[sllug-members]: DHCP Configuration - Ultimately to be a traffic shaper

Nathan Lane [yho] nathanderweiser at yahoo.com
Mon Dec 11 09:22:29 MST 2006 

Thank you Knight!  That is what I'm looking for I think.  I've been avoiding an GUI systems.  I want a server, really, that will do my traffic shaping.  I just need help configuring it.  Now my new current situation is that I have tried to bridge the two nics on my server with brctl and I'm trying to apply traffic shaping now.  I don't know if this is the correct thing to do.  Anyway thanks for not sending me off to look at some piece of hardware I should buy.  That's not what we want, and we know that Linux supports traffic shaping.  So we want to do it that way, easy or not.  That doesn't matter, and I'm not looking for a one size fits all solution.  We will take care of the nitty gritty.  Last week I learned more about how to successfully use tc, and I'm understanding it more, but I'm just not getting the abstract.  Here is essentially our layout:

|Internet|---|Firewall|---|Traffic Shaper|---|LAN|{This serves DHCP and DNS along with other services}

So I don't know if bridging my nics was correct, any thoughts?

Thank you,

Nathan

Knight Walker <kwalker at kobran.org> wrote: On Tue, 2006-12-05 at 14:32 -0800, Nathan Lane [yho] wrote:
> we have decided that we don't want to do that.  The reason is that our
> network is so unique that the last appliance we used wouldn't
> configure corectly and did things like slow our gigabit network to 14
> kbps, cause timeouts on our website, and timeouts on our client sites.
> This is why we have concluded to use debian or red hat to shape our
> traffic using any of the available tools.  The problem is that I'm the
> "guru" and even I'm not exactly sure about how to do it.  I have the
> necessary tools I believe: iproute2, iptables, tcng, and others.  I
> know I probably only need one.  But anyway.  I'd like to know how to
> do it.  My company would like me to know how to do it, and so far
> everything short of Barnes and NOble has failed, just because I
> haven't tried them yet.  I just though someone on here would have some
> tips or experience in this realm of Linux.

Because of a "unique" situation with my ISP, I decided to do something
about traffic shaping a few years ago.  I went to TLDP ( www.tldp.org )
and began reading the "Linux Advanced Routing & Traffic Control
HOWTO" ( http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/ ) and after many
moons and several failed attempts, I discovered "The Ultimate Traffic
Conditioner: Low Latency, Fast Up & Downloads"
( http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.ultimate-tc.html )
I chose the HTB script (Section 15.8.3 toward the bottom of the page) as
it was reported to be as good as the CBQ method above it but use less
resources.  It is a newer method, introduced around kernel 2.4.18 IIRC,
but as long as you're running a non-ancient kernel (I consider anything
older than 2.4.20 or 2.6.13 to be ancient) it should work.  It took some
tweaking, and I've since made changes to it, but it worked pretty much
as advertised.  It uses the 'tc' command which on my systems is part of
the iproute (2.6.16) package.  It integrates well with my iptables
firewall (i.e they both work without causing problems for the other),
and it doesn't tax the firewall system.

I don't usually recommend TLDP to many people, since they usually want
some GUI tool to do the work for them, but for those who want to grok
the nuances and improve their skill set, it's a prime place to look.
Most of the HOWTOs are distro agnostic and let you get elbow-deep into
the system so you can actually learn about it.

-KW

______________________________________________________________________
See http://www.sllug.org/ for latest SLLUG news, information, links.
Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
sllug-members at sllug.org
http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members


 
---------------------------------
Need a quick answer? Get one in minutes from people who know. Ask your question on Yahoo! Answers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://sllug.org/pipermail/sllug-members/attachments/20061211/514978bd/attachment.htm

More information about the sllug-members mailing list