Simon, Tom, I really appreciate your answers, very accurate and very
helpful.
I already read the lartc guide, is a headache, but is the base of all of
this and is really helpful to know how this works on a lower level.
finally I set a couple of marks for national connections using geoip
(ssh, vpn, voip, web, mail, etc), assuring a minimum 90mbit, and a full
of 100mbit (I know simon, that's the correct unit, and to be sure I
tested it and works like a charm)
and set a different marks for the same connections but to any
destination (all the rest after the geoip for national connections), and
I assure the remaining 10mbit, and a full of 10mbit as well
the tricky part was set the correct order of the mangle file for all the
marks.
it's on production since the last friday night and it works flawlessly
thank you guys.
PS: sometimes, using the exactly same config files, even using the same
machine, but with a different provider the QoS doesn't work at all, once
you set the QoS and restart the shorewall the network speed go down to
6kbps, some services like dns stop working, etc. this has happened to me
a lot of times but I never find out what's the problem, I changed the
marks, kernel, shorewall version, everything, there is something on the
provider side can cause this behavior?
On 18/03/16 17:32, Tom Eastep wrote:
On 03/18/2016 09:25 AM, Felipe Román wrote:
Hello guys, this is my first message to this list.
to the point.
I have a "problem" with QoS, we have different speed in the network
provider link, 100mbit download and 100mbit upload in the national
connections, and 10mbit download and 10mbit upload on international
connections.
I set the qos to work with 100/100mbit and it works perfectly, but this
is ok with the national connections, but with international connections
I still have my link satured.
so, can I set a different speed in the same interface based on geoip or
something?
I thought in use 2 interfaces for the same provider, and make a masq
rule for national destinations (with geoip) and the rest of the
connection with a masq in other interface. this solves the different
speed problem for the qos, but how can I route the same provider with 2
interfaces using the same gateway.
any idea is welcome.
For outbound traffic, you can use Geoip on the connection (not on each
packet) to place the traffic in a slower class. Not much you can do on
input, unless you do it on your LAN interface and use the same technique.
-Tom
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
