1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prioritize VPN (PPTP)?

Discussion in 'HyperWRT Firmware' started by ptolemy, Feb 11, 2006.

  1. ptolemy

    ptolemy Network Guru Member

    I have a PPTP-VPN server in my LAN to be able to connect to the LAN from outside.
    I'd like to prioritize the PPTP traffic since i only have a slow 8/1 ADSL-connection and a lot of traffic going through it.

    From what I understand PPTP uses some special Generic Routing Encapsulation-protocol to transfer data. TCP port 1723 is only used to manage the connection, so it's not enough to only prioritize port 1723.

    Any suggestions?

    I'm using Tofu 13c.
     
  2. Thibor

    Thibor Super Moderator Staff Member Member

    i think GRE has to be prioritised as well
     
  3. ptolemy

    ptolemy Network Guru Member

    Is that possible in Tofu 13c?
     
  4. Thibor

    Thibor Super Moderator Staff Member Member

    GRE is port 47, so yes it's possible
     
  5. ptolemy

    ptolemy Network Guru Member

    But GRE is protocol 47, i.e. at the same level as TCP and UDP.
     
  6. Thibor

    Thibor Super Moderator Staff Member Member

    of course you are correct. there may be something you can do with the iptables rules to prioritise that.u32 is able to do that, you need to research it a little though

    these should work for you:
    iptables -A INPUT -p 47 -j ACCEPT
    iptables -A OUTPUT -p 47 -j ACCEPT
    iptables -A INPUT -p TCP -s 0.0.0.0/0 --source-port 1723 -j ACCEPT
    iptables -A OUTPUT -p TCP -d 0.0.0.0/0 --destination-port 1723 -j ACCEPT
    of course you want to prioritise protocol 47 so:
    "iptables -t mangle -I PREROUTING -p 47 -j DSCP --set-dscp-class EF"
    would make proto 47 highest class and do what you want.
     
  7. ptolemy

    ptolemy Network Guru Member

    I'll try that.
    Thanks :)
     

Share This Page