Jeff, [I rearranged your question a bit.] : Can I do this? If possible, can someone please give explicit details. Yes. In order to help you more, we'd need to know IP addresses, and also a bit more about why you think you need to add more NICs. Depending on what your answer is to that question, we can make a recommendation on whether you should simply use tc/fwmark with your existing hardware configuration to perform your traffic control or whether you really need to have more physical devices. : I have 2 machines (A & B) behind a Linux Firewall (FW). : I have 2 ethernet cards on the FW - eth0 talks to the internet, eth1 talks : to machines A & B. : Machine A has lots of inbound & outbound traffic while machine B doesn't. : It seems reasonable that I could add 2 new ethernet cards (eth2 & eth3) to : the FW and by configuring iptables and/or routing tables force traffic on A : to be handled by eth0/eth1 and traffic for B to be handled by eth2/eth3. If you are looking at reserving a certain amount of bandwidth for machine B while still allowing machine A the lion's share of the bandwidth, you are looking at a simple HTB setup on your eth0. I'd recommend reading up on HTB, queuing and so forth on the following sites for documentation: http://lartc.org/howto/ # -- broad docs on linux traffic control http://www.docum.org/ # -- more hands on docs (and intro) HTB software: http://luxik.cdi.cz/~devik/qos/htb/ In short, you can use "tc filter" to select based on fwmark, source address, destination address, and a number of other criteria. This will allow you to place traffic from machine A or machine B into a particular class, thus reserving bandwidth for each one. Is that what you were looking for? Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
