On Mon, 2015-03-16 at 16:00 +0000, Nick Pelling wrote: > Specifically, I've put in a lot of work trying to get IFB working, but > it seems to be stitched too early in the packet processing chain to be > any use for shaping a WAN interface's downlink traffic. Correct, the packets will hit IFB before you've been able to do anything useful to them such as marking them. If you want to hook into a more useful location, then you can use IMQ, but you'll need to patch your kernel: https://github.com/imq/linuximq/wiki/WhatIs > Are there any higher-level (i.e. device-level) configuration > alternatives to using IFB? The best alternative is to do egress shaping on your LAN device instead. You can use appropriate rules to ensure you're only shaping packets that have originated from the WAN connection. This will have the same effect, although it relies on you forwarding all your traffic, as you can't shape anything that's destined for the localhost. Disclaimer: it's been a while since I played with any of the above, so things may have changed. -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
