Mandi! Philip Prindeville In chel di` si favelave... > > 1st: Address the fact that you can only effectively rate limit what you send. So, change the problem so that you rate limit what is sent to your router. I would do this by having the incoming connection go into a Network Namespace and a new virtual connection to the main part of the router. This Network Namespace can then easily rate limit what it sends to the main part of the router, on a single interface. > This is the same problem that ifb solves, right? > I’m not sure I want to assume that Namespaces are available in all scenarios. Interesting... i've found: https://blog.scottlowe.org/2013/09/04/introducing-linux-network-namespaces/ and i've not understood how can i 'link' phisical interfaces with vethX. Using bond? But after that, i need to use ebtales? ifbX interfaces are very limited by not having connection tracking, having some 'real' interfaces would be a must! -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
