[ previous ] [ next ] [ threads ]
 
 From:  Frederick Page <fpage at thebetteros dot oche dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Traffic Shaper and PPP headers
 Date:  Sat, 7 Aug 2004 04:45:27 +0200
Hi everybody,

please bear with me: before m0n0wall on Soekris net4801 I had a
(Debian) Linux Box which acted as gateway, firewall, did NAT, etc. The
box had two interfaces, eth0 (internal) and eth1 (external to
DSL-modem).

When I used "iptraf" (Network Monitoring Tool) I always saw "non-IP"
on interface eth1 (external). All other interfaces (ppp0, lo and eth0)
showed correct TCP, UDP, ICMP, etc. This was because the PPPoE driver
added 8 byte PPP header to the outgoing packets on the external
interface and the monitoring tools just saw "non-IP".

Could this be the reason, that Traffic Shaper does absolutely NOT work
here? Regardless of the setting, enabling the shaper makes all
transfers (up- and download) drop a stunning 60%. Just switching if
off again and everything returns to normal within seconds.

It does not matter, whether I use the "Magic Shaper" or just enable
the rules according to FAQ (prioritize small ACKs).


If the shaper "sees" the external NIC sis0, it would at least explain,
why it doesn't work with PPPoE. Proposal to the developers: if a user
chooses "PPPoE", make m0n0wall see tun0 as the external interface,
NOT the real NIC, which carries the PPP-headers and makes the traffic
unrecognizable for packet-filters and/or network-monitors. I also
notice strange packet-drops of wanted traffic, so I guess these issues
will also disappear when m0n0wall recognizes tun0 as external
interface for PPPoE users.

Firewall-examples for *BSD always show the tun Device as the external
one, I guess it must be for exactly the given reasons?

Any thoughts?

Kind regards from Aachen (Germany)

Frederick Page