I am running Debian kernel 2.6.26-2-686, shorewall 4.4.11.6 My provider gives me 32Mb/down, and 5Mb/Up. I am testing the limit of download for certain zones, and have found that when running shorewall traffic shaper, I am getting 2.5-3.0Mb download. When I set TC_ENABLED=no, then I get 28-30Mb as expected.
My test if from a PC on the lan with ip 192.168.150.2. I have followed the
guidelines for limiting download, and I would expect this traffic to be in
the 10Mb range based on my settings. I am confused why it is slowing to
2.5-3.0Mb, but as soon as I disable TC, it jumps up to full.
My ideal scenario is to dedicate bandwidth for VOIP & DFS traffic, with a
larger pool available for web browsing at a lower priority.
I am attaching the results of shorewall dump as well.
tcclasses:
#INTERFACE:CLASS MARK RATE CEIL PRIORITY OPTIONS
eth1 1 728kbit full 1
tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc #voip
eth1 2 10kbit 50kbit 2
tcp-ack,tos-minimize-delay #icmp
eth1 3 128kbit full 3
#DFS
eth1 5 128kbit full 4 default
eth0 1 1mbit full 1
tos=0x68/0xfc,tos=0xb8/0xfc,tos=0x48/0xfc #voip
eth0 2 100kbit 500kbit 2
tcp-ack,tos-minimize-delay #icmp
eth0 3 1mbit 10mbit 3
#DFS
eth0 4 1mbit 10mbit 4
#Web Browse
eth0 5 90mbit full 5 default
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
tcrules:
######################################################################################################################
#MARK SOURCE DEST PROTO DEST SOURCE USER
TEST LENGTH TOS CONNBYTES HELPER
# PORT(S) PORT(S)
1 $FW - udp 4569
1 $FW - tcp 4569
1 $FW - udp 5060:5061
1 $FW - tcp 5060:5061
1 $FW - udp 10000:20000
1 $FW - tcp 10000:20000
2 - - icmp echo-request
2 - - icmp echo-reply
2:F - - icmp echo-request
2:F - - icmp echo-reply
3:F 192.168.150.0/24 192.168.1.0/24 all #DFS
3:F 192.168.1.0/24 192.168.150.0/24 all #DFS
4:F eth1 192.168.150.0/24 all #Web Traffic
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
tcdevices:
###############################################################################
#NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED
#INTERFACE INTERFACES
eth1 20200kbit 5040kbit
eth0 - 1000mbit
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
status.txt.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
