> So, Stephan must have been meant ingress shaping (delaying packets?) and I > assumed he meant ingress policing. Is there a significant reason to use > shaping rather than policing? Yes, policing drops valid packets, but TCP > will > cause that anyway before backing off sending.
Sorry for the confusion. Yes, I meant shaping. Maybe policing is better than nothing, definitely try it out and tell us :-) But there is a reason to buffer packets instead of dropping them: Dropping packets kills TCP throughput. Buffering packets gives TCP connections a way to figure out the appropriate rate. Don't ask me to explain because I don't understand much about it myself. Ask Google about TCP flow rate and congestion control to get an idea. If you use a hash bucket queue or similar for buffering, each connection basically gets its own buffer, so that trickling traffic like SSH does not get delayed in long buffers. And real-time traffic like phone calls prefer 10% dropped packets over 100% delayed packets so they need their own mini-queues. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
