Hi, Thanks for the response, Ed. It seems I have not been clear enough. Forget about frottle, currently the problem is much simpler. I have two NICs in a bridge (which is router's LAN interface) and another NIC which is the WAN. The upstream can be easily controlled with an egress qdisc set on WAN interface, so this is not an issue. Problems arise when trying to control downstream to LAN users, because now these stream originate from two sepearate NICs (qdisc's are attached to physical interfaces, as far as I know I cannot attach egress qdisc to a bridge device). As far as I see there are 2 possible ways: 1. To create sepearate qdiscs/classes with appropriate filters attached to the two LAN NICs 2. Virtually bond* together trafic going out of these two NICs with the help of an IMQ device, and then set qdiscs/classes filters for the IMQ device. (* I use bond as a word with general meaning, not the bonding device) Solution 1 is suboptimal, because I have to dedicate a certain amount of bandwidth to LAN NIC1 and the rest to LAN NIC2 - no sharing between would be possible. Solution 2 seems to be better (and in fact it works quite well right now). I have compiled IMQ as a module (with NAT patch). I have also compiled ip_queue as a module. Problem is that when imq module is loaded, you can not load the ip_queue module and v.v. >For iptables patches you really want to post to the iptables guys I should think? You are absolutely right, I'm in the wrong mail list here, but never the less, some one may suggest a better configuration that deals with such situations w/o IMQ. M. Stavrev > >To be able to serve them in a >>predetermined, controlled fashion I want to put all traffic that goes >>out of eighter LAN NIC into IMQ device and impose QoS policy on top of >>it. This will allow to use in the most efficient manner all available >>WAN bandwidth. >> >Perhaps I misunderstand, but for outoing on the WAN interface you can >attach stuff directly. For incoming you can use iptables to direct it >to the IMQ device. >Are you saying that using iptables on the WAN interface to direct stuff >to IMQ then causes problems if you use iptables on the wireless >interface (to direct to frottle)? I would have thought you have a clear >partition on when to use each redirection? >If not, then with some limitations you can of course attach qdiscs to >the outbound on each of the wireless and wired interfaces. This makes >it harder to limit inoming bandwidth, but may be sufficient in some >circumstances. >If you have simple incoming requirements you could also look at GRED >which can be attached to the incoming interface, and has multiple >queues. See >http://www.opalsoft.net/qos/DS-27.htm >For iptables patches you really want to post to the iptables guys I >should think? >Ed W _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
