Re: controlling p2p & bittorrent
- To: firstname.lastname@example.org
- Subject: Re: controlling p2p & bittorrent
- From: "Tim Clewlow" <email@example.com>
- Date: Mon, 26 Jul 2010 02:32:41 +1000
- Message-id: <firstname.lastname@example.org>
- In-reply-to: <20100725130748.GS7337@swansys>
- References: <20100725130748.GS7337@swansys>
> Does anyone have a shaping setup that tries to be fair where p2p is
> with miminal/no ingress shaping?
I use priority base queuing on outgoing connections. dont use any
kind of bandwidth limiting on incoming as I dont see how that would
really do anything. I use pf as my firewall on a bsd box, but the
proiritisations would be the same for any firewall. It works for me,
I used to have a similar problem with p2p hogging all the outgoing
bandwidth, now I dont, and p2p still runs fine.
The following is taken from my firewall rules, the higher numbered
priorities *always* get put ahead of lower priorities.
queue ssh on $ext_if priority 15 priq
queue dns on $ext_if priority 10 priq
queue http on $ext_if priority 5 priq
queue other on $ext_if priority 3 priq
queue hogs on $ext_if priority 1 priq (default)
First priority goes to ssh, I rarely use it, but I want it first for
admin purposes. The dns queue is next highest, it is just for dns
queries (out via port 53) and nothing else, next the http queue is
for port 80 and 443 so both outgoing http and https traffic is
covered, finally the other queue is for everything else.
Additionally, there is a hogs queue that certain LAN IPs get put
into if they have really been testing my patience :-)
Anyway, that arrangement means web browsing always gets put before
p2p traffic, ie only bandwidth left after ssh/dns/http/https is
available for p2p or other traffic of any kind.