PingTimeout

Cédric Lemarchand cedric.lemarchand at ixblue.com
Fri Jul 26 00:44:07 CEST 2013


Le 25 juil. 2013 à 23:31, Guus Sliepen <guus at tinc-vpn.org> a écrit :

> On Thu, Jul 25, 2013 at 09:10:27PM +0200, Cédric Lemarchand wrote:
> 
>>> So if you shape UDP to the point where it becomes so congested
>>> that your tinc nodes are unable to talk to each other using UDP,
>>> they will adapt and send packets over TCP, which is probably not
>>> what you want.
>> Right, I need to keep control of the bandwidth used by tinc, so my
>> only option is to play with PingTimeout.
> 
> Perhaps you could instead try to shape the traffic inside the VPN.

Yes, but this is a bit complicate in the way that sites has different link size, and some public subnets are routed inside tinc, all of this over an MPLS network, which makes traffic classification a real head hache (of course you know that QOS is only really effective on *outgoing* traffic). On the other side I am fervent militant of the KISS principle.

What I am dreaming for is a the possibility too centrally manage the qos rules on a mesh VPN network with some basic rules :

- defining nodes and bandwidth capacity (simple shapping, I don't want that nodes with big link flood the little ones), and let some bandwidth for voice traffic (lets say 1/10 or 1/8). This is what I am doing right now. (a feature that Tinc lacks : doing that internally with a bandwidth value for each nodes would be awesome, but this is maybe our of the scope)

This is a sort of "QOS matrix". I know some proprietary system can do that with a nice GUI, but a Linux box will ever been so much more flexible and fun.


> 
> -- 
> Met vriendelijke groet / with kind regards,
>     Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc


More information about the tinc mailing list