Setup guide

ManualsBrandsD-Link ManualsComputer equipmentDWL-500 - 11Mb Wireless LAN PCI Network Card

361

362

363

364

365

366

367

368

369

370

1 name="Server" target-address=0.0.0.0/0 dst-address=192.168.0.17/32

interface=Local queue=default priority=8 limit-at=0/0 max-limit=0/0

[admin@Wandy] queue simple> move 1 0

[admin@Wandy] queue simple> print

Flags: X - disabled, I - invalid, D - dynamic

0 name="Server" target-address=0.0.0.0/0 dst-address=192.168.0.17/32

interface=Local queue=default priority=8 limit-at=0/0 max-limit=0/0

1 name="LimitClients" target-address=0.0.0.0/0 dst-address=0.0.0.0/0

interface=Local queue=default priority=8 limit-at=0/0

max-limit=131072/65536

[admin@Wandy] queue simple>

Example of Guaranteed Quality of Service

This example shows how to limit data rate on a channel and guarantee minimum speed to the FTP

server allowing other traffic to use the rest of the channel.

Assume we want to emulate a 128k download and 64k upload line connecting IP network

192.168.0.0/24 as in the previous examples. But if these speeds are the best that you can get from

your Internet connection, you may want to guarantee certain speeds to the 192.168.0.17 server so

that your customers could download from and upload to this server with the speeds not dependent

on the other traffic using the same channel (for example, we will guarantee this server the minimum

data rate of 32k for each flow direction).

First of all, you should limit the interface speed:

[admin@Wandy] queue tree> add name=Up parent=Public max-limit=65536

[admin@Wandy] queue tree> print

Flags: X - disabled, I - invalid, D - dynamic

0 name="Up" parent=Public flow="" limit-at=0 queue=default priority=8

max-limit=65536 burst-limit=0 burst-threshold=0 burst-time=0

[admin@Wandy] queue tree>

Next, mark the traffic from the FTP server. We will mark only TCP ports 20-21 because these ports

are used to send and receive FTP data and control messages.

[admin@Wandy] ip firewall mangle> add src-address=192.168.0.17/32:20-21 \

\... protocol=tcp mark-flow=Server_Up in-interface=Local

[admin@Wandy] ip firewall mangle> print

Flags: X - disabled, I - invalid, D - dynamic

0 src-address=192.168.0.17/32:20-21 in-interface=Local protocol=tcp

action=accept mark-flow=Server_Up

[admin@Wandy] ip firewall mangle>

The second mangle rule will match the rest of the traffic from the network:

[admin@Wandy] ip firewall mangle> add src-address=0.0.0.0/0 \

\... mark-flow=Local_Up in-interface=Local

[admin@Wandy] ip firewall mangle> print

Flags: X - disabled, I - invalid, D - dynamic

0 src-address=192.168.0.17/32:20-21 in-interface=Local protocol=tcp

action=accept mark-flow=Server_Up

1 in-interface=Local action=accept mark-flow=Local_Up

[admin@Wandy] ip firewall mangle>

Finally shaping the traffic:

[admin@Wandy] queue tree> add name=Server_Up parent=Up limit-at=32768 \

\... flow=Server_Up max-limit=65536 priority=7

[admin@Wandy] queue tree> add name=Local_Up parent=Up limit-at=0 \

\... flow=Local_Up

[admin@Wandy] queue tree> print

Flags: X - disabled, I - invalid, D - dynamic

0 name="Up" parent=Public flow="" limit-at=0 queue=default priority=8

max-limit=65536 burst-limit=0 burst-threshold=0 burst-time=0

1 name="Server_Up" parent=Up flow=Server_Up limit-at=32768 queue=default

priority=7 max-limit=65536 burst-limit=0 burst-threshold=0 burst-time=0

2 name="Local_Up" parent=Up flow=Local_Up limit-at=0 queue=default