[Openswan Users] Incorporating Qos
Ken Bantoft
ken at xelerance.com
Mon Jun 21 18:35:42 CEST 2004
On Mon, 21 Jun 2004, Joep Gommers wrote:
> --[PinePGP]--------------------------------------------------[begin]--
> Dear list,
>
> I've been busy on incorporating some sort of maximum bandwidth per IPSec
> connection mechanism. Defining by what rules (that are declared in e.g.
> ipsecqos.conf) a tunnel should live like. Is there any text / dialog pic
> that shows the layout of the ipsec shellscript. I'm beginning to
> understand _updown, manual, etc script. But a clear explanations by you
> guys would make it all even more clear.
If it's per conn, use _updown. See kernel.c for do_command() code.
> Can you guys help me out?
>
> Thanks in advance,
> Joep Gommers
>
> PS I like CBQ, any comments/requests?
Ensure you do NOT use a QoS scheduler that is interrupt driven, as ipsec0
on 2.4 is a virtual device and doesn't give 'real' interrupts. On 2.6,
there is no device at all. I've been using IMQ + HTB3 for my needs, and
they work okay.
Also check the hidetos= value in your IPsec config, and ensure it does
what you want. Note that the default changed between 1.x and 2.x - man
ipsec.conf for details.
Ken
More information about the Users
mailing list