On Friday 25 April 2003 17:06, D de Boer wrote: > My situation is as follows: > > pc1 pc2 > \ / > \ / > hub (LAN) -----eth0_firewall_eth1-----modem-----internet > / \ | > / \ 192.168.0.1 > pc3 pc4 > > pc1: 192.168.0.2 > pc2: 192.168.0.3 > pc3: 192.168.0.4 > pc4: 192.168.0.5 > > I want to divide my upload speed (512kbps) evenly amongst pc1, pc2, pc3 and > pc4. It should be possible for them to borrow bandwidth from the others > when they don't use their share fully. I've done quite some reading, and my > kernel is properly compiled. For instance the SFQ class does work. I have > been playing around with HTB, but I can't get it to work properly. > > What basic HTB setup would I need? Which eth device (1 or 2) should I do > the shaping on, if I want to shape the outgoing traffic (I want to divide > upload stream from LAN to internet after all)? If you add a htb qdisc to eth0, it will shape all traffic leaving eth0. > What I came up with myself is to have 4 classes (apart from the root > class): one for every pc, and then use tc filters to match the packets > coming from 192.168.0.2 to class 1, those from 192.168.0.3 to class 2, etc. > How should I do this? Or is there an easier way? Indeed, you need 4 classes. > Could the ip masquerading in my firewall pose a problem? At the moment the > firewall configuration is very simple and looks like this: > iptables --table nat --append POSTROUTING --out-interface eth0 -j > MASQUERADE iptables --append FORWARD --in-interface eth1 -j ACCEPT It will cause problems if you want to shape upload traffic. Upload traffic leaves eth1 so the source address is rewritten to that of the firewall. You can solve this by marking the packets when they are entering the firewall and use that mark when they leave the firewall. You need the fw filter for this. I have some extra information about shaping on www.docum.org. Stef -- stef.coene@xxxxxxxxx "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net