversion repo over HTTPS.
For customers and vendors, we have secure FTP drops. Mostly used for CAD
drawings.
_______________________________________________
Bloat mailing list
[email protected]
https://lists.bufferbloat.net/listinfo/bloat
