Bonjour,
Je ne savais pas si je devais continuer un sujet similaire (Problèmes de performance ERL3 sans LB) mais comme il est noté résolu j'en crée un autre.
Tout d'abord merci à tous ceux qui participe à ce forum et notamment au remplacement des routeurs opérateurs, c'est une mine d'information.
Je suis donc abonné à l'offre Fibre Jet chez Orange. En ethernet, avec la LiveBox, j’atteins un débit d'environ 950 Mbps et 250Mbps en upload sur testdebit.info.
J'ai remplacé la LB par un ERL3 (en version 1.9.1), et en faisant le même test, je ne dépasse pas les 550 Mbps en download et 50Mbps en upload.
Je n'utilise la livebox que pour le téléphone raccordé sur le port 2, et j'ai le Switch GS108Tv2 pour prendre en charge la CoS devant les routeurs, raccordé comme dans le sujet existant (
Switch GS108Tv2 pour prendre en charge la CoS devant les routeurs).
J'ai également adopté une configuration par zone que je trouve très pratique.
Voici donc ma configuration :
options {
mss-clamp {
interface-type tun
mss 1452
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 10.0.0.50/28
description Admin_vlan
duplex auto
speed auto
vif 7 {
address 172.16.10.50/24
description Dec_Libebox
}
vif 10 {
address 10.0.10.50/24
description Fym_vlan
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 0
managed-flag false
max-interval 600
other-config-flag false
prefix ::/64 {
autonomous-flag true
on-link-flag true
valid-lifetime 2592000
}
reachable-time 0
retrans-timer 0
send-advert true
}
}
}
vif 20 {
address 10.0.20.50/24
description enfants
}
vif 30 {
address 10.0.30.50/24
description Guest
}
vif 40 {
address 10.0.40.50/24
description Console
}
}
ethernet eth1 {
description "eth1 ONT (FIBRE RJ45)"
duplex auto
speed auto
vif 832 {
address dhcp
description "eth1.832 (INTERNET + VOIP + CANAL 2)"
dhcp-options {
client-option "send vendor-class-identifier "sagem";"
client-option "send dhcp-client-identifier 1:MA:CD:EL:AL:IV:EB:OX;"
client-option "send user-class "\053FSVDSL_livebox.Internet.softathome.Livebox3";"
client-option "request dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, domain-search, rfc3118-authentication;"
client-option "send rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:66::X:X:X:X:X:X:X:X;"
default-route update
default-route-distance 210
name-server update
}
egress-qos "0:0 1:0 2:0 3:0 4:0 5:5 6:6 7:0"
ipv6 {
address {
autoconf
}
dup-addr-detect-transmits 1
}
}
vif 838 {
address dhcp
description "TV - VOD"
dhcp-options {
client-option "send vendor-class-identifier "sagem";"
client-option "send user-class "\047FSVDSL_livebox.MLTV.softathome.Livebox3";"
client-option "request subnet-mask, rfc3442-classless-static-routes;"
client-option "send dhcp-client-identifier 1:MA:CD:EL:AL:IV:EB:OX;"
default-route update
default-route-distance 210
name-server update
}
egress-qos "0:4 1:4 2:4 3:4 4:4 5:4 6:4 7:4"
}
vif 840 {
address 192.168.255.254/24
description "VLAN TV Canal 1 - Zap"
egress-qos "0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5"
}
}
ethernet eth2 {
description Eth2
duplex auto
speed auto
vif 832 {
address 10.0.13.50/24
description Voip_Livebox
}
}
loopback lo {
}
}
port-forward {
auto-firewall enable
hairpin-nat disable
wan-interface eth1.832
}
protocols {
igmp-proxy {
disable-quickleave
interface eth0 {
role disabled
threshold 1
}
interface eth0.7 {
alt-subnet 0.0.0.0/0
role downstream
threshold 1
}
interface eth0.10 {
role disabled
threshold 1
}
interface eth0.20 {
role disabled
threshold 1
}
interface eth0.30 {
role disabled
threshold 1
}
interface eth0.40 {
role disabled
threshold 1
}
interface eth1.832 {
role disabled
threshold 1
}
interface eth1.838 {
role disabled
threshold 1
}
interface eth1.840 {
alt-subnet 0.0.0.0/0
role upstream
threshold 1
}
interface eth2 {
role disabled
threshold 1
}
}
}
service {
dhcp-server {
disabled false
global-parameters "option SIP code 120 = string;"
global-parameters "option rfc3118-authentication code 90 = string;"
hostfile-update disable
shared-network-name Dell {
authoritative enable
description Dell-lan
subnet 10.0.40.0/24 {
default-router 10.0.40.50
dns-server 194.2.0.20
lease 86400
start 10.0.40.150 {
stop 10.0.40.151
}
static-mapping Ps3 {
ip-address 10.0.40.150
mac-address X:X:X:X
}
}
}
shared-network-name Livebox {
authoritative enable
subnet 10.0.13.14/24 {
default-router 10.0.13.50
dns-server 81.253.149.9
dns-server 80.10.246.1
domain-name orange.fr
lease 86400
start 10.0.13.20 {
stop 10.0.13.21
}
static-mapping Livebox {
ip-address 10.0.13.1
mac-address MA:CD:EL:AL:IV:EB:OX
}
subnet-parameters "option SIP 00:06:73:62:63:74:33:67:03:41:55:42:06:61:63:63:65:73:73:11:6f:72:61:6e:67:65:2d:6d:75:6c:74:69:6d:65:64:69:61:03:6e:65:74:00;"
subnet-parameters "option rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:64:68:63:70:6c:69:76:65:62:6f:78:66:72:32:35:30;"
}
}
shared-network-name Livebox_Dec {
authoritative enable
subnet 172.16.10.0/24 {
default-router 172.16.10.50
dns-server 172.16.10.50
lease 86400
start 172.16.10.20 {
stop 172.16.10.22
}
static-mapping Livebox01 {
ip-address 172.16.10.20
mac-address MA:CD:UD:EC:OD:EU:R1
}
static-mapping Livebox02 {
ip-address 172.16.10.21
mac-address MA:CD:UD:EC:OD:EU:R2
}
}
}
use-dnsmasq disable
}
dns {
forwarding {
cache-size 1000
listen-on eth2
listen-on eth0.7
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description "Masquerading outgoing connections"
outbound-interface eth1.832
protocol all
type masquerade
}
rule 5011 {
description "Masquerading TV"
outbound-interface eth1.838
protocol all
type masquerade
}
}
ssh {
allow-root
port 22
protocol-version v2
}
upnp2 {
listen-on eth2
listen-on eth0.7
nat-pmp enable
secure-mode disable
wan eth1.832
}
}
system {
config-management {
commit-archive {
}
commit-revisions 20
}
conntrack {
expect-table-size 4096
hash-size 4096
table-size 32768
tcp {
half-open-connections 512
loose disable
max-retrans 3
}
}
host-name XXXXXXXXXXXXXX
login {
user ubnt {
authentication {
encrypted-password XXXXXXXXXXXXXX
plaintext-password ""
public-keys XXXXXXXXXXXXXX {
key XXXXXXXXXXXXXX
type ssh-rsa
}
}
full-name ""
level admin
}
}
name-server 80.10.246.3
name-server 81.253.149.10
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipsec enable
ipv4 {
forwarding enable
vlan enable
}
ipv6 {
forwarding enable
vlan enable
}
}
package {
repository wheezy {
components "main contrib non-free"
distribution wheezy
password "****************"
url http://http.us.debian.org/debian
username ""
}
repository wheezy-security {
components main
distribution wheezy/updates
password "****************"
url http://security.debian.org
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level warning
}
}
}
time-zone Europe/Paris
traffic-analysis {
dpi disable
export disable
}
}
zone-policy {
zone dmz {
default-action drop
from lan {
firewall {
name lan-to-dmz
}
}
from local {
firewall {
name local-to-dmz
}
}
from wan {
firewall {
name wan-to-dmz
}
}
from wifi-guest {
firewall {
name wifi-guest-to-dmz
}
}
interface eth0.40
}
zone lan {
default-action drop
from dmz {
firewall {
name dmz-to-lan
}
}
from local {
firewall {
ipv6-name ipv6-local-to-lan
name local-to-lan
}
}
from wan {
firewall {
ipv6-name ipv6-wan-to-lan
name wan-to-lan
}
}
from wifi-guest {
firewall {
name wifi-guest-to-lan
}
}
interface eth0.10
interface eth0
}
zone local {
default-action drop
from dmz {
firewall {
name dmz-to-local
}
}
from lan {
firewall {
ipv6-name ipv6-lan-to-local
name lan-to-local
}
}
from wan {
firewall {
ipv6-name ipv6-wan-to-local
name wan-to-local
}
}
from wan-tv {
firewall {
name wan-tv-to-local
}
}
from wifi-guest {
firewall {
name wifi-guest-to-local
}
}
local-zone
}
zone wan {
default-action drop
from dmz {
firewall {
name dmz-to-wan
}
}
from lan {
firewall {
ipv6-name ipv6-lan-to-wan
name lan-to-wan
}
}
from local {
firewall {
ipv6-name ipv6-local-to-wan
name local-to-wan
}
}
from wan-tv {
firewall {
name wan-tv-to-wan
}
}
from wifi-guest {
firewall {
name wifi-guest-to-wan
}
}
interface eth1
interface eth1.832
interface eth2.832
}
zone wan-tv {
default-action drop
from lan {
firewall {
name lan-to-wan-tv
}
}
from local {
firewall {
name local-to-wan-tv
}
}
from wan {
firewall {
name wan-to-wan-tv
}
}
interface eth1.838
interface eth1.840
interface eth0.7
}
zone wifi-guest {
default-action drop
from dmz {
firewall {
name dmz-to-wifi-guest
}
}
from lan {
firewall {
name lan-to-wifi-guest
}
}
from local {
firewall {
name local-to-wifi-guest
}
}
from wan {
firewall {
name wan-to-wifi-guest
}
}
interface eth0.30
interface eth0.20
}
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.9.1.4939093.161214.0705 */
Merci à tous pour vos retours.