On 04/23/2011 07:40 AM, lanas wrote: > Hello, > > From a user perspective, the simple (tcpri) and complex TC configs > offers two rather distinct choices. A user can very well be OK with > only using the simple way and that's very fine. Then again, even in > doing so, the more complex config options are available.
No they are not. The type of TC available is determined by the TC_ENABLED setting in shorewall.conf: - TC_ENABLED=Simple enables simple traffic shaping - TC_ENABLED=Internal enables complex traffic shaping > What is the interplay between the two as far as having some > parameters configured in both at the same time ? You cannot. > So far I only see that if interfaces are configured in tcinterfaces > then some priorities will be deferred when the tcpri is used. If an interface is configured in tcinterfaces, then traffic leaving that interface will be prioritized based on the TOS field in the ip header. Optionally, you can police the incoming traffic rate and limit the outgoing rate. > I have re-read several times the explanation in tcpri but can't > figure it out clearly. What would be a typical, concerte example of > this interaction ? Here is my own tcpri file: #BAND PROTO PORT(S) ADDRESS INTERFACE COMMENT All DMZ traffic in band 3 by default 3 - - 70.90.191.124/31 COMMENT Bit Torrent is in band 3 3 ipp2p:all bit COMMENT But give a boost to DNS queries 2 udp 53 COMMENT And place echo requests in band 1 to avoid false line-downs 1 icmp 8 In this example, I am declaring that all traffic from 70.90.191.124/31 as well as Bit Torrent traffic (from any address) should go into the lowest priority band, but I'm giving a boost to DNS queries and in all cases, I want echo requests to go into the highest priority band. The latter was intended to insure that LSM pings (see the Shorewall multi-ISP documentation) were given high priority. HTH, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
