Networking :: Virtual Interface Routing For Clients And Rate Limitations?
Jul 14, 2010
I need to make some solution for my home network, I have a linux server which is: Linux Centos 5.5. So, what I need to do is to make a virtual interface for my clients which set its bandwidth up to 1Mb/s shared to them, but my real bandwidth is 2Mb/s. Also, after that, I have two questions:
1. How to set this rate limitation to that interface?
2. How to edit this interface to let it work and route the client data to my ADSL router?
I'm already generate the virtual interface using webmin managment tool, so I need to set its rate and route data.
I am establishing a VPN connection with a Cisco VPN server, but only want outgoing connections to a certain set of IP addresses to actually go through the VPN. I tried something like this:
Code: sudo iptables -A OUTPUT -t mangle -p tcp -d 111.222.0.0/16 -j ROUTE --oif tun0 but keep getting
When I create virtual ethernet interface and do a ping -I <v_int> <host> the outgoing address is the one of the physical interface and NOT the virtual interface.Is there no chance that trafic will go out with virtual interface address??Incoming trafic is done well i.e. responds to the virtual interface have the virtual address.
My problem is that I have 2 modems and want to check both default gw behind the modems. If I do a "normal" ping both are reachable over default route even the modem which is not the default route will not work because ping goes over the working modem.So I have 2 routing tables and want to route the virtual interface to one modem the other to the other modem
I'm considering setting up a virtual machine running Windows, with Ubuntu 10.10 as the host OS, for those cases where I have a Windows-only program.I understand that using a VM will lose some performance, but are there other limitations to what the OS in a virtual machine can do compared to "running on bare metal"?
For example:
Can a VM play games, like Dragon Age Origins or Civilization V? (Possibly with poorer framerates and/or lower resolution, but does it play at all?) Can a VM rip DVD/Blue-ray using AnyDVD or similar Windows program? Can a VM handle new hardware that requires dedicated drivers, but the drivers are only available for the OS running inside the VM? (Ex. graphics card, digital camera, card reader for smart card authentication.) Is it possible to say anything about "general limitations" of VMs, or is this wholly dependent on the specific VM?
I have a network on which all the wired and wireless connected clients are isolated from one another which is what our network requires.
One down side to this is that the isolation doesn't allow local clients to talk to one another and if they did, I would want it routed through the gateway. Is it possible to enable proxy arp on only the interface which the clients are connected (eth1) to make the gateway forward traffic between local clients?
I have setup a dhcp server on eth0, & i have static Internet connection on eth1. now clients are getting ip automatically, they are able to trace root upto eth0 & eth1. but i am not able to access Internet from client machines. i am using open suse11 as a server. i am not able to do telnet & ftp also from client. i am able to access Internet from server. so please help me to configure my server so that i can access Internet from client machines also.
I have an ubuntu server that I am using as a gateway router. I have 2 nics in the machine and am using iptables to run the NAT.I now have a need to provide several machines on the inside of the network with their own public IP. So I created a virtual interface on the the WAN card and attempted a 1:1 nat across it, but it's not working. The virtual interface isn't even responding to pings. If I ping the ip of the virtual interface from the outside, it doesn't work. If I run a tcpdump on the interface, I can see ICMP request packets but no replies. Watching the same dump while pinging the non-virtual interface IP results in both request and reply packets. What's stranger the inbound ICMP request packets on the virtual interface seem to be hit or miss. Sometimes when I ping it, I can see the request packets hitting the interface, sometimes I get nothing.
I have a webserver with 3 virtual interfaces named eth0:1 eth0:3 and eth0:3. Until yesterday all the virtual ip's worked but eth0:1 decided that it just won't work anymore since yesterday. The configs are:
I am applying a virtual interface (eth0:0) which is failing after the system reboots. It actually cause the default interface (eth0) to fail as well, I must manually go in and remove the configuration for the eth:0:0 and restart the network to get it running again. How do I successfully add a Virtual interface to Fedora 11 that will stick when rebooted.
how to do a virtual interface under linux. I'm using for example eth0:1 so ifconfig eth0:1 192.168.0.20 netmask 255.255.255.0 for example.
However if i do eth0:1 hw ether 00:11:22:33:44:55 It changes eth0 as well. Where should i look into for creating a separate virtual interface that's simply bridged with one of the existing interfaces that has a separate ip and hw address that the os handles.
is it possible to setup a DHCP server using the loopback or a virtual interface? I installed Sun VirtualBox on my fedora system and want to try and kickstart them from within the same box on a virtual network. Is this possible and has anyone done it? I only have a single NIC in the box and it is on my public network.
I found multiple sites explaining how to add IPs to a network interface as virtual interface like eth0:0. However I can add IPs to an interface as well using the ip command: ip a a 192.168.2.2/24 dev eth0 What I want to know is how I can make this persistent on rhel/centos.
I have a Slicehost VPS and I'm trying to set up PPTPD on it. I only have one IP address (the public IP of the box). All the PPTPD howto's I've seen rely on assigning remote clients IPs from the local subnet (e.g. the PPTD server's local IP is 192.168.0.20, and remote IPs are taken from a pool of 192.168.0.30-40).
However I don't think I can do that as I only have the one IP address on Slicehost's network - that public IP (and all other IPs in the segment are public). So what I really want to do is to be able to create a private LAN segment or virtual network adapter and have VPN clients assigned addresses in that segment, then routed out onto the Internet effectively using the PPTPD box as a router. I am using Ubuntu Hardy (LTS).
At my work, we have several clients (outside clients) that have an FTP login to our FTP Server. Their login then leads them to their home FTP folder. The FTP server is currently a Win2003 box. Because we have so many clients, we would like to implement some form of WebGui that would allow each client to manage their own FTP home folder and user info, such as resetting their password if they lost it.
Is there anything like this available in linux that would provide us with that kind of control/usability?
I have a network camera, with a linux OS. We need it to be really precise in its timing for the specific application we want it for. But it's not!
After killing some of the garbage processes on it (and having some achievements, but not enough), it seems that there's some kind of bandwidth limiting applied on the outgoing traffic.
My question: What are all the things that should be done on a machine, running linux, to remove all the bandwidth limitations?
Notes:
1- With my very basic knowledge about traffic shaping in linux, I have made these observations:
# tc qdisc ls dev eth0 qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 # tc qdisc del dev eth0 root RTNETLINK answers: No such file or directory
2- I am trying to download the images from an HTTP link, and I already have about 14Mbps. I want it to reach at least 50Mbps. I can download with speeds higher than this when downloading from another PC on a windows network. So I assume this is not a problem with the cables. Also the eth0 on the camera is said to be a 100Mbps device.
I'm having difficulty setting up my desired network infrastructure. Here's the situation:
I'm currently using an Ubuntu box as homeserver to do everything from sharing internet (via NAT), over DHCP & DNS to filesharing and even virtualisation.
However, since my machine is capable of virtualising Astaro Security Gateway properly, I would like to transfer and split up responsibilities.
I want to have my Astaro fully responsible for the internet and act as the gateway, and along with that disconnect my physical box from the internet and put it behind Astaro (basically making it just a member of the internal network).
The difficulty I'm having with this is that Astaro is running virtually on the physical box, and I can't seem to figure out how to configure the external interface. It needs to be up for Astaro to be able to use it, but it should not give the physical machine access to the external network.
I'm thinking I could set it to manual and not give it an ip address, but I'm not sure on this.
Coming to the point, as per object, I'm playing ( read also as "messing up" ) with mldonkey since last weeks and I have managed to get it working correctly on my home network ( behind router and firewall ). Next step in my development plan was to enable remote access to mldonkey web interface from any external network, like for example a friend pc. I'm aware of the "IP Access Restriction" in the mldonkey configuration file (downloads.ini) but there I can only specify an ip ( or ip-range) to allow access.
So the question is: how can I manage to disable* ip restrictions upon access, so that with a DNS-aliasing service I can access mldonkey web page virtually from anywhere?
(*) = maybe this is not the correct word but it explains the concept.
I need to ask about Virtual Interface, as I need to use my ethernet interface to act as two ethernet ports. As I need to give eth0 an IP address and give eth0.5 another ip address, and make some natting and other issues. Can I do that with the same interface?
I have a server with 14 IP's on eth0. I'm using virtual interfaces to handle the IP's, but the iptables don't seem to work on the virtual interface. It blocks ports that I want open. I'm not that great with iptables, I use what I have because it works for me, but as far as tweaking it, I'm pretty lost.
My iptables: # Simple Firewall configuration # # Set default policies -------- *filter :INPUT ACCEPT [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] # # Internal Networks ----------- #-A INPUT -s <private.class.C>/24 -d <private.class.C>/24 -i eth1 -j ACCEPT # # Loopback -------------------- -A INPUT -s 0/0 -d 0/0 -i lo -j ACCEPT # # Accept established connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # # Services -------------------- # # For SSH gateway -A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -m state --state NEW -j ACCEPT # # For SMTP gateway -A INPUT -p tcp -s 0/0 -d 0/0 --dport 25 -m state --state NEW -j ACCEPT # # For FTP server -A INPUT -p tcp -s 0/0 -d 0/0 --dport 20 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 21 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 53 -m state --state NEW -j ACCEPT # # HTTP services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 80 -m state --state NEW -j ACCEPT # # HTTPS services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 443 -m state --state NEW -j ACCEPT # # POP-3 services #-A INPUT -p tcp -s 0/0 -d 0/0 --dport 110 -m state --state NEW -j ACCEPT # # IMAP services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 143 -m state --state NEW -j ACCEPT # #PLESK #-A INPUT -p tcp -s 0/0 -d 0/0 --dport 8443 -m state --state NEW -j ACCEPT # #Games -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT
# Disallow fragmented packets -A INPUT -f -j DROP # # Log & Block broadcast packets -A INPUT -d 255.255.255.255/0.0.0.255 -j LOG -A INPUT -d 255.255.255.255/0.0.0.255 -j DROP # Log & Block multicast packets -A INPUT -d 224.0.0.1 -j LOG -A INPUT -d 224.0.0.1 -j DROP # # Log and drop all other incoming packets -A INPUT -j LOG -A INPUT -j DROP # COMMIT
I'm looking for a Postfix Management Web interface for user, domains, etc... The problem is I'm not using mysql for domains/users, so I can't use postfixadmin. I use virtual mailboxes as described here: [URL]
Basically all mappings are saved inside an /etc/postfix/vmaps file. The users/passwords files are in /home/vmail/passwd and /home/vmail/shadow. Users are in /home/vmail/$domain/$user
I searched for a web management tool that supports my config for weeks now, and can't seem to find any...
I just had an ATT Uverse RG installed. However my Smoothwall router that previously worked fine with the ADSL SpeedStream is no longer accepting an address assignment DHCP ip address from this new gateway. (3800HGV-B)Any thoughts ideas or experience working with this hardware? ATT only supports Windows and Mac
How is possible to enable the Unity interface on a desktop computer with virtual-box? i tried it but it runs like the desktop interface, i didnt notice any difference between the desktop mode.
I have set 'ONBOOT=no' in interface script '/etc/sysconfig/network-scripts/ifcfg-eth0:2' but my interface bring up at boot time, what is the problem , I have checked it 3 or 4 diff os/machine but the same issue. Can anyone please help me to disable virtual IP's at boot time that network script make it up every boot time.
i know exactly what i need to do, im just not familiar enough with command line to do it properly.i have 7 computers.the first 4 are connected to a router via wireless at one end of the house. of the last 3 only 1 will be able to access the router via wireless, so it needs to share it's one wireless connection via ethernet. this computer i'm going to call 'server'server will have two IP'swlan0 192.168.1.6 this connects to the router that has internet access.eth0 i intend to have the following settingsip:192.168.0.1sub: 255.255.0eth0 will connect to a second router, where the cat5 cable goes from the server, into the internet port of the router where i will define the router's static IP:IP: 192.168.0.100sub: 255.255.255.0gateway 192.168.0.1i have then set the router IP for LAN handling as 192.168.27.1 and all ethernet connections will have a 192.168.27.x IP.
so i need to know how to, without a gui application, use the terminal to assign server eth0 a proper IP address, and tell the server to take the connection it has and share it through eth0 to supply internet for the last 2 computers via ethernet.i had it set up in this way with a windows machine being the one that had the wifi access, but i'd rather have it setup for the ubuntu server to do this task. security is imperative for these 3 remaining machines, so just getting 2 more wifi adapters for a connection to the initial router isn't an option.the 2 that connect to server do so through SSH and though server IS connected via wireless it only makes outward connections through
I have a linux box running between my router and my LAN. My connection speed is 10MB download and 1MB upload. The issue is that whenever someone starts to upload something, it is like my connection is down. No one else can open websites, read emails etc.Is it possible to place a limit for upload, maybe 50kb/s? This way, people won't use the entire upload speed available.
I have a LaCie NAS which is mounted on my main linux machine over a wifi LAN using the cifs file system. I would stupidly expect the transfer rate between my hard drive and the NAS to be limited by the Wifi speed (54 Mbps) but when I transfer files, the speed tops at 1.9 Mb/s which is roughly 15.2 Mbps. The most puzzling thing is that when I do multiple simultaneous transfers, I reach approximately 3MB/s in total but none of the individual transfers goes beyond 1.8. Does anyone have an idea about what is keeping the transfer rate so low?
