QOS traffic shaping by IP in bridge mode

Forums Network Management ZeroShell QOS traffic shaping by IP in bridge mode

  • This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
  • #40905

    I have successfully implemented per IP rate limits when zeroshell is connected via IP routing interfaces. However, when placing the interfaces in bridge mode the rate-limits are no longer applied to the traffic based on the destination IP rules I have created.
    Is it possible to perform per IP rate limits in bridge mode?


    add your policies to BOTH interfaces that your bridge consists of. Then run some tests- you should see the statistics change on your QOS signifying the traffic. (If you don’t, you will need to troubleshoot your qos rules.)

    Then disable qos on each interface until you see qos no longer working. That should tell you which interface to apply your qos policies.



    I have tested this using many different rules on each interface of the bridge and applying each rules to many different types of classes. In each instance I see no traffic statistics and the bandwidth is not rate-limited.
    I have also tried the same rules that I use in firewall mode in bridge-mode without changing the hosts on the network and the rules never get hit. It appears that when in bridge mode the interfaces are unable to process IP based QOS rules. Is this true?
    Has anyone successfully implemented per IP rate limits in bridge mode?



    I’m trying to find a solution to exactly the same problem. It seems to me that this is one of those mysterious issues nobody really seems to know anything about; I’ve googled around for about a week without finding a definitive answer to even whether or not you actually can do QoS with a Linux bridge. There are references to such setups here and there, but the examples I’ve tried really don’t work, there’s lots of outdated information out there etc.

    I’ll let you know if I learn anything new about this issue. I’d appreciate it a lot if you could do the same in case you come across a solution.




    Are you assigned at least an IP address to the bridge interface?

    The QoS should not depend on the forwarding mechanism (bridging or routing) you are using.



    I have it working successfully with Release 1.0.beta10 in bridge mode. I only have two classes: Default and SMTP. My initial goal was to prevent my Exchange 2007 server from flooding my pipe when users send large attachments en-masse (Exchange’s built-in throttling mechanisms are junk). After considerable searching I decided to try Zeroshell. As a newbie to Linux Qos (Qos in general) I spent about half a day reading and testing Zeroshell configuration(s) and then dropped my Zeroshell transparent bridge in between my lan and gateway. Bingo!

    I’m not expecting it to, but If Zeroshell should fail all I have to do patch around the bridge to restore service – an excellent feature of the transparent bridge concept.

    I am managing my Zeroshell system via the web interface and SSH to the console. Its working great so far!

    Uptime 2 days, 18:16

    Thank you, Fulvio, for your excellent contribution to the community! 😀

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.