The franc also commonly distinguished as the French franc (FF), was a currency of France. Between 13, it was the name of coins worth 1 livre tournois and.
Virtualization is one of the most discussed topic in the field of Linux and IT in general. In the list of 10 HOT IT Skills in demand Virtualization (Vmware) stands at.
Open-source TCP/HTTP load-balancing proxy server supporting native SSL, keep-alive, compression, CLI stick-tables, custom log formats, header rewriting, redirects. Example Configuration. Introduction. Now that you have a firm grasp of many of the most commonly used networking concepts, it is time to apply them to the configuration of your server. Introduction. Welcome, gentle reader. This document hopes to enlighten you on how to do more with Linux 2.2/2.4 routing. Unbeknownst to most users, you.
Linux Advanced Routing & Traffic Control HOWTOBert Hubert. Thomas Graf (Section Author)Gregory Maxwell (Section Author)Remco van Mook (Section Author)Martijn van Oosterhout (Section Author)Paul B Schroeder (Section Author)Jasper Spaans (Section Author)Pedro Larroy (Section Author)A very hands- on approach to iproute. Dedication. 2. Introduction. Disclaimer & License. Prior knowledge. 2. What Linux can do for you. Housekeeping notes.
Access, GIT & submitting updates. Mailing list. 2. 7. Layout of this document. Introduction to iproute. Why iproute. 2? 3. Prerequisites. 3. Exploring your current configuration.
Rules - routing policy database. Simple source policy routing.
Routing for multiple uplinks/providers. Split access. 4. 2.
Load balancing. 5. GRE and other tunnels. A few general remarks about tunnels: 5. IP in IP tunneling.
GRE tunneling. 5. IPv. 4 Tunneling. IPv. 6 Tunneling. Userland tunnels.
IPv. 6 tunneling with Cisco and/or 6bone. IPv. 6 Tunneling. IPSEC: secure IP over the Internet. Intro with Manual Keying. Automatic keying. Theory. 7. 2. 2. Example.
Automatic keying using X. IPSEC tunnels. 7. Other IPSEC software. IPSEC interoperation with other systems. Windows. 7. 5. 2. Check Point VPN- 1. NG8. Multicast routing.
Queueing Disciplines for Bandwidth Management. Queues and Queueing Disciplines explained. Simple, classless Queueing Disciplines. Token Bucket Filter. Stochastic Fairness Queueing.
Advice for when to use which queue. Terminology. 9. 5. Classful Queueing Disciplines. Flow within classful qdiscs & classes.
The qdisc family: roots, handles, siblings and parents. The PRIO qdisc. 9.
The famous CBQ qdisc. Hierarchical Token Bucket. Classifying packets with filters. Some simple filtering examples.
All the filtering commands you will normally need. The Intermediate queueing device (IMQ)9.
Sample configuration. Load sharing over multiple interfaces. Caveats. 10. 2. Other possibilities.
Netfilter & iproute - marking packets. Advanced filters for (re- )classifying packets. The u. 32 classifier. U3. 2 selector. 12.
General selectors. Specific selectors. The route classifier. Policing filters. Ways to police. 12. Overlimit actions.
Examples. 12. 4. Hashing filters for very fast massive filtering. Filtering IPv. 6 Traffic. How come that IPv. Marking IPv. 6 packets using ip. Using the u. 32 selector to match IPv. Kernel network parameters. Reverse Path Filtering.
Obscure settings. Generic ipv. 41. 3. Per device settings.
Neighbor policy. 13. Routing settings. Advanced & less common queueing disciplines. Parameters & usage. Clark- Shenker- Zhang algorithm (CSZ)1. DSMARK1. 4. 3. 1.
Introduction. 14. What is Dsmark related to? Differentiated Services guidelines. Working with Dsmark.
Ingress qdisc. 14. Parameters & usage. Random Early Detection (RED)1. Generic Random Early Detection.
VC/ATM emulation. Weighted Round Robin (WRR)1. Cookbook. 15. 1. Running multiple sites with different SLAs.
Protecting your host from SYN floods. Rate limit ICMP to prevent d. Do. S1. 5. 4. Prioritizing interactive traffic. Transparent web- caching using netfilter. Traffic flow diagram after implementation.
Circumventing Path MTU Discovery issues with per route MTU settings. Solution. 15. 7. Circumventing Path MTU Discovery issues with MSS Clamping.
ADSL, cable, PPPo. E & PPt. P users)1. The Ultimate Traffic Conditioner: Low Latency, Fast Up & Downloads.
Why it doesn't work well by default. The actual script (CBQ)1. The actual script (HTB)1. Rate limiting a single host or netmask. Example of a full nat solution with Qo. S1. 5. 1. 0. 1. Let's begin optimizing that scarce bandwidth.
Classifying packets. Improving our setup. Making all of the above start at boot. Building bridges, and pseudo- bridges with Proxy ARP1.
State of bridging and iptables. Bridging and shaping. Pseudo- bridges with Proxy- ARP1.
ARP & Proxy- ARP1. Implementing it. 17. Dynamic routing - OSPF and BGP1. Setting up OSPF with Zebra. Prerequisites. 17.
Configuring Zebra. Running Zebra. 17.
Setting up BGP4 with Zebra. Network Map (Example)1. Configuration (Example)1. Checking Configuration.
Other possibilities. Further reading. 20.
Acknowledgements. Chapter 1. Dedication This document is dedicated to lots of people, and is my attempt to do. To list but a few. Rusty Russell. Alexey N.
Kuznetsov. The good folks from Google. The staff of Casema Internet. Chapter 2. Introduction. Welcome, gentle reader. Unbeknownst to most users, you already run tools which allow you to.
Commands like route and. We are no free helpdesk, but we often will answer questions. Before losing your way in this HOWTO, if all you want to do is simple.
Other possibilities chapter, and read about CBQ. This document is distributed in the hope that it will be useful. WITHOUT ANY WARRANTY; without even the implied warranty of. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
In short, if your STM- 6. Sorry. Copyright (c) 2. Gregory Maxwell, Martijn van. Oosterhout, Remco van Mook, Paul B. Schroeder and others. This material may. Open Publication License, v.
Please freely copy and distribute (sell or give away) this document in any. It's requested that corrections and/or comments be forwarded to the.
It is also requested that if you publish this HOWTO in hardcopy that you. Here are some other references which might help teach you more.
Rusty Russell's networking- concepts- HOWTOVery nice introduction, explaining what a network is, and how it is. It teaches you a lot of stuff.
Internet. This is for. While the provided documentation is verbose, it is not very. Traffic control is almost undocumented. There are several things which should be noted about this document.
While I. wrote most of it, I really don't want it to stay that way. I am a strong. believer in Open Source, so I encourage you to send feedback, updates. Do not hesitate to inform me of typos or plain old errors. Feel free to send suggestions. If you feel you are better qualified to maintain a section, or think that.
The SGML. of this HOWTO is available via GIT, I very much envision more people. In aid of this, you will find lots of FIXME notices. Patches are always. Wherever you find a FIXME, you should know that you are treading in. This is not to say that there are no errors elsewhere.
If you have validated something, please let us know so. FIXME notice. About this HOWTO, I will take some liberties along the road. For example, I. postulate a 1. Mbit Internet connection, while I know full well that those. The canonical location for the HOWTO is.
We now have anonymous GIT access available to the world at large. This is. good in a number of ways. You can easily upgrade to newer versions of this.
HOWTO and submitting patches is no work at all. Furthermore, it allows the authors to work on the source independently. Please make sure that you edit the. A Makefile is supplied which should help you create postscript, dvi, pdf. You may need to install.
Be careful not to edit 2. It contains an older version of the. HOWTO. The right file is lartc. The authors receive an increasing amount of mail about this HOWTO.
Because. of the clear interest of the community, it has been decided to start a. Advanced Routing and. Traffic Control. You can subscribe to the list. It should be pointed out that the authors are very hesitant of answering. We would like the archive of the list to.
If you have a question, please search. We will be doing interesting stuff almost immediately, which also means that. Please gloss over these parts and assume that all will become clear. Routing and filtering are two distinct things. Filtering is documented very. Rusty's HOWTOs, available here: We will be focusing mostly on what is possible by combining netfilter.
Chapter 3. Introduction to iproute. Most Linux distributions, and most UNIX's, currently use the. This new networking code brings Linux performance and a feature. OS arena. In fact, the new. As new networking concepts have been invented, people have found ways to. OSes. This. constant layering of cruft has lead to networking code that is filled with. In the past, Linux.
Sun. OS's handling of many of these things, which was not ideal. This system supports various method for classifying, prioritizing. We'll start off with a tiny tour of iproute. You should make sure that you have the userland tools installed.
This. package is called 'iproute' on both Red. Hat and Debian, and may otherwise be. You can also try. Some parts of iproute require you to have certain kernel options enabled.
It. should also be noted that all releases of Red. Hat up to and including 6. Red. Hat 7. 2 has everything in by default. Also make sure that you have netlink support, should you choose to roll your. Iproute. 2 needs it. This may come as a surprise, but iproute.
The current. commands ifconfig and route are already using the advanced. I'll only explain part of the output as not everything is directly. We first see the loopback interface. While your computer may function. I'd advise against it. The MTU size (Maximum Transfer. Unit) is 3. 92. 4 octets, and it is not supposed to queue.
Which makes sense. I'll skip the dummy interface for now, and it may not be present on your. Then there are my two physical network interfaces, one at the side. With IP aliasing, the concept of 'the' IP address had. It does show us the MAC addresses though, the hardware identifier of our. It shows all our addresses, and to which.
There are lots of other. Let's examine eth. It says that it is related to the inet. What does this mean? The /8 stands for the number of. Network Address. There are 3.
The first 8 bits of 1. Network Address, and our netmask is 2. The other bits are connected to this interface, so 1. With ppp. 0, the same concept goes, though the numbers are different.
Its. address is 2. This means that we have a.
There is more information, however. It tells us. that on the other side of the link there is, yet again, only one address. The /3. 2 tells us that there are no 'network bits'. It is absolutely vital that you grasp these concepts. Refer to the. documentation mentioned at the beginning of this HOWTO if you have trouble.