Skip to content
Snippets Groups Projects
Commit cfa2dc6e authored by nimrod's avatar nimrod
Browse files

Connect to the internet over fiber optics! 

New apartment, new internet connection. This time using fiber optics and
a _much_ faster connection. Change the port layout a bit. Change the
queueing a bit too.
parent d53ceb7a
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Ansible/roles/router/files/pf.conf
+ 5
5
View file @ cfa2dc6e
...@@ -19,11 +19,11 @@ table <brute> persist #table for brute force attempts, etc. ...@@ -19,11 +19,11 @@ table <brute> persist #table for brute force attempts, etc.
table <bgp-spamd-bypass> persist # table for spamd whitelisted addresses. table <bgp-spamd-bypass> persist # table for spamd whitelisted addresses.
# Queues, priorities # Queues, priorities
queue egress on pppoe0 bandwidth 50M qlimit 10000 queue egress on pppoe0 bandwidth 500M qlimit 10000
queue critical parent egress bandwidth 10M max 40M min 1M qlimit 2000 queue critical parent egress bandwidth 100M max 400M min 10M qlimit 2000
queue services parent egress bandwidth 10M max 40M qlimit 2000 queue services parent egress bandwidth 100M max 400M qlimit 2000
queue other parent egress bandwidth 30M max 40M default qlimit 1000 queue other parent egress bandwidth 300M max 400M default qlimit 1000
queue bulk parent egress bandwidth 30M qlimit 200 queue bulk parent egress bandwidth 300M qlimit 200
match on egress proto { tcp, udp } to port { ssh, isakmp, l2tp, ipsec-nat-t, domain } set queue critical set prio 6 match on egress proto { tcp, udp } to port { ssh, isakmp, l2tp, ipsec-nat-t, domain } set queue critical set prio 6
match on egress proto { ah, esp, gre, icmp } set queue critical set prio 6 match on egress proto { ah, esp, gre, icmp } set queue critical set prio 6
match on egress proto tcp to port { smtp, www, https, submission, imaps } set queue services set prio 4 match on egress proto tcp to port { smtp, www, https, submission, imaps } set queue services set prio 4
......
Ansible/roles/router/tasks/main.yaml
+ 4
4
View file @ cfa2dc6e
...@@ -67,17 +67,17 @@ ...@@ -67,17 +67,17 @@
- name: Configure the network interfaces - name: Configure the network interfaces
with_dict: with_dict:
em1: | em1: |
description "Connected to the fiber cable, used for PPPoE connection to the ISP."
up
em5: |
description "Connected to internal LAN." description "Connected to internal LAN."
inet 192.168.3.1 255.255.255.0 inet 192.168.3.1 255.255.255.0
group ingress group ingress
up up
em5: |
description "Connected to DSL modem for PPPoE connection to the ISP."
up
pppoe0: | pppoe0: |
description "The connection to the internet." description "The connection to the internet."
inet 62.219.131.121 255.255.255.255 NONE \ inet 62.219.131.121 255.255.255.255 NONE \
pppoedev em5 authproto pap \ pppoedev em1 authproto pap \
authname 'ns_nimadar@014' authkey '{{ bezeqint_password }}' up authname 'ns_nimadar@014' authkey '{{ bezeqint_password }}' up
dest 0.0.0.1 dest 0.0.0.1
!/sbin/route add default -ifp pppoe0 62.219.131.121 !/sbin/route add default -ifp pppoe0 62.219.131.121
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment