Brian J. Murrell wrote:
On Thu, 2008-06-05 at 07:20 -0700, Tom Eastep wrote:Brian J. Murrell wrote:Sure. But Shorewall was never targeted at that market. It's predecessor Seawall was targeted at SOHO users and I originally developed Shorewall to provide a product that took over where Seawall left off.For most home, or other small use situations, isn't it easier to just specify priorities of traffic, i.e. Type Priority VOIP 1 Interactive (i.e. ssh) 2 All other 3SOHO. That's for the most part the situation I'm talking about. I'm talking about a small enough user base that guaranteeing bandwidth for certain use cases is overkill and all that is necessary is prioritizing.The simple commodity firewall routers typically use a scheme like you advocate. But then I've never understood why a home user would choose Shorewall over one of those little devices anyway.For mom, perhaps, but for a hacker, they don't do near enough. In fact they don't even do enough for mom. VPN technology is sorely lacking from (almost?) all of them, just for starters.Then I urge you to develop such a traffic shaper as an alternative to the one built into Shorewall. If it turns out to be wildly popular, we can integrate it into Shorewall just like we did with Arne Bernin's 'tc4shorewall' which is the current Shorewall builtin TC.Probably not worth it if HTB can emulate the "prioritize only, not guarantee bandwidth" given the work that's already present to support it.#INTERFACE MARK RATE CEIL PRIORITY OPTIONS ppp0 1 full full 1 tcp-ack,tos-minimize-delay ppp0 2 full full 2 default ppp0 3 full full 2^ this last one should have been priority 3---------+Not really. HTB works badly when the sum of the RATEs exceeds the OUT-BANDWIDTH. Something more like this should work though: #INTERFACE MARK RATE CEIL PRIORITY OPTIONS ppp0 1 full*98/100 full 1 tcp-ack,tos-minimize-delay ppp0 2 full/100 full 2 default ppp0 3 full/100 full 2So is class "1" limited to 98% bandwidth or full?
Hint: CEIL == limit.
It seems it would be full (otherwise what's the point of the CIEL?). If class "1" is unused can class 2 get 100% of the bandwidth?
Yes.
If both class 2 and 3 are over-saturating, does class 2 get 100% of the bandwidth because of it's priority?
It gets 99% of it. Class 3 is guaranteed 1% -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
