Man Linux: Main Page and Category List


       tcinterfaces - Shorewall6 file




       This file lists the interfaces that are subject to simple traffic
       shaping. Simple traffic shaping is enabled by setting TC_ENABLED=Simple
       in shorewall6.conf[1](5).

       A note on the bandwidth definition used in this file:

       ·   don't use a space between the integer value and the unit: 30kbit is
           valid while 30 kbit is not.

       ·   you can use one of the following units:

               Kilobytes per second.

               Megabytes per second.

               Kilobits per second.

               Megabits per second.

           bps or number
               Bytes per second.

       ·   Only whole integers are allowed.

       The columns in the file are as follows.

           The logical name of an interface. If you run both IPv4 and IPv6
           Shorewall firewalls, a given interface should only be listed in one
           of the two configurations.

       TYPE - [external|internal]
           Optional. If given specifies whether the interface is external
           (facing toward the Internet) or internal (facing toward a local
           network) and enables SFQ flow classification.

               Simple traffic shaping is only useful on interfaces where
               queuing occurs. As a consequence, internal interfaces seldom
               benefit from simple traffic shaping. VPN interfaces are an
               exception because the encapsulated packets are later
               transferred over a slower external link.

       IN-BANDWIDTH - [rate]
           Optional. If specified, enables ingress policing on the interface.
           If incoming traffic exceeds the given rate, received packets are
           dropped randomly. With some DSL and Cable links, large queues can
           build up in the ISP's gateway router. While this insures maximum
           throughput, it kills interactive response time. By setting
           IN-BANDWIDTH, you can eliminate these queues.

           To pick an appropriate setting, we recommend that you start by
           setting it significantly below your measured download bandwidth
           (20% or so). While downloading, measure the ping response time from
           the firewall to the upstream router as you gradually increase the
           setting.The optimal setting is at the point beyond which the ping
           time increases sharply as you increase the setting.




       shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5),
       shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-maclist(5),
       shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5),
       shorewall6-route_rules(5), shorewall6-routestopped(5),
       shorewall6-rules(5), shorewall6.conf(5), shorewall6-tcpri,
       shorewall6-tos(5), shorewall6-tunnels(5), shorewall6-zones(5)


        1. shorewall6.conf

[FIXME: source]                   06/17/2010            SHOREWALL6-TCINTERF(5)