Multi-ISP doc updates

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-21 23:23:13 +01:00 · 2005-05-20 17:06:38 +00:00 · 2005-05-20 17:06:38 +00:00 · 4ccedb0f10
commit 4ccedb0f10
parent 4a11dfe292
2 changed files with 28 additions and 6 deletions
--- a/Shorewall-docs2/Shorewall_and_Routing.xml
+++ b/Shorewall-docs2/Shorewall_and_Routing.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2005-05-19</pubdate>
+    <pubdate>2005-05-20</pubdate>

    <copyright>
      <year>2005</year>
@ -260,8 +260,9 @@

        <itemizedlist>
          <listitem>
-            <para>Packet marking for traffic control purposes must be done in
-            the FORWARD table.</para>
+            <para>Packet marking for traffic control purposes may not be done
+            in the PREROUTING table for connections involving providers with
+            'track' specified (see below).</para>
          </listitem>

          <listitem>
@ -384,8 +385,11 @@
                  <glossterm>balance</glossterm>

                  <glossdef>
-                    <para>The providers that have 'default' specified will get
-                    outbound traffic load-balanced among them.</para>
+                    <para>The providers that have 'balance' specified will get
+                    outbound traffic load-balanced among them. Balancing will
+                    not be perfect, as it is route based, and routes are
+                    cached. This means that routes to often-used sites will
+                    always be over the same provider.</para>
                  </glossdef>
                </glossentry>
              </glosslist>
@ -427,6 +431,16 @@ net        net            DROP</programlisting>
      <programlisting>#INTERFACE       SUBNET            ADDRESS
 eth0             eth2              206.124.146.176
 eth1             eth2              130.252.99.27</programlisting>
+
+      <para>Now suppose that you want to route all outgoing SMTP traffic
+      through ISP 2. You would make this entry in <ulink
+      url="traffic_shaping.htm">/etc/shorewall/tcrules</ulink> (and you would
+      set TC_ENABLED=Yes in <ulink
+      url="???">/etc/shorewall/shorewall.conf</ulink>).</para>
+
+      <programlisting>#MARK           SOURCE          DEST            PROTO   PORT(S) CLIENT  USER    TEST
+#                                                               PORT(S)
+2               &lt;local network&gt; 0.0.0.0/0       tcp     25</programlisting>
    </section>
  </section>

--- a/Shorewall-docs2/traffic_shaping.xml
+++ b/Shorewall-docs2/traffic_shaping.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2005-02-19</pubdate>
+    <pubdate>2005-05-20</pubdate>

    <copyright>
      <year>2001-2005</year>
@ -191,6 +191,14 @@
      in the <filename>/etc/shorewall/tcrules</filename> file.</para>
    </important>

+    <important>
+      <para>If you use providers (in /etc/shorewall/providers) with the
+      'track' option then there are restrictions about how you can mark
+      packets involving those providers; see the <ulink
+      url="Shorewall_and_Routing.html">Shorewall Routing documentation</ulink>
+      for details.</para>
+    </important>
+
    <para>Columns in the file are as follows:</para>

    <itemizedlist>