[kwlug-disc] Two ethernet ports - 1 in, 1 out

john at netdirect.ca john at netdirect.ca
Wed Jan 27 10:53:17 EST 2010 

kwlug-disc-bounces at kwlug.org wrote on 01/25/2010 04:07:12 PM:
>
> Just bought 
> http://www.canadacomputers.com/index.php?
> do=ShowProduct&cmd=pd&pid=020105&cid=NTW.311.651 
> based on a list heads up from Richard some time ago. 8 port gigabit 
> smart switch with QoS, $115. Vlan, lacp, etc., too. Sadly, no nice 
> bandwidth graphs, no command line interface - perhaps I should have 
> waited. (Don't have nautilus, nmap, mrtg, etc., set up, yet. Perhaps 
> I'm mixing terms here, too.) Just typical router superficial web 
> interface - not at all what I expected from a Cisco product. 
> http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9994/
> ps9996/data_sheet_c78-500596.html

Note that QoS as implemented on a LAN is different that traffic shaping on 
a router. QoS on an Ethernet switch like you describe is probably ethernet 
standard 802.1p. Since this is done in the Ethernet packet header it would 
have to be done by the Linux kernel. I think that VoIP devices like phones 
may put a code in there, but Linux would have to be told to do so for 
certain packets. I don't know how one would go about doing that, iptables 
and some marking perhaps?
 
> Note, for trunking, the other end (i.e. the PC) has to support it, 
> too. As far as I know, that means two NICs of the same manu/model. FYI.

Identical NICs are not needed. In fact on one end the NICs don't have to 
be the same, as long as the standard is adhered to: 
http://en.wikipedia.org/wiki/802.3ad
 
> > Iproute2 also provides traffic shaping. It can be configured through 
the 
> > 'tc' utility. The idea is to create several queues for a network 
device 
> > and distribute packets among the queues based on rules. So VoIP 
packets 
> > get one queue, downloads get another. Then, basically, you can assign 
> > guaranteed throughput to each queue, but allow them to burst if there 
is 
> > unused throughput.
> 
> But this is coming out per box(?). i.e. Multiple boxes going out to 
> the internet would still permit one box to overwhelm the rest. Which 
> is to say, you still need that firewall (perhaps pc / openwrt based), 
> collecting all the internal traffic, to be doing this shaping (as 
> well) to the one port out to the internet.

I'm am being assumptive here. I tend to use Linux firewalls for the 
versatility so I speak in terms of Linux. Tc would have to be done on a 
router between the boxes and the Internet. Bill is right in that if it was 
done on the Asterisk box it would only affect Asterisk traffic.
 
> If I understand correctly, with a single service asterisk box, 
> separate from the webserver, then just turning on QoS, and the shaping 
> above on this firewall box, would do you. i.e. Second NIC / mucking 
> about on the asterisk box could be avoided, in favour of doing it on 
> the firewall (and helping all traffic, internal and external, in the 
> process). Probably for your house, Cedric's/Lori's OpenWRT box would 
> do you. e.g. of flexibility, OpenWRT box can have each internal nic 
> port being its own VLAN. And, per Lori, can run asterisk - perhaps 
> sufficiently for your (external?) needs.
>
> Note also, every (internal) hop has to be QoS aware. e.g. If you have 
> a switch in your office (room), cause you have so many machines but 
> only one line back to the router, that switch in your office also has 
> to be QoS aware. Doesn't have to be a smart switch, just QoS aware. 
> Mind you, Lori has commented in the past that there's so much 
> bandwidth available in the office that traffic is never so 
> overwhelming that QoS is necessary / useful. i.e. QoS prioritizes 
> traffic, typically not kicking in (usefully?) until you flood any 
> given connection, and that seldom happens in actuality. (4 AM call 
> when backups are running?)

I second Lori. On small, typical office networks the Ethernet switch isn't 
the problem, it's the Internet gateway.


John Van Ostrand
Net Direct Inc.
 
CTO, co-CEO
564 Weber St. N. Unit 12
map
 
Waterloo, ON N2L 5C6
 
john at netdirect.ca
Ph: 866-883-1172
ext.5102
Linux Solutions / IBM Hardware
Fx: 519-883-8533

More information about the kwlug-disc mailing list