[LARTC] Bandwidth and download control

Chris Bennett chris@symbio.com
Tue, 16 Nov 2004 00:09:37 -0600 

Jake,

I think that if you just want very basic policing without any priorities, 
you can add an ingress qdisc like this:

#tc qdisc add dev eth0 handle ffff: ingress

and filter on destination IP sort of like this:

#tc filter add dev eth0 parent ffff: protocol ip prio 50 u32 match ip dst 
1.2.3.4 police rate 100kbit burst 10k drop flowid :1
#tc filter add dev eth0 parent ffff: protocol ip prio 50 u32 match ip dst 
1.2.3.5 police rate 100kbit burst 10k drop flowid :1
etc...

Hope this is right.. I'm kinda busy trying to debug why after installing 
Fedora Core 3 postfix is keeping everything deferred when I send through 
procmail for spamassassin...

Chris


----- Original Message ----- 
From: "Jake" <zhex900@optusnet.com.au>
To: "'Chris Bennett'" <chris@symbio.com>
Cc: <lartc@mailman.ds9a.nl>
Sent: Monday, November 15, 2004 11:56 PM
Subject: RE: [LARTC] Bandwidth and download control


> Why can't the server keep track of how many each packets is being sent
> to a particular ip address, if over the download limit drop all packets
> from & to that ip. Of course the ip have to be static or the user have
> to login before using the internet.
>
> Is this concept right? If yes, what resources can help me to implement
> it.
>
> Internet--Cable Modem -> Server -> router -> various clients
>>                  |
>>             (control clients download and bandwidth)
>>
>
> Jake He
>
> -----Original Message-----
> From: Chris Bennett [mailto:chris@symbio.com]
> Sent: Tuesday, 16 November 2004 4:20 AM
> To: Jake
> Subject: Re: [LARTC] Bandwidth and download control
>
> Trying to "control" the incoming traffic at Server (to use your
> topology) is
> very difficult.  It can be done with IMQ, but setting that up requires
> patching, and its not completely reliable.
>
> The easiest way to "control" incoming traffic is to shape the traffic
> flowing *out* of Server to router.  This, in essence, means that the
> traffic
> coming *in* to router will be effectively controlled.
>
> Of course, this is said with the caveat that of course you can't ever
> really
> control download traffic.  If someone decides to start pumelling you
> with a
> ton of UDP traffic, requested or otherwise, you can drop the packets
> when
> they get to you but they've already consumed your bandwidth so it really
>
> doesn't matter.  But its at least worth *trying* to control the incoming
>
> data since TCP, for its part, will (if behaving properly) slow down if
> you
> drop packets.
>
>
> ----- Original Message ----- 
> From: "Jake" <zhex900@optusnet.com.au>
> To: <lartc@mailman.ds9a.nl>
> Sent: Monday, November 15, 2004 6:06 AM
> Subject: [LARTC] Bandwidth and download control
>
>
>>
>>
>> Can someone suggest me some resources where I learn how to have
> control
>> over download and bandwidth over a small network.
>>
>>
>> My network setup is very simple star topology.
>>
>> Network
>> |
>> |
>> Cable Modem -> Server -> router -> various clients
>>                  |
>>             (control clients download and bandwidth)
>>
>>
>>
>> Jake He
>>
>> _______________________________________________
>> LARTC mailing list / LARTC@mailman.ds9a.nl
>> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>>
>
>