Hi Martin, You have explained it so well that it is very clear now. I am trying to do something similar on our linux firewall machines which connect to the internet. I have few questions regarding this. > > Let's try this with a little diagram: > > +---------------+ > Internet --| wan0 eth0 |-- private network > +---------------+ > qdisc here qdisc here > will shape will shape > traffic sent traffic sent > to Internet from Internet > > > So, shape your "upload" traffic on wan0 (ACKs, maybe the packets with a > TCP source port of 25 from your internal mailserver). > Here one could use plain htb qdisc (without imq) to shape the outgoing (upload) traffic. > Shape the "download" traffic on eth0. Here you have the opportunity of > deliberately delaying the traffic before it reaches the client in the > private network. > Now for shaping "download" ( means effectively incoming) traffic on eth0 one would need to use IMQ. Because it is not really possible to schedule the incoming traffic without simulating it as being transmitted from IMQ device. It will not be possible to use just plain htb qdisc without ImQ to shape incoming traffic, is that correct? Also, even with IMQ you cannot face situations such as flooding. If that happens with incoming traffic then the imq is useless. Is that correct? What would be other ways(other than imq) to shape incoming traffic on eth0? (I am planning to take a look at tcng) Thanks a lot. Madhuri > Once again, I would like to recommend tcng [3]. If you are not yet > familiar with the linux traffic control subsystem, you may (will) find > tcng considerably more approachable than the raw tc commands. I have > written a crash course in using tcng with HTB [4], which should provide > you enough detail to get started with tcng. > > Best of luck, > > -Martin > > * ...although clever people have found a way around this rule, by creating > a device which allows us to simulate packet transmission on inbound > traffic. See my note on IMQ above. > > [1] http://mailman.ds9a.nl/pipermail/lartc/2003q3/009616.html > [2] http://trash.net/~kaber/imq/ > [3] http://tcng.sourceforge.net/ > [4] http://tldp.org/HOWTO/Traffic-Control-tcng-HTB-HOWTO/ > > -- > Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >
