System has eth0 to Internet and eth2 to LAN. There's also an tun0 VPN to a remote site. We want to give absolute priority to VoIP traffic via the VPN over all other traffic.
In tcrules, we set everything with source==eth2 to mark 1, then the specific VoIP ports/protocols (also on eth2) to mark 2. The theory here is that the last matching rule assigns the mark, so non-priority traffic should be marked with 1 and priority traffic marked with 2. Questions: - in tcclasses, we're assigning tun0 with mark 2 as follows: rate=full, ceil=full, priority=1, no options. We want to have "tun0, mark 2" rule at priority 2; is it valid to set rate=0 and ceil=full? When we did so in tests, it seemed to stop all traffic. - because VPN traffic goes over the same physical interface as eth0, presumably we have to limit eth0 traffic as well, otherwise excessive non-VPN traffic could adversely affect VoIP VPN traffic? Thanks for any help - Keith ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
