Menu
▾
▴
Re: [Openvpn-users] QoS in OpenVPN 2.0
|
From: Ross M. <ros...@ya...> - 2005-03-28 07:22:29
|
First of all apologies about the rich text in the last post. I know some
people don't appreciate it in a discussion
group. Now on to business.
I should have been clearer about what I was looking for.
I agree if you simply want to prioritize all Tunnel traffic versus other
traffic on the physical interface(s) of the machine
hosting OpenVPN, then this can be done using the host operating systems
stack. Assuming the stack on the host OS
supports QoS capability, but that is a different question.
What I was looking for was prioritization within the Tunnel of specific
traffic versus other traffic. Prioritization
based upon traffic type would be ideal. Maybe the OpenVPN software would
allow the user to configure a table of prefered ports, similar to what
Linksys Routers support today. Alternatively the TAP driver could perform
the
same port inspection function and set the ToS (DS Code Point) bits. OpenVPN
could then prioritize the traffic based upon the ToS Bits. A table of ToS
bit priorities would still need to be configured within OpenVPN.
Bottom line is that OpenVPN looks a lot like a router with only tunnels end
points as its interfaces. QoS configuration within the private networks that
can be built using OpenVPN is a must for network engineering
/Ross
Subject: Re: [Openvpn-users] QoS in OpenVPN 2.0
From: Florin Andrei <fl...@an...>
Reply-To: ope...@li...
To: ope...@li...
Date: Sun, 27 Mar 2005 22:15:53 -0800
On Sun, 2005-03-27 at 20:00 -0800, Ross MacGillivray wrote:
> Are there any plans to add Quality of Service (QoS) features, i.e.
> traffic prioritization.
>
> I've been pulling a little music over OpenVPN, and QoS would be a
> useful feature to prioritize streaming
> media over an OpenVPN tunnel.
Prioritizing the VPN packets when compared to other traffic, or
prioritize traffic inside the tunnel?
Anyway, i have a feeling that both can be achieved with other means. In
order to prioritize the tunnel itself versus other traffic, this is what
i do:
# iptables -L -n -v -t mangle | grep 5000
0 0 TOS udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:5000 TOS set 0x10
Or in other words:
-A PREROUTING -t mangle -p udp -m udp --sport 5000 -j TOS --set-tos 0x10
Probably something similar can be applied inside the tunnel, but i never
tried that. If you do, please post the results.
--
Florin Andrei
|
