Re: [Shorewall-users] Is this TC configuration correct

Sat, 28 Mar 2009 16:12:08 -0700 

Balogh László wrote:

> Ok, I think I get what you are suggesting.  But if  I make  one class
> per subnet (for eaxmple sales),
> then it would work, not? (Saying I don't care about how the bandwidth
> gets divided in a subnet)
> 

That will work.

> So if I keep the bandwidth of all the classes under 40Mbps(in my case)
> then it would work.

The sum of the RATEs for eth0 must be less than or equal to 40Mpbs.

> I am thinking about keeping about 30 classes for tha local net,
> (dhcp is configured to serve these adresses first and we have
> like 15-20 many clients today)
> and one class for the sales net.
> 
> The rates would be:
> 30*100kbps=~ 3mbps for local net
> 10mbps for deafult
> 1mbps for sales
> 
> and i am still under 40mbps.
>
> rule 1 for default
> rule 2-31 for local
> rule 32 for sales net

rule 1 - RESTORE connection mark
rule 2 - CONTINUE if mark is non-zero
rule 3 - for default
rule 4-33 - for local
rule 34 for sales net
rule 35 SAVE

> 
> tcdevices
> #INTERFACE IN-BANDWITH OUT-BANDWIDTH
> eth0 40mbps 40mbps
> eth2 100mbps 100mbps
> 
> tcclasses
> #INTERFACE MARK RATE CEIL PRIORITY OPTIONS
> eth0 1 10mbps full 1 default
> eth2 1 10mbps full 1 default
> eth0 2 100kbps 1mbps 2
> eth2 2 100kbps 1mbps 2
> eth0 3 100kbps 1mbps 2
> eth2 3 100kbps 1mbps 2
> eth0 4 100kbps 1mbps 2
> eth2 4 100kbps 1mbps 2
> ...
> eth0 31 100kbps 1mbps 2
> eth2 31 100kbps 1mbps 2
> eth0 32 1mbps 5mbps 3
> eth0 32 1mbps 5mbps 3
> 
> tcrules
> #MARK SOURCE DESTINATION PROTIOCOL PORT(s)
> 2:F 192.168.101.11 eth0 all
> 2:F eth0 192.168.101.11 all
> 3:F 192.168.101.12 eth0 all
> 3:F eth0 192.168.101.12 all
> 4:F 192.168.101.13 eth0 all
> 4:F eth0 192.168.101.13 all
> ... 
> 31:F 192.168.101.40 eth0 all
> 31:F eth0 192.168.101.40 all
> 32:F 192.168.102.0/24 eth0 all
> 32:F eth0 192.168.102.0/24 all
> 

See my suggestion above.
>  
> So do I get it right this time?
> 

Getting close.

-Tom
-- 
Tom Eastep    \ The ultimate result of shielding men from the effects of
Shoreline,     \ folly is to fill the world with fools.
Washington, USA \                                     -- Herbert Spencer
------------------------------------------------------------------------
http://www.shorewall.net

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to