“Zero Shell” Implementation Scenarios
June 3 2011
By the time that this document was written, the latest ZS version was 1.0.14b
In this Document you may find some of the Implemented but not thoroughly tested Scenarios.
三年级下册所有古诗There are no Configuration Screen Shots (Routing-Netbalancer, Bridging-QoS etc) / Captures, as the can be found on-line.
The CPU Overhead for the Scenarios may vary …bad on CPU of the ZS “box”, traffic, Total QoS Classification “rules”, type of and number of QoS Classification “Rules” etc.
THIS IS NOT A TUTORIAL, the scenarios are just WiFs (What If) and/or HOWTO meaning … “food for thought”. Your best friend is always “try and error” ;-) As a rule of thumb have always in mind that your implementation should be “KISS”ed (K eep I t S imple S tupid) , redundant (Less SPOFs –Single Point Of failure- is a better and “cheaper” choice than “All in One Box”) and scalable.
理处
In order to Implement any of the scenarios you don’t need in depth knowledge of Networking nor *NIX (体型小的狗
Thanks to Fulvio’s excellent work) BU T … you must not be a complete “newb ie” … If you are (a novice-newbie) then first “do your homework” ☹
我们这个家In the forthcoming scenarios I’ve ud so me low end hardware:
-ZS Boxes: AMD Athlon 64x2 3800+ with 1GB Ram and 4GB USB Flash cards (I’ve only changed partitions sizes bad on some nice posts in the forum)
-Cisco Catalyst 3560 L2/3 Switch … you may u another L2/3 Switch or a router
-Cisco 1800 Router
- A Low end 8 Port Gigabit Switch (Level one GSW-0807)
-aDSL Modem/Routers from various manufacturers
The network for which I’ve implemented the scenarios is a: 40 Work Stations, 11 aDSL (From 4 different ISPs) and the urs are hungry for “surfing”, real time video, voice chat (Mostly Skype, but also MSN), gaming (They’re getting paid for that ☺ ) and real time stocks “viewing”. No other ZS Services are ud, except of Routing/Load Balancing, QoS and Bridging.
The ZeroShell versions ud: 1.0.12b + athelings patch (for Implementing QoS AND Load balancing) and 1.0.14b
The were all the “facts”.
Happy reading
Regards, Steve.
怎么拉伸
Scenario 1 (Sub Scenarios 1.1.0, 1.1.1 & 1.2)
Sub Scenario 1.1.0
ZS Versions. A) 1.0.12b + athelings Patch B) 1.0.14.b
张氏图腾Needs:
a)Redundancy … if something goes wrong the rvices should continue to be rviced although there will be some degradation.
b)The “VIP Customers” (Actually the board members ☺ ) and Services (Games) must have “VIP tre
atment”… meaning there must be a router with 2
(At least) connections rvicing ONLY them. In order to accomplish that, we’re using a Cisco 3560 that does PBR (Policy Bad Routing) bad on IP Ranges and protocols/ports.
Fact: Not all ADSL Links have the same Upload/Download Bandwidth
都本基For Simplicity the Logical Network layout – Map, does not contain all the ISP Links. In reality the ZS box that does the Load balance, has
5x2 Ports NICs.
In the Network Diagram you will e that the First ZS Box works in Bridged mode QoS and it’s placed BEFORE the GW. Why?
1)We need our GW (Cisco 3560) to route the “priority” packets first. So according to our QoS Rules Configuration (Classifier) , the “VIP” IP Ranges and
the “VIP” ports/protocols are “tagged” as Priority High (Class Manager, Class VIP) so they’re rviced/forwarded first .
2)We need to offload the Second ZS Box that already does a lot Load Balancing AND QoS for 9 Uplinks So, the 1st ZS Box does Prioritization for
Outgoing Packets of Eth1 and also does traffic Shaping for “incoming” (For the LAN) packets … actually the “LAN incoming packets” are outgoing packets for Eth2, I’m clarifying this for people not having big experience (But you should already know that QoS,/Traffic Shaping can be applied only to outgoing packets … didn’t know that? DO YOUR HOMEWORK and then continue reading ☺)
Now, regarding the 2nd ZS Box, In order to do its duty, I had to uZS 1.0.12b. atheling’s patch. The box is rvicing as a Load balancer for Unequal “cost” –Bandwidth Lines, for that reason I also needed QoS and traffic Shaping. But, as you may obrve from the Network map, I’m Traffic Shaping ONLY the outgoing packets TO the ISPs without applying QoS on the Eth2 (Facing the LAN).Traffic Shaping for incoming (for the LAN) packets, is done by the 1st box as mentioned above.
爱的天空下
Scenario 1.1.0 Logical Network Topology – Map:
Now, if you ask me: Was this the best implementation you could do?
The answer is: It was the best for the time. A better one would be the one with 3 or 4 ZS Boxes (For redundancy + Less CPU Power/Box) where the “first layer Load balance” would be done by the catal
yst 3560 (Without any prioritization or/and QoS).
But, If you ask me: Was this the simplest implementation you could do?
The answer is: No, there is a simpler (According to the needs) … that is the upcoming scenario 1.2
If you ask: Is it right to put the QoS ZS Box (ZS0) “before” or after the GW?
The answer is: According to our needs, this is right, but you can put it “after” the GW. As a matter of fact, if you read Fulvio’s Documents and/or Forum posts, you will e that the “recommended “place for the QoS ZS box is “after” the GW. There is no “correct or wrong” approach; it depends of your needs. There are almost always more than one solution in Networking … and that’s “one of the “beauties”
Now, take a look of the Logical Network Layout – Map for the “cond approach”, just a Map, no words to write.
Scenario 1.1.1 Logical Network Topology – Map:
