[Ilugc] Bandwidth shaping on two interfaces
Mohan Sundaram
mohan.tux at gmail.com
Wed Aug 29 09:59:05 IST 2007
Prasanna David G wrote:
> I didn't want to do with squid as, during peak hours - when traffic shaping
> becomes necessary - lot of people use instant messengers. I need to
> consider all traffic.
1/ You must use squid to mark traffic as connections from squid will all
have src ip of that proxy m/c which is what tc sees.
2/ try ipp2p or l7-filter on the outgoing interface to ISP to mark p2p
and other protocol state/type based packets and then use tc.
3/ I did not notice your q on IMQ. qdiscs for shaping are used for
outgoing traffic. As a rule, outgoing traffic is shaped and incoming
policed. It is enough if you use tc on the ISP facing interface for
outgoing traffic. IMQ is used to shape aggregate of incoming and
outgoing traffic. Does not work well in most cases except for Indian
ISPs who sell bandwidth by aggregate on in+out traffic rather than
symmetric duplex bandwidth like in the US.
4/ In most cases, shaping outgoing is enough unless you've enormous
downloads happening. Downloads happen using http and thus squid is a
good means to control. IMHO, you must use a combo of Squid to mark and
tc to shape traffic on the ISP facing interface. On each LAN facing
interface apply tc based on dst ip to control downloads outside or
inclusive of http.
>
> Meanwhile, I was wondering if anyone in this list did face the same problem
> as mine - that is shaping outgoing traffic on two interfaces. It will be
> helpful to hear from them.
Pretty common n/w config. Your case has only one ISP facing i/f. It gets
very tricky when you get 2xISP facing interfaces leading to DGD,
priorities, load balancing, aggregate shaping etc.
Mohan
More information about the ilugc
mailing list