QOS with ADSL and nat-ed DMZ/LAN
I have the following setup
(inet)
|
| -->eth0
-----|----- ------------
| astaro | -------eth1--------->| LAN |
----------- | ------------
|
eth2
|
-----------
| DMZ |
----------
outside connection to the internet is a ADSL --> 1.5Mbps/768Kbps
I am trying to limit a web server in the DMZ to be only able to serve @ a speed which would not impede the LAN users ability to browse the web.
DMZ and LAN are NAT addresses such as
DMZ=192.168.1.0/255.255.255.0
LAN=192.168.0.0/255.255.255.0
i don't know how to proceed in any shape or form since the QOS help page states the following:
"ATTENTION: If you are using NAT, you can not specify the IP address of your servers, since the source address on the outgoing interface will be that of your firewall. You can not match on the service, either (see above). Apossible solution would be to use alias interfaces on the external interface of the firewall and SNAT all traffic from a (internal) server IP to a dedicated alias IP of your external firewall interface, which would enable you to match on traffic from that dedicated IP. "
and even if i were to be able to put a limit on my outer interface eth0, i would still be limiting LAN users to the same bandwidth that I would be limiting the DMZ machines
any help would be appreciated--especially help with how to proceed in aliasing the main interface
if anyone has done such, without the need of a fourth interface eth3 I would be grrrreeeaaattly appreciative of any response
thank you
-erald
This thread was automatically locked due to age.