News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Traffic Shaping
linktree Topic: VLANs and traffic shaping
Pages: [1]
Topic: VLANs and traffic shaping  (Read 5137 times)
« on: April 01, 2008, 13:25:20 »
manspan *
Posts: 10
I'm using m0n0wall for 3-4 months and it's a great firewall by all means!
Now I'm trying to use traffic shaper but I'm missing something because I cannot make it work.
My firewall has a DMZ , a WAN zone and several VLANs.
For demo purposes I just created two pipes:
No.     Bandwidth     Delay     PLR     Queue     Mask     Description
1               48 Kbit/s
2               2000 Kbit/s       

and two rules:
If           Proto     Source        Destination     Target     Description        
WAN<->       *         DMZ net              *            2000 Kbit/s
WAN<->       *         VLAN10 net      *          48 Kbit/s 

with the above configuration I'm trying to slow down in-out traffic to VLAN10,
giving only 48Kbit/s of my bandwith. When I try to download a file from VLAN10
I get speeds up to 75 KB/s. What is wrong? Please help.
         
« Reply #1 on: April 02, 2008, 00:08:14 »
SlickNetAaron *
Posts: 44
I'm not an expert, but I'm pretty sure you only have half of the solution you need.

You only have pipes and rules setup for upload.  (Source DMZ or VLAN) to destination WAN.  If you try uploading this will limit to 48k from your VLAN.

In order to complete the other half, you will need an incoming pipe and rule for incoming traffic.

I would suggest running the traffic shaper wizard with as few options as possible to get a better handle on how the shaper works.

Regards,
Aaron
« Reply #2 on: April 02, 2008, 07:54:56 »
manspan *
Posts: 10
Thanks for the reply Aaron.
The thing is that in my two rules I've set the "Direction" to "any".
So, I suppose that I have the incoming and the outgoing rule for each interface in the
"package" of one rule. Am I right?

Manolis
« Reply #3 on: April 02, 2008, 10:55:57 »
manspan *
Posts: 10
I finally did it, Aaron you were right. I've added seperate rules for incoming and outgoing traffic (using queues with 100% weight) :

      If      Proto   Source   Destination        Target                      Description
WAN -->   *          *            DMZ net     2000 Kbp/s queue   
WAN -->   *          *         VLAN10 net   48 Kbp/s queue   
WAN <--   *     DMZ net            *           2000 Kbp/s queue   
WAN <--   *     VLAN10 net       *           48 Kbp/s queue   

Case solved. Cheesy
« Reply #4 on: April 02, 2008, 18:11:30 »
SlickNetAaron *
Posts: 44
Glad I could help Smiley
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines