David Boreham wrote:
The advice you received is pretty good.
Avoid ingress shaping at all costs, and
you don't need it anyway for your situation.
Use egress shaping on both your internal and
external interfaces.
Traffic coming IN to your network gets shaped
as egress traffic on the LAN interface.
Traffic going OUT from your network gets
shaped as egress traffic on the WAN interface.
So all shaping is egress, but you're able to
shape in both directions by always delaying
packets as they are SENT by your router.
Think of it this way : all you can really do is
delay sending packets (or ultimately drop them
which is the same as infinitely delaying).
Packets arrive when they arrive, you have no
control over that. This is why shaping has to be
done on egress traffic -- it's the only lever you have
to pull on.
Thank you! This is the first explanation that has actually made sense to
me. Before I had a vague idea of what was being said.
I do have one question though. On the egress shaping on eth1 (LAN
interface), when using iptables I should do everything in the
POSTROUTING chain correct? That way it gets routed to the proper LAN
node and still gets shaped, correct? If thats the case, I can have a
setup working in no time (I hope).
Many thanks,
Vadtec
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
