wiki:TrafficShaping

Traffic Shaping

Initial setup

Make sure that Vuurmuur knows the location of the 'tc' binary. To do this in vuurmuur_conf go to 'Vuurmuur Config -> General' and set the 'Tc location'.

Interfaces

Enable shaping for every interface you want to use the traffic shaping on. Set the bandwidth of the interfaces you want to use shaping on. Currently (0.6rc1) you can only use shaping with real (non-virtual) interfaces. Go to a interface and press F6. There the bandwidth of the interface can be entered in 'kbit' or 'mbit'. If you have a 100mbit connection, set 100mbit here. This setting is not used to limit the speed, so just set the maximum. The shaping rules depend on this setting being correct.

Rules

In the rules the shaping settings are further defined. Shaping in Vuurmuur is integrated with the existing rules. To setup shaping for a certain rule go edit the rule and then press F6. Here you can set 5 settings:

  • Incoming guaranteed rate: this the bandwidth per second that is reserved for this rule in the direction from destination to source. The bandwidth is used by other rules if this rule doesn't (fully) use it.
  • Incoming maximum rate: the maximum speed a rule can use.
  • Outgoing guaranteed rate: this the bandwidth per second that is reserved for this rule in the direction from source to destination. The bandwidth is used by other rules if this rule doesn't (fully) use it.
  • Outgoing maximum rate: the maximum speed a rule can use.
  • Priority: the priority of the traffic. Default traffic has priority 3.

The speed can be set in 'kbps' (kilobyte per second), 'mbps' (megabyte per second), 'kbit' (kilobit per second) and 'mbit' (megabit per second).

Vuurmuur rule shaping settings

More info

See these posts for more info:

Troubleshooting

(this is merely brainstorming right now -- has to be done on a separate page later!) Work through this part step by step!

  • Do the shaping basics work on your machine? First enable shaping for your network interfaces and specify the available bandwidth. (do not forget to reload/F11) check the output of 'tc qdisc show'
    • worst:
      tc: command not found
      -> install tc command on your distribution (package iproute on Debian)
    • bad:
      qdisc pfifo_fast 0: dev eth0 root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
      -> fix this by checking for error messages in the output of vuurmuur -b and fixing them
    • good:
      qdisc htb 3: dev eth0 r2q 10 default 6 direct_packets_stat 1
      qdisc sfq 6: dev eth0 parent 3:6 limit 128p quantum 1514b perturb 10sec
      -> shaping basics are set up correctly, tc is found by vuurmuur and shaping should just work fine!
  • Set up basic shaping rules that you are able to verify (with wget for example).
  • (TBD)
Last modified 10 years ago Last modified on 04/04/09 16:28:34