Reply To: QoS + VPN

Forums Network Management Networking QoS + VPN Reply To: QoS + VPN


You are right. What I forgot is that in your case the OpenVPN daemon is a local process to the box that performs traffic shaping and its connections cannot be classified by the FORWARD chain (table mangle) in which the web interface of Zeroshell put the QoS rules.
You can try one of the following workarounds:

– split the QoS tasks to a separated box. You can configure it in bridge mode and put it across the Internet router and the VPN router. On my opinion this is the best solution but you need of additional hardware.

– apply the QoS rules to shape the OpenVPN tunnels with manual iptables commands on the INPUT and OUTPUT chains of the table mangle.