On Mon, 7 Aug 2006 14:42:42 -0400, you wrote:
>This fellow said the reason he thought WAN should be used (rather then the
>LAN side) was that the speed on the WAN side (1.5 Mb from my dsl) was much
>slower then the LAN side (100 Mbs). The speed on the WAN side is much more
>constrained on the WAN side to start with he said.
>I assume Monowall must have an easier time of traffic shaping since the
>speed on the WAN side is slower?
If all the packets involved transverse the DSL link then it does not matter. The
traffic shaper will be handling each packet once either way.
With my older configuration one issue that did come up was traffic from my LAN
side to any interface other then WAN. Maybe this is what the fellow was
thinking of. In my case it was not a big deal since the other interface was
limited to 10 Mb/s half duplex anyway and adding a special rule to limit its
subnet to 4 Mb/s and bypass my WAN queues actually improved performance do to
fewer collisions. With a switched 100 Mb/s network this would not usually be a
consideration and the cpu load from the traffic shaper could be considerable.
As I posted before, I was not able to get WAN based outgoing rules to work
correctly so had no choice but to place them on the LAN interface. Currently my
Monowall system is being used as a backup but I may run some tests to see if the
situation has changed.