Don,
: I want to set up some traffic control and don't know where to start...
I'll copy my own comments from the LARTC FAQ (o-Matic) [0].
[ begin from FAQ ]
In addition to the lartc.org HOWTO itself, I'd suggest some introductory
reading....first my own traffic control overview (and some links to other
documentation):
http://tldp.org/HOWTO/Traffic-Control-HOWTO/
http://tldp.org/HOWTO/Traffic-Control-HOWTO/links.html
An alternative introduction is Leonardo Balliache's pages:
http://opalsoft.net/qos/DS.htm
Werner Almesberger's still relevant implementation overview of 1999
warrants (and rewards) careful study:
http://www.almesberger.net/cv/papers.html
http://www.almesberger.net/cv/papers/tcio8.pdf
Once you have an understanding of the entire traffic control system, the
easiest way to some practical configurations is with the tcng software:
http://tcng.sourceforge.net/
The tcng software reads a structured configuration file, where the "tc"
command line utility is documented in parts of documents all over the
'net.
[ end from FAQ ]
I'd suggest my Traffic Control HOWTO and Werner's pages for you until you have
a rough idea of the entire system. Once you understand the system, head over
to the LARTC site [1] to get some detailed help on what commands to use.
Also never forget that Stef Coene has a large set of pages [2] which detail HTB
and traffic control generally in an excellent fashion.
: (ie: Each user connects to the VPN server then connects netmeeting from
: point to point using the private ip that the poptop pptp vpn assigns
: each client)
Neat idea.
: Netmeeting will use up as much bandwidth as it can. (As I understand
: it)
So will a bulk file download. ;-)
: I want to be able to restrict each vpn tunnel to xk (where xk might be
: 128kbits or less).
You'll probably want to use an HTB tree with a child class where
rate=ceil=128kbit for each of your clients...but you'll probably get some
ideas of your own as you familiarize yourself with the tools.
: I also want to be able to stop users from using any ports on the vpn
: tunnel other than the ones required by netmeeting and port 80.
Use iptables. The iptables tutorial [3] will help you here.
: I have read all about compiling kernels but I still haven't got this
: sused.
This makes no sense to me. What means this verb "sused"? Is that what
happens when an admin leaves, dropping a lousy old crufty SuSe box in your
lap? ( "I've been Sused!" ?? ) In seriousness, though, what
distribution and kernel are you using? It is likely if you have a recent
installation that you have everything you need already (with the possible
exception of an HTB-capable tc).
-Martin
[0] http://www.docum.org/stef.coene/qos/faq/cache/
http://www.docum.org/stef.coene/qos/faq/cache/46.html
[1] http://lartc.org/
http://lartc.org/howto/
[2] http://docum.org/
[3] http://iptables-tutorial.frozentux.net/
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
