25.07.2010 19:32, Tim Clewlow пишет:
>
>> Does anyone have a shaping setup that tries to be fair where p2p is
>> concerned,
>> with miminal/no ingress shaping?
>>
>> Thanks.
>>
> .
>
> I use priority base queuing on outgoing connections. dont use any
> kind of bandwidth limiting on incoming as I dont see how that would
> really do anything. I use pf as my firewall on a bsd box, but the
> proiritisations would be the same for any firewall. It works for me,
> I used to have a similar problem with p2p hogging all the outgoing
> bandwidth, now I dont, and p2p still runs fine.
>
> The following is taken from my firewall rules, the higher numbered
> priorities *always* get put ahead of lower priorities.
>
> queue ssh on $ext_if priority 15 priq
> queue dns on $ext_if priority 10 priq
> queue http on $ext_if priority 5 priq
> queue other on $ext_if priority 3 priq
> queue hogs on $ext_if priority 1 priq (default)
>
> First priority goes to ssh, I rarely use it, but I want it first for
> admin purposes. The dns queue is next highest, it is just for dns
> queries (out via port 53) and nothing else, next the http queue is
> for port 80 and 443 so both outgoing http and https traffic is
> covered, finally the other queue is for everything else.
> Additionally, there is a hogs queue that certain LAN IPs get put
> into if they have really been testing my patience :-)
>
> Anyway, that arrangement means web browsing always gets put before
> p2p traffic, ie only bandwidth left after ssh/dns/http/https is
> available for p2p or other traffic of any kind.
>
> HTH, Tim.
>
>
>
>
--
Maxim
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/4C4C7AC5.7060203@ukr.net
No comments:
Post a Comment