On Tue, 2004-06-22 at 12:01, Ed Wildgoose wrote: > Ralf Staudemeyer wrote: > > >On Tue, 2004-06-22 at 07:20, Ed Wildgoose wrote: > > > > > > > >>The other stuff is easily possible, but for the number of users that you > >>have you are going to need to invest some time to write some scripts to > >>handle mapping users to MAC addresses and make the whole thing > >>maintainable. There was another post only hours ago from at least one > >>other person who you might contact to see if they will share some stuff. > >> > >> > >> > >I wanted to avoid to do that MAC/IP-mapping. Some users have notebooks, > >some will change their working place and some will buy new hardware they > >want to connect to the network. This is not maintainable. Also I really > >do not want to know want the users do with their bandwidth. I just want > >to assure that things go fair and everyone can work with the network. > > > > > > Well, in that case your problem gets easy really easy. Just pick up one > of the prioritisation scripts - I like this one: > > http://www.digriz.org.uk/jdg-qos-script/ > > Then read the LARTC doc so you know what it's doing. At that should be you up and running. > > What you will be doing is just classifying traffic based on it's type and ignoring the source, etc completely. > It is not such easy since there is still the prioritisation problem. There are user groups who should not use p2p-traffic (public accessible machines for only surfing and email), some need some extra bandwidth (mirrors, powerusers), some need low latency for their Voice-over-IP or videoconferencing ... things like that. It is quite easy to group them to five groups. But I do not know how I should make sure that someone reconfigures the IP of a public accessible machine to get some extra rights. I thought to filter this with some transparent bridgewalls. But this makes it impossible to move with a machine of a higher prioritisation a subnet of lower prioritisation. The bridgewall will, and should, discard the packages. Even if I would start collecting MAC addresses it would be still quite easy to sniff the MAC/IP pair (isn´t it?). The script looks very promising. _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
