Hi all! We are a small ISP in Sweden. We have built a radiobased network and shares 2Mbit full duplex among roughly 50 users. (so far..) To ensure a good quality of service we are today running CBQ on a central machine in our network. I'm not sure it works the way we want though and have a couple of questions that maybe some of you alread know and can help me/us with. First of all, this is what we want (in network priority order): 1: SSH - to be realtime always. 2: HTTP to be fast, always. 3-> ftp, direct-connect, kazaa and others to be throttled to X bandwidh per IP.. (or not disturb http and ssh and use real fair quing.. ) So, what we did was to set up a bunch of CBQ scripts. Defined a SSH class and gave it prio 1. Defined a http class and gave it prio 2 all other prio 7. This looked like a fine idea but we experienced that ssh and http suffers when the "other" class gets chunked. So, the Fair Quing algorithm does not seem to work. (SFQ). The other class borrows bandwith from http and ssh classes and those gets chunked to.. So, our solution was to set up a incoming and outgoing class for each IP in our network. (kind of a mess..) A first question then: Is there a way of defining a class that basicly says: " each and every ip in this class shall have X bandwidth and nothing more" ? (or do we need to define bounded classes for each and every customer ? ) Next: Is there a way of having multiple classes that could trigger on the same packet ? (and control witch class will get it) ? Ex: We have a customer that has bought X bandwidh. So, we define a class on that IP thats bounded to X bandwidh. This, however shall not be the case if the packet is a ssh packet. Then it shall never end up in the customer class at all and instead end up in the high prio ssh class ?? I guess the question ends up with, Is there a way of having multiple classes/rules and the first class/rule that triggers on the packet will get it ? Somewhat like in ipchains .. ? And since I'm up to speed... If everything gets chunked, we start experience packet loss.. I guess that's quite normal. We have however a 2Mbit connection to the Internet. What happens if we do, as we have done now, and defines the interface to 2Mbit and then defines a lot of classes of 256Kbit (more then 2Mbit total) .. Will CBQ send more load then 2Mbit to the internet connection (and thereby make other classes like http to go slow..) ?? Anyone out there that has some input to us ? Best Regards / Paul