This is TikiWiki 1.9.2 -Sirius- © 2002–2005 by the Tiki community Thu 19 of Jan, 2006 [07:32]

MasterShaper on a Linux-Bridge

Shaping on a Bridge
(cached)		 refresh print
This howto assumes a bridge between a Cisco router (WAN) and a ethernet network switch. One interface is attached to the Cisco router via a cross cable. The other bridge interface is connected to the network switch. Little Packets and SSH should get high priorities. HTTP and HTTPS should only get a maximum bandwidth from 1024kbit/s. All other traffic is absolutly low priority and can only consome max. 1536kbit/s.

This howto will not contain any information howto setup the bridge itself. It assumes that this work is already done. If you need informations on howto setup a bridge check out the linux bridge homepage at http://linux-net.osdl.org/index.php/Bridgeexternal link.




    • Inbound Bandwidth: 2048kbit/s
    • Outbound Bandwidth: 2048kbit/s

    • eth0 as Incoming Interface
    • eth1 as Outgoing Interface

    • Select no for "IMQ"
    • Select "Bridge" for "Mode"

  • Now we create the service levels:

    • Name "Highest Priority"
      • In-Bandwidth: 32kbit/s
      • Out-Bandwidth: 32kbit/s
      • Priority: Highest (1)

    • Name "High Priority"
      • In-Bandwidth: 128kbit/s
      • Out-Bandwidth: 128kbit/s
      • Priority: High (2)

    • Name "Normal Traffic"
      • In-Bandwidth: 128kbit/s
      • In-Bandwidth? Ceil: 1024kbit/s
      • Out-Bandwidth: 128kbit/s
      • Out-Bandwidth? Ceil: 1024kbit/s
      • Priority: Normal (3)

    • Name "Low Priority"
      • In-Bandwidth: 128kbit/s
      • In-Bandwidth? Ceil: 1536kbit/s
      • Out-Bandwidth: 128kbit/s
      • Out-Bandwidth? Ceil: 1536kbit/s
      • Priority: Low (4)

    • Name "WAN Speed"
      • In-Bandwidth: 2048kbit/s
      • Out-Bandwidth: 2048kbit/s
      • Priority: Ignore

  • Now we create the filter definitions (this assumes that you let MasterShaper Installer prefill protocol & port informations. If not add them manually first):

    • Name "HTTP & HTTPS"
      • Protocols: TCP
      • Ports: http & https

    • Name "SSH"
      • Protocols: TCP
      • Ports: SSH

    • Name "ICMP"
      • Protocols: ICMP

  • Now go back to the MasterShaper Options View and select the service level "Highest Priority" for the "ACK Packets" option.

  • Create a new chain "WAN"
    • As service level specify "WAN Speed"
    • As fallback service level specify "Low Priority"
    • Leave targets on any & any for both directions.

  • Now we create the pipes definitions:

    • Name "Ping"
      • Chain "WAN"
      • Direction "<->"
      • Select the "ICMP" filter
      • Select service level "Highest Priority"

    • Name "Remote Console"
      • Chain "WAN"
      • Direction "<->"
      • Select the "SSH" filter
      • Select service level "High Priority"

    • Name "Web Traffic"
      • Chain "WAN"
      • Direction "<->"
      • Select the "HTTP & HTTPS" filter
      • Select service level "Normal Traffic"

  • Create a new Target:

    • Name "LAN"
      • Match IP: 192.168.1.0/24

  • Go back to the chains view on create a new chain to ensure internal LAN traffic will not be touched by the shaping ruleset:

    • Name "LAN"
      • Service Level "Ignore" (Fallback service gets irrelevant with this option)
      • Target select "LAN" <-> "LAN".

  • Go to the Overview Site and move the "LAN"-Chain over the "WAN"-Chain with the arrows. So the LAN will match first before the "any" <-> "any" match.

  • Load the ruleset.

That's all.

See also

Created by: unki last modification: Saturday 03 of December, 2005 [01:16:37] by unki

similar
slides
Powered by TikiWiki Powered by PHP Powered by Smarty Powered by ADOdb Made with CSS Powered by RDF
RSS Wiki
[ Execution time: 0.24 secs ]   [ Memory usage: 6.30MB ]   [ 27 database queries used ]   [ GZIP Enabled ]   [ Server load: ? ]