[LUNI] openwrt is cool

[Ramin K]

Triumphs in Sys Administration, Feb 14

	Schelps from the corp office keep showing up at our office for meetings 
and whatnot. They of course attach their laptops and then login into the 
corp VPN. Once on the VPN a number of things talk back and forth and if 
it's been some time since your last backup a backup starts. Additionally 
people from our office occasionally need to get on the VPN which also 
starts a backup since we connect so infrequently.  Unfortunately the 
incredibly idiotic backup software does not throttle outbound traffic. 
At all. After you realize every p2p client ever built has this simple 
control in it, you really start to get annoyed. And when you're waiting 
five seconds for characters to echo back on production databases you're 
trying to fix, you do something.

	Enter traffic shaping. Openwrt has some nice little scripts utilizing 
iptables like /usr/sbin/ipt_tables . After a few modifications for our 
environment ports SSH, DNS, SMTP, and imap-ssl are prioritized, ipsec is 
capped at 300k and set to the lowest priority, and http is left alone.

Strange how meetings with corp people no longer last three hours.

Ramin