The major issue i have is giving incoming priority on VPN clients and
slowing down incoming email traffic (huge).
...
I'm trying the wondershaper as a quick solution also but don't know how
"see if it's working or not"...
I would recommend this script as a better starting point http://digriz.org.uk/jdg-qos-script/
Andy has some other ideas, that perhaps he will post? However, in your case you want to look at the incoming part. At the moment there is an HTB qdisc with an RED queue on it. I found good results by copying that chunk of code and making a 1:22 queue, changing the iptables stuff to filter to that one by default and the original queue only for high priority incoming (perhaps you could even go further and setup lots of incoming for different priorities).
You then just tweak the ipfilter stuff below to apply appropriate fwmark options and then things will end up in the appropriate buckets and be rate limited.
You can use the option "pollbuckets" on this script to see whether it's working or not.
The key point is that it's hard to control incoming. All you can really do is drop packets. However, the *idea* of RED is to proactively drop a few to try and slow rates down before queing starts. It is debatable whether it works and some people think it may work better to avoid the RED altogether...
Of course you can also only queue on an outgoing interface, so you either need to have a bridge/router setup so that stuff for your local net is effectively "going out" on the local net card. Or else you use the IMQ device to act as a kind of device in front of your normal incoming card so that you now have an outbound interface on that (which is effectively inbound to your normal internet facing card) - does that make sense? IMQ is like sticking another device in front of your existing device? Anyway, it does what you want.
Ed W _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
