Re: [Shorewall-users] Qos and VOIP

Fri, 14 Dec 2007 14:36:38 -0800 

 
 


Mike wrote:
>       I have a box in the lan that sends packets through open vpn.
> openvpn is running on the shorewall boxes on both endpoints.
> The traffic is being classified, but clipping is occuring.
> Does traffic have to be classifed on the openvpn interface as well?

You must define shaping on the openvpn interface if you want to prioritize
the traffic going through that interface. And you probably also want to give
the open VPN traffic itself (usually UDP 1194) a boost on the external
interface.

-Tom
-- 


Tom
I have tried the following for some test until Glenn and I try passing  Tos
bit through openvpn with the passtos directive which seems to be supported
now with openvpn. In my case here there is traffic from
10.19.227.18 which is a pbs phone box with h323 udp traffic for voip and
Remote Desktop 3389 no other traffic but these two above.
When you state "And you probably also want to give the open VPN traffic
itself (usually UDP 1194) a boost on the external interface."
        Would the two rules work below
2:11       10.19.227.18         0.0.0.0/0               ALL
3:11       10.19.227.18         0.0.0.0/0               ALL

        Then I am thinking the remote desktop protocall will fall into the
default class?
Mike

#INTERFACE      IN-BANDWITH     OUT-BANDWIDTH
eth0    3000kbit        1152kbit
eth1    768kbit         768kbit
tun1    768kbit         768kbit

#INTERFACE      MARK    RATE    CEIL    PRIORITY        OPTIONS
eth0    1       full    full    1  
eth0            2       full/4          full            2 
eth0            3       full/4          full            3  default
eth0            4       full/8          full*8/10       4
#
#
eth1        1   full    full    1 
eth1        2     full/4        full            2 
eth1        3   full/4          full            3  default
eth1        4   full/8          full*8/10       4
##
#
tun1        1   full    full    1 
tun1        2     full/4        full            2 
tun1        3   full/8          full*8/10       3  default





BTW the default class in tun1 will be 2, using 3 for test purposes.
When I am reffering to the "only traffic" above 3389 and voip
means the only traffic through tun1.
Mike




-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to