News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Traffic Shaping
linktree Topic: High priority to port-forwarded service
Pages: [1]
Topic: High priority to port-forwarded service  (Read 2271 times)
« on: November 14, 2007, 12:35:55 »
ukc *
Posts: 5
Hello everyone.
Can you pleas tell me, what is the best way to make high priority to port-forwarded webserver?
I have a webserver inside LAN that accepts connections from World being mapped to one of the ports of m0n0's WAN interface.
I want to give that webserver about 50% of channel width when it is requested.
How should i write appropriate rule?
Should i point IP and port of the actual server or WAN interface and forwarded port of m0n0wall?
Should i create personal pipe for that server? Or can i use one of the "magic wizzard's" "High priority pipes"?
Thank you.

After some experiments i got this rules set:
Code:
$ ipfw show
50000      101      81144 allow ip from 192.168.88.1 to any
50001       82      10867 allow ip from any to 192.168.88.1
50002       26       1964 pipe 3 ip from 195.138.0.0/16 to any via ng0
50003        3       1225 pipe 1 tcp from 192.168.88.75 10280 to any out via ng0
50004        5        732 pipe 2 tcp from any to 192.168.88.75 dst-port 10280 in via ng0
50005      925      40058 queue 3 tcp from any to any iplen 0-80 tcpflags ack out via ng0
50006      362      17149 queue 1 ip from any to any iplen 0-100 out via ng0
50007        0          0 queue 1 udp from any to any dst-port 53 out via ng0
50008        0          0 queue 1 ah from any to any out via ng0
50009        0          0 queue 1 esp from any to any out via ng0
50010       63      81790 queue 1 gre from any to any out via ng0
50011        0          0 queue 2 icmp from any to any out via ng0
50012        0          0 queue 2 tcp from 192.168.88.3 3690 to any out via ng0
50013     3632    4600331 queue 4 ip from any to any out via ng0
50014     2735     120424 queue 8 ip from any to any iplen 0-100 in via ng0
50015        0          0 queue 8 icmp from any to any in via ng0
50016        0          0 queue 8 ah from any to any in via ng0
50017        0          0 queue 8 esp from any to any in via ng0
50018       15       9125 queue 8 gre from any to any in via ng0
50019        0          0 queue 8 tcp from any to 192.168.88.3 dst-port 3690 in via ng0
50020      958    1247035 queue 6 ip from any to any in via ng0
65535 12208033 9639428604 allow ip from any to any
The rules for my service - #50003 and #50004. I tried to access it from the outside and bytes/packets counters incremented.
The rules are test-only, so they put all traffic directly to pipes insted of any queues! But the speed is still low! When 192.168.88.75 (the server) uploading something else, service's speed falling! Why so?
Service is runing on the Windows box, can it be that it's QoS service meddle in?
What is the #65535 rule, is it all-counter?
« Last Edit: November 14, 2007, 13:47:09 by ukc »
« Reply #1 on: November 16, 2007, 22:12:26 »
Max2950 ***
Posts: 120
If you send your traffic directly to pipes the bytes won't be "wheigted". Send them to a queue with weight 50.
Make sur the sum of your weight should not exceed 100.
Hope this helps
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines