Look up wondershaper from http://lartc.org. It gives maximum priority to interactive traffic. It creates a root disc and gives full bandwidth to one handle. The way I see it, you need to create two classes as under: Class 1: rate=max bw, ceil max bandwidth. Class 2: rate=1kb, ceil=max bandwidth. (giving 1 as we cannot 0kb as rate in tc). Route all traffic with ports 500,51,52,47 destination to Class 1. I guess you would also want to allocate bandwidth for incoming ipsec traffic and choke the rest. You can, however, do ingress policing and shape the incoming traffic by shaping the outgoing traffic on your internal network interface. HTH Mohan -----Original Message----- From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Mike Nielsen Sent: Monday, January 20, 2003 12:26 AM To: LARTC Subject: [LARTC] TC + IPsec and a Newbie Hi there, I am just starting out with the TC and iproute2 tools. I have given Bert Hubert's Linux Advanced Routing And Traffic Control Howto a couple of reads but know I don't have a full grasp of concepts yet. My immediate need is to make sure ipsec traffic between two linux firewall/routers is given the greatest priority over all other traffic. In more detail I have a leg of a VPN that is running over ISDN. Previously if someone is surfing the web or god forbid trying to stream audio it throws a wrench into the IPsec works. Aside from blocking the streaming I need a way to make sure IPSec will be given as much preferance over other traffic types as possible. Would someone give me an example of commands I would need to enter into a script, or point me to a location that might have this situation already coded out? Also any other tips you can offer would be greatly appreciated. -- ----------------------------- |\/|ike@GetBent.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
