[ previous ] [ next ] [ threads ]
 From:  Carlo <lists at nethq dot org>
 To:  Eric Shorkey <eshorkey at commonpointservices dot com>
 Cc:  Thomas Hertz <term at cynisk dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Wondershaper
 Date:  Wed, 09 Jun 2004 13:56:49 +0200
Hello Eric,

Eric Shorkey wrote:

>He's already using the traffic shaper to limit his outbound smtp throughput.
>That's not his question. He's asking if queue support was ever implemented.
>The answer is yes. Queue support has been implemented for a while now. It's
>not the easiest thing to set up though. I know the queue support is in as
>early as version 1.0. To configure it, you need to create a pipe with the
>maximum bandwidth you wish to use for all involved queues. (Usually
>something just slightly less than your maximum throughput works well.) Then
>create a queue for each service you wish to have share the pipe. Don't
>forget to create a default queue that matches everything, otherwise you'll
>only be sharing bandwidth between matching services, and nothing else. Set
>your weights as necessary. Remember that every queue is guaranteed
>bandwidth, regardless of it's weight. How much bandwidth is determined by
>its weight vs all the other weights added together. And NEVER set the delay
>to anything higher than 0. Otherwise you'll end up with 2 problems. Your
>packets will be held at the firewall for the value of delay in milliseconds,
>and you'll end up with a very busy firewall when the traffic gets thick and
>you might start dropping packets. I really don't know why we even have the
>delay option in the gui, since all it does is create detrimental effects.
Thank you for your brief explanation, i will try to resolve my issues 
with your advise.

>Is all of this tough to set up? Not really, but you have to know what you're
>doing first, otherwise you'll end up with a bad configuration and you'll get
>unexpected results. It's hard to really gauge where m0n0wall sits on the
>ease of use vs configurability meter. I'd say it sits sort of in the middle,
>maybe leaning a little bit towards more configurability. Honestly, this is a
>bad place to be. It's too hard for the people that just want to plug in a
>box and have it work, and it's too lacking for people with demanding network
>My suggestion to you, Carlo, is go back to wondershaper. Seriously. I'm not
>trying to be mean, but if you don't already understand how to configure
>iptables or ipfw, and don't understand the concepts behind packet shaping,
>and already have a good understanding of ip routing, then m0n0wall is going
>to be too hard to configure correctly. The friendly looking interface to
>m0n0wall makes it seem easier than it really is.

I think my knowledge should be enough to administer m0n0wall on a decent 
level. It is not that i do not want to spend the time on it but that i 
cannot spend to much time into it. I think m0n0wall is a good solution 
for me because it is easy to administer over http with a good and clear 
interface. If i spend the time in reading/learning about traffic shaping 
i am sure i will be able to set it up correctly, but my thinking is that 
maybe the same or similar rule's could be already preconfigured and be 
enabled with a few basic settings just like how wondershaper works. 
Maybe for somebody like you (who knows far more about this subject then 
me) could create it and submit it to the mailing list? I think it would 
be a valuable addition to m0n0wall for unexperienced users.

> Smoothwall might be a good
>choice for you as well. It's pretty easy to set up, though I don't think the
>free version has any packet shaping support. You'd have to look to make
I already purchase 4 soekris boxes, so switching to Smoothwall is out of 
the question.