> Hi Joe, > > I see no real reason giving the servers real IP addresses, you're better > keeping the NAT and forward the ports to the private address. > If you have more than one mail server, you can map diffrent public IP > address > to a diffrent private address. this will also keep your servers safe... > Agreed this is of course the best way to secure lots of servers. And if you like the look of "wrr" as a qdisc, (and it does seem to have some very advanced features - such as the ability to "spot" large downloads and automatically decrease the available bandwidth for that connection for the duration of the download - although I could be wrong in my understanding of this) , then you can still use this qdisc with a NATing router, so have a look at their site anyway. The suggestion of a bridge was intended as a simple "no fuss" solution which can easily be bypassed in times of need - such as component failure - by simply taking the cable out of the bridge and plopping it straight back in the router. I was of course assuming that your "friends" would take care of their own security, thus removing the burden of you even telling them about the traffic shaping as well as preventing you from having to manage all their port forwarding requirements. I'm sure the whole business of traffic shaping is far too complicated for any one answer to be correct even one percent of the time so I accept that this answer may be useless for you. Good luck! Leigh > Cheers, > > Shay Bosse > System Administrator > PointMatch Ltd. http://www.pointmatch.com > > > ----- Original Message ----- > From: "Joe" <ox_in@xxxxxxx> > To: <rio@xxxxxxxxx>; <lartc@xxxxxxxxxxxxxxx> > Sent: Wednesday, June 25, 2003 5:10 PM > Subject: Re: [LARTC] Linux router and Bandwidth control > > >> Hello Martin, >> >> Currently i am using this configuration. >> >> In future they may run mail server then i have to go for new configuration >> where i have to give them the public ip address. >> >> Thanks >> Sathyan >> >> If you put your friends in NAT (Private IP), no problem .. >> They have webserver, all you have to do is forward packets going to port > 80 >> to private ip:80 >> Further more read iptables-howto >> >> Regards, >> Rio Martin. >> >> >> >> Original Message: >> ----------------- >> From: Joe ox_in@xxxxxxx >> Date: Wed, 25 Jun 2003 17:51:51 +0530 >> To: lartc@xxxxxxxxxxxxxxx >> Subject: [LARTC] Linux router and Bandwidth control >> >> >> Hello All, >> >> I have 1.5Mbits Backbone connection with 16 public ip address. >> >> I like to provide share my connection with someother my friends how will >> have public ip addess. >> >> So i wanted to configre linux router with bandwidth controll for my > friends >> connection. >> >> Actully i tried with single interface in linux and CBQ but it does not >> controll. >> >> I should do not use NAT as my friends are running web servers. >> >> Is it possible to configure in linux.or some links to configure this >> >> Advance thanks >> Joe >> >> >> _______________________________________________ >> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx >> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >> >> -------------------------------------------------------------------- >> mail2web - Check your email from the web at >> http://mail2web.com/ . >> >> >> _______________________________________________ >> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx >> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >> >> >> >> _______________________________________________ >> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx >> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >> >> > > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >