: Building a Linux Firewall with NAT and QoS

: Building a Linux Firewall with NAT and QoS

Post by Younger » Sat, 02 Jun 2001 02:53:26



Hi,

My private LAN is connected to the Internet (cable modem service) by means
of the Linksys Cable/DSL router (BEFSR41).  I have a Linux machine as well
as a Windows 2K Adv Server on my LAN.  Everytime when I use my Windows 2K
Adv Server to place an Internet phone call through either Net2Phone or
DialPad service while downloading huge files (MP3s), the party I called as
well as me experience some sort of our voices have broken up into pieces
and it's pretty annoyance.  I was thinking perhaps to replace my Linksys
router with a self-built Quality of Service (QoS) capable Linux router +
Firewall + NAT on a rather old i386/20 computer.  I started to look through
the Linux documentation archive on QoS to no avail.

If you know of such a QoS for Linux, I certainly will appreciate if you
could shed some light to help.  TIA.

 
 
 

: Building a Linux Firewall with NAT and QoS

Post by josep » Sat, 02 Jun 2001 05:00:29


If your isp is using pppoe , then you need something more than a i386 to
handle masquerading and firewalling and Qos.
My 486/66 ( masq/firewall /pppoe ) hits 30% usage when I maintain a 100KB/s
download.

Qos has to be compiled into the kernel.
the tool to use is called "tc" .

the Adv routing howto for the 2.4 kernel explains it, a bit.
note that qos is available in the 2.2 kernels as well.  I am using 2.2.17 .

For you, it could be as simple as telling the kernel to introuduce some
trubulence into the connection of one computer, and allow the other
connection to have a chance . "Stochastic Fairness Queuing" might be what
you need.

later.


Quote:> Hi,

> My private LAN is connected to the Internet (cable modem service) by means
> of the Linksys Cable/DSL router (BEFSR41).  I have a Linux machine as well
> as a Windows 2K Adv Server on my LAN.  Everytime when I use my Windows 2K
> Adv Server to place an Internet phone call through either Net2Phone or
> DialPad service while downloading huge files (MP3s), the party I called as
> well as me experience some sort of our voices have broken up into pieces
> and it's pretty annoyance.  I was thinking perhaps to replace my Linksys
> router with a self-built Quality of Service (QoS) capable Linux router +
> Firewall + NAT on a rather old i386/20 computer.  I started to look
through
> the Linux documentation archive on QoS to no avail.

> If you know of such a QoS for Linux, I certainly will appreciate if you
> could shed some light to help.  TIA.


 
 
 

: Building a Linux Firewall with NAT and QoS

Post by Manuel Soje » Sat, 02 Jun 2001 19:06:49


Is there any other helpfull documentation apart from the adv. routing howto?
I ask, because I think the adv. routing howto is quite difficult to
understand if you're not too familiar with all this stuff.

Regards,
Manuel

 
 
 

: Building a Linux Firewall with NAT and QoS

Post by Dean Thompso » Sat, 02 Jun 2001 19:57:06


Hi Manuel,

Quote:> Is there any other helpfull documentation apart from the adv. routing
> howto? I ask, because I think the adv. routing howto is quite difficult to
> understand if you're not too familiar with all this stuff.

As the name suggests, it is advanced so you have to be very comfortable with
routing to begin with.  You might want to try a search in something like
"google" and take a look at programs like "iproute2" which has QoS within it.
There might be some more user-friendly documentation with those packages.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

: Building a Linux Firewall with NAT and QoS

Post by Manuel Soje » Sat, 02 Jun 2001 23:16:51


Hi Dean,
thanks for the info, but what I was looking for was some kind of official
(like the adv. routing howto) document, that could help me. But it seems to
me that there isn't any too famous doc except the routing howto.
Bye
Manuel
 
 
 

: Building a Linux Firewall with NAT and QoS

Post by Dean Thompso » Sat, 02 Jun 2001 23:19:40


Hi!,

Quote:> thanks for the info, but what I was looking for was some kind of official
> (like the adv. routing howto) document, that could help me. But it seems to
> me that there isn't any too famous doc except the routing howto.

Correct!, these are the only two real documents doing the traps.  There are
others but like you said, they are more a set of notes published on a web page
of what worked for them.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+