[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shaping: dividing bandwidth between router & NAT hosts

Stephan Balmer wrote at 2010-02-12 02:21 -0600:
> > Frankly, use could be anything, available bandwidth could be anything.  So I'm 
> > not seeking a perfect shaping solution but just something to, at least 
> > somewhat, control usage.  And limit usage on the unsecured wireless interface 
> > too!
> The solutions most people use, including me, require you to know the
> downstream and upstream bandwidth. If you don't, you can't very well move
> the bottleneck to your router, so your shaping won't do anything.

An automatic detection of down/up bandwidth would be great, but it is not 
necessary.  Hmm, is there a way to set up something to test 
pseudo-automatically, like try wget download while the box is booting...

[snip excellent ingress/egress explanation/graphics]

> Yes, some people use the terms 'ingress interface' and 'egress interface'.
> Please don't do this, it's confusing when we talk about traffic shaping.
> > It seems peculiar that egress delaying on the local interface (of forwarded 
> > packets) is encouraged but ingress delaying in the WAN interface is 'wrong'.  
> > Are they not essentially the same thing?
> (I'm assuming you mean ingress shaping on either the incoming or the
> outgoing interface of the router.)
> Yes, they are the same thing. Both are discouraged because your router is
> behind the bottleneck and you have only indirect control over what other
> people send you. Another diagram:

Okay, makes sense.

[snip excellent ingress bottleneck explanation/graphics]

> Now most ISP couldn't give a shit about interactivity. They advertise a
> certain bitrate, and they will deliver that bitrate. This is best done
> by maintaining a huge packet queue. If you want to beat that you have to
> move the bottleneck to your gateway, which means lowering throughput by
> around 10% compared to the pipe. This way, most implementations figure out
> the link is congested before the huge buffer on the remote side starts
> filling up. If the remote buffer ever starts filling up, you will get poor
> interactivity, period.

So, I just need to do ingress policing on WAN interface at 10% less than tested 
down bitrate...

> > I basically have this (a Soekris net5501), but it acts as a wireless AP also; 
> > four interfaces bridged on the LAN side.
> Good. Now if you don't want to patch IMQ into your system, find a
> distribution where it's included and use that. I used OpenWRT in the past,

> but these days I only do egress shaping which is easily done with stock
> Debian.

...And egress shaping on WAN interface.  I see another message with some more 
tips for that, and of course examples online also.


Attachment: signature.asc
Description: Digital signature

Reply to: