[ previous ] [ next ] [ threads ]
 
 From:  "Eric Shorkey" <eshorkey at commonpointservices dot com>
 To:  "Adam Nellemann" <adam at nellemann dot nu>, "Joey Morin" <joeymorin at alumni dot uwaterloo dot ca>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Wondershaper
 Date:  Wed, 9 Jun 2004 11:39:36 -0400
This one time, at band camp, I answered an email for Joey. ;)

You have to bind your shaper rules to an interface. It really doesn't matter
which so long as the traffic you wish to shape passes through that interface
at some point. Looks like Joey picked the lan interface. That's really all
there is to it.


----- Original Message ----- 
From: "Adam Nellemann" <adam at nellemann dot nu>
To: "Joey Morin" <joeymorin at alumni dot uwaterloo dot ca>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, June 09, 2004 11:25 AM
Subject: Re: [m0n0wall] Wondershaper


> Hi Joey,
>
> Just currious (always wanting to learn more about the shaper): Is
> there any particular reason why you are shaping on the LAN interface?
> (I would have thought WAN would be the obvious choice, but..?)
>
> Adam.
>
>
> Joey Morin wrote:
>
> > This one time, at band camp, Carlo said:
> >
> >
> >>I think my knowledge should be enough to administer m0n0wall on a decent
> >>level. It is not that i do not want to spend the time on it but that i
> >>cannot spend to much time into it. I think m0n0wall is a good solution
> >>for me because it is easy to administer over http with a good and clear
> >>interface. If i spend the time in reading/learning about traffic shaping
> >>i am sure i will be able to set it up correctly, but my thinking is that
> >>maybe the same or similar rule's could be already preconfigured and be
> >>enabled with a few basic settings just like how wondershaper works.
> >>Maybe for somebody like you (who knows far more about this subject then
> >>me) could create it and submit it to the mailing list? I think it would
> >>be a valuable addition to m0n0wall for unexperienced users.
> >
> >
> > it's not as hard as you may think.  i've got 680Kbps upstream, and
> > 2.64Mbps downstream.  the shaping rules below allow both upstream and
> > downstream to be *completely* saturated, while still allowing my ssh
> > session to take keystrokes and echo replies with virtually no
perceptible
> > delay.  and all that on a 486DX/33 w/ 32MB m0n0!
> >
> > it's a lot of xml, but it defines just one pipe, 4 queues, and 8 rules.
> > backup your existing config, then edit the .xml file and the excerpt
below
> > as a replacement for your own <shaper></shaper> section (making a backup
> > copy of your own!), then restore from this new config.  it'll take a
> > reboot, but then go into traffic shaper.  all you should need to do is
> > change the bandwith of the pipe to match your upstream speed.  you
should
> > also get a better sense of how the traffic shaper works.
> >
> > i can't take credit for this ruleset.  that goes to my brother klode (an
> > off-lister).
> >
> > jj
> >
> > -----begin-excerpt-----
> >   <shaper>
> >     <pipe>
> >       <bandwidth>677</bandwidth>
> >       <descr>upstream pipe</descr>
> >     </pipe>
> >     <queue>
> >       <targetpipe>0</targetpipe>
> >       <weight>90</weight>
> >       <descr>high priority</descr>
> >     </queue>
> >     <queue>
> >       <targetpipe>0</targetpipe>
> >       <weight>1</weight>
> >       <descr>lowest priority</descr>
> >     </queue>
> >     <queue>
> >       <targetpipe>0</targetpipe>
> >       <weight>80</weight>
> >       <descr>mid-high priority</descr>
> >     </queue>
> >     <queue>
> >       <targetpipe>0</targetpipe>
> >       <weight>20</weight>
> >       <descr>low priority</descr>
> >     </queue>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>tcp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen>0-80</iplen>
> >       <tcpflags>ack</tcpflags>
> >       <descr>ACK-only: highest priority</descr>
> >       <targetqueue>0</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>tcp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags>syn</tcpflags>
> >       <descr>SYN: highest priority</descr>
> >       <targetqueue>0</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>udp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >         <port>53</port>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags/>
> >       <descr>DNS lookups: highest priority</descr>
> >       <targetqueue>0</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>icmp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags/>
> >       <descr>ICMP: highest priority</descr>
> >       <targetqueue>0</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>tcp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >         <port>22</port>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen>0-110</iplen>
> >       <tcpflags/>
> >       <descr>ssh keystrokes: highest priority</descr>
> >       <targetqueue>0</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>tcp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >         <port>21</port>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags/>
> >       <descr>FTP data has low priority</descr>
> >       <targetqueue>3</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <protocol>tcp</protocol>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >         <port>6881-6889</port>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags/>
> >       <descr>BitTorrent has lowest priority</descr>
> >       <targetqueue>1</targetqueue>
> >     </rule>
> >     <rule>
> >       <interface>lan</interface>
> >       <source>
> >         <any/>
> >       </source>
> >       <destination>
> >         <any/>
> >       </destination>
> >       <direction>in</direction>
> >       <iplen/>
> >       <tcpflags/>
> >       <descr>all other packets have mid-high priority</descr>
> >       <targetqueue>2</targetqueue>
> >     </rule>
> >     <enable/>
> >   </shaper>
> > -----end-excerpt-----
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>