[LARTC] Strategy for penalising IPs with too many simultaneous sessions

[Graham Leggett]

Mohan Sundaram wrote:

> I've my misgivings with this scheme.
> 
> What you are doing makes sense only if the number of connections is a 
> constrained resource. If bandwidth is the constraint, then shaping by 
> source IP irrespective of number of connections will do the job. As far 
> as I've seen, routers can support 200k connections and this is 
> sufficient for many large LANs - say 500 node LAN with 400 connections 
> per node.
> 
> In many cases, the user may not know how many connections he is opening 
> or which app is consuming connections. Thus, the user may not be in a 
> position to take remedial action and hence will be at a disadvantage.

In the network in question, bandwidth is minimal (many many users 
sharing 512kbps). As a result, unlike in typical networks where 
simultaneous connections are statistically insignificant, in this case 
one user running many bittorrents can pretty much wipe out network 
performance to a ratio of 20 to 1 or more.

The typical response I have seen to this scenario is to try and 
prioritise certain protocols over others, but this strategy has the 
disadvantage of dictating to the user that they can only use those 
certain protocols.

What I would like to do instead is allow the user to use any protocol 
they like, with the caveat that attempting to open many connections 
simultaneously will result in a steadily decreasing share of the pipe, 
rather than a steadily increasing one.

Regards,
Graham
--