MasterShaper on a Linux-Bridge

From MasterShaper

Jump to: navigation, search

This howto assumes a bridge between a Cisco router (WAN) and a ethernet network switch. One interface is attached to the Cisco router via a cross cable. The other bridge interface is connected to the network switch. Little Packets and SSH should get high priorities. HTTP and HTTPS should only get a maximum bandwidth from 1024kbit/s. All other traffic is absolutly low priority and can only consome max. 1536kbit/s.

This howto will not contain any information howto setup the bridge itself. It assumes that this work is already done. If you need informations on howto setup a bridge check out the linux bridge homepage at [1].

Image:Howto_bridge_diagramm.png

  • Install MasterShaper like described in the ((Documentation))
  • After successful installation go to the MasterShaper Options and enter
    • Inbound Bandwidth: 2048kbit/s
    • Outbound Bandwidth: 2048kbit/s
    • eth0 as Incoming Interface
    • eth1 as Outgoing Interface
    • Select no for "IMQ"
    • Select "Bridge" for "Mode"
  • Now we create the service levels:
    • Name "Highest Priority"
      • In-Bandwidth: 32kbit/s
      • Out-Bandwidth: 32kbit/s
      • Priority: Highest (1)
    • Name "High Priority"
      • In-Bandwidth: 128kbit/s
      • Out-Bandwidth: 128kbit/s
      • Priority: High (2)
    • Name "Normal Traffic"
      • In-Bandwidth: 128kbit/s
      • In-Bandwidth Ceil: 1024kbit/s
      • Out-Bandwidth: 128kbit/s
      • Out-Bandwidth Ceil: 1024kbit/s
      • Priority: Normal (3)
    • Name "Low Priority"
      • In-Bandwidth: 128kbit/s
      • In-Bandwidth Ceil: 1536kbit/s
      • Out-Bandwidth: 128kbit/s
      • Out-Bandwidth Ceil: 1536kbit/s
      • Priority: Low (4)
    • Name "WAN Speed"
      • In-Bandwidth: 2048kbit/s
      • Out-Bandwidth: 2048kbit/s
      • Priority: Ignore
  • Now we create the filter definitions (this assumes that you let MasterShaper Installer prefill protocol & port informations. If not add them manually first):
    • Name "HTTP & HTTPS"
      • Protocols: TCP
      • Ports: http & https
    • Name "SSH"
      • Protocols: TCP
      • Ports: SSH
    • Name "ICMP"
      • Protocols: ICMP
  • Now go back to the MasterShaper Options View and select the service level "Highest Priority" for the "ACK Packets" option.
  • Create a new chain "WAN"
    • As service level specify "WAN Speed"
    • As fallback service level specify "Low Priority"
    • Leave targets on any & any for both directions.
  • Now we create the pipes definitions:
    • Name "Ping"
      • Chain "WAN"
      • Direction "<->"
      • Select the "ICMP" filter
      • Select service level "Highest Priority"
    • Name "Remote Console"
      • Chain "WAN"
      • Direction "<->"
      • Select the "SSH" filter
      • Select service level "High Priority"
    • Name "Web Traffic"
      • Chain "WAN"
      • Direction "<->"
      • Select the "HTTP & HTTPS" filter
      • Select service level "Normal Traffic"
  • Create a new Target:
    • Name "LAN"
      • Match IP: 192.168.1.0/24
  • Go back to the chains view on create a new chain to ensure internal LAN traffic will not be touched by the shaping ruleset:
    • Name "LAN"
      • Service Level "Ignore" (Fallback service gets irrelevant with this option)
      • Target select "LAN" <-> "LAN".
  • Go to the Overview Site and move the "LAN"-Chain over the "WAN"-Chain with the arrows. So the LAN will match first before the "any" <-> "any" match.
  • Load the ruleset.

That's all.

-=See also=-

  • ((Documentation))
  • ((Requirements))
Retrieved from "http://www.mastershaper.org/index.php/MasterShaper_on_a_Linux-Bridge"