[LARTC] Classful Queuing
Robert Felber
r.felber@ek-muc.de
Tue, 12 Oct 2004 08:25:25 +0200
--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Oct 11, 2004 at 07:01:57PM -0600, Jamin W. Collins wrote:
> OK, I'm stumped. I've read through most of the LARTC HOWTO and have yet
> to find a basis for what I need to accomplish.
>=20
> I have a Linux box that controls access to and from the Internet at my
> workplace. We have a number of remote employees that connect via PPTP
> and IPSEC to the office's internal network. Some of these remote
> employees are currently using SIP phones. The problem is occasionally
> the available bandwidth becomes consumed and the VoIP calls (obviously)
> suffer because of this.
>=20
> Configuration:
> eth0 - connected to the internal office
> eth1 - connected to the internet
> pppX - incoming on eth1 connection
> ipsec0 - incoming on eth1 connection
>=20
> My question, how can I set classful htb queuing up so that it's rules
> encompass all traffic on eth1 (including that to and from the ipsec and
> ppp connections) while reserving bandwidth for and prioritizing the SIP
> traffic?
First of all: policing ("shaping" incomming) does not really work as desire=
d.
Not even with RED. The dropping of packets causes to much retransmits, which
will fill up your incomming twice. One could use RED/ECN, but till now i di=
d not
get RED to mark any packets with ECN. However.
Second: look at /etc/protocols or at tcpdump to identify the protocols you=
=20
want to priorize and shape (not police). Use iptables, MARK and the -p opti=
on
for that. Besides, I don't know whether you have more than one static IP. If
you have more, you could set up "aliases" and shape via outgoing/source (an=
d=20
incomming/destination if you really want to police).
--=20
Robert Felber (EDV-Leitung)
Autohaus Erich Kuttendreier=20
Drosselweg 21
81827 Muenchen
Tel: +49 (0) 89 / 453 12-86
Fax: +49 (0) 89 / 453 12-80
PGP: 896CF30B
PGP-Fingerprint: CF36 AA93 9716 63E8 962F 15CC A80E 1A79 BF77 25EA
--AhhlLboLdkugWU4S
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFBa3jUCn+wd4ls8wsRAmbmAJ9Xf5C/1xMJYdnXESXcfnIuQawjCgCffmB+
ct0ur3d4IAm94L8pQ6ve0qY=
=Aq4Q
-----END PGP SIGNATURE-----
--AhhlLboLdkugWU4S--