On Mon, Oct 11, 2004 at 07:01:57PM -0600, Jamin W. Collins wrote:
> OK, I'm stumped. I've read through most of the LARTC HOWTO and have yet
> to find a basis for what I need to accomplish.
>
> I have a Linux box that controls access to and from the Internet at my
> workplace. We have a number of remote employees that connect via PPTP
> and IPSEC to the office's internal network. Some of these remote
> employees are currently using SIP phones. The problem is occasionally
> the available bandwidth becomes consumed and the VoIP calls (obviously)
> suffer because of this.
>
> Configuration:
> eth0 - connected to the internal office
> eth1 - connected to the internet
> pppX - incoming on eth1 connection
> ipsec0 - incoming on eth1 connection
>
> My question, how can I set classful htb queuing up so that it's rules
> encompass all traffic on eth1 (including that to and from the ipsec and
> ppp connections) while reserving bandwidth for and prioritizing the SIP
> traffic?
First of all: policing ("shaping" incomming) does not really work as desired.
Not even with RED. The dropping of packets causes to much retransmits, which
will fill up your incomming twice. One could use RED/ECN, but till now i did not
get RED to mark any packets with ECN. However.
Second: look at /etc/protocols or at tcpdump to identify the protocols you
want to priorize and shape (not police). Use iptables, MARK and the -p option
for that. Besides, I don't know whether you have more than one static IP. If
you have more, you could set up "aliases" and shape via outgoing/source (and
incomming/destination if you really want to police).
--
Robert Felber (EDV-Leitung)
Autohaus Erich Kuttendreier
Drosselweg 21
81827 Muenchen
Tel: +49 (0) 89 / 453 12-86
Fax: +49 (0) 89 / 453 12-80
PGP: 896CF30B
PGP-Fingerprint: CF36 AA93 9716 63E8 962F 15CC A80E 1A79 BF77 25EA
Attachment:
pgpbGFEjEyRx1.pgp
Description: PGP signature
