Incoming and outgoing bandwidth limiting

Incoming and outgoing bandwidth limiting

Post by Allan Jense » Thu, 23 Aug 2001 21:58:50



Hello,

I am assisting the sysadmins on a larger dorm network which are having
problems.
Their problem is specifically that people set up their own FTP servers and
publish them to the World, thereby sucking up all available outgoing
bandwidth. Others, well, they download like crazy and use up all the inbound
bandwidth.
A bunch of sniffers etc. would reveal who's doing it, they can get a
reprimand etc., but it's not a solution in the long run.

I conceived an idea where each user would be able to up/download a certain
amount of data per day with no restrictions (say, 250 MB). After that they
would be limited in their (ab)use; namely being capped on their bandwidth
usage so that they'd be able to up/download at a rate of, say, 3Kb/s. Not
enough to run their 500 users 31337 W4R3Z FTP-server, but enough to do what
the intention of the Internet access is - search for information and
communicate.

Now, my question is, how do I go about that? Restricting download is not
much of a problem (attach a shaper interface to the internal gateway NIC and
route their IP through that), but restricting upload is more tricky. Do
anyone have a suggestion as how to go about that?

Furthermore there's the question of measuring the usage; I assume that
iptables accounting will be able to cut it with the aid of a cron job to
keep an eye out for users exceeding their limit - any objections to that?

Each and every machine is connected via a number of switches and a central
router; there is no NAT performed anywhere.

If someone have helping hints, documents or (preferred, surprise, surprise
:-) working examples for this, I'd greatly appreciate it!

Thanks in advance :-)

Best regards,
-Allan Jensen

 
 
 

Incoming and outgoing bandwidth limiting

Post by blackhol » Sat, 25 Aug 2001 00:02:06


d00d,

What you need is the traffic shaping tool for linux.  I'm experimenting with
it now and having some luck getting it working (not really).  I think the
better solution is to use tc (traffic control)...more sophisticated
bandwidth throttling for the 2.4.x kernel.

"OK" you say WTF do I get this stuff.  Try here:
http://lwn.net/1998/1119/shaper.html (shaper)

http://www.ds9a.nl/2.4Routing/  (traffic control)
or more specifically
http://www.ds9a.nl/2.4Routing/HOWTO//cvs/2.4routing/output/2.4routing...
...then do your faviorite google searches.


Quote:> Hello,

> I am assisting the sysadmins on a larger dorm network which are having
> problems.
> Their problem is specifically that people set up their own FTP servers and
> publish them to the World, thereby sucking up all available outgoing
> bandwidth. Others, well, they download like crazy and use up all the
inbound
> bandwidth.
> A bunch of sniffers etc. would reveal who's doing it, they can get a
> reprimand etc., but it's not a solution in the long run.

> I conceived an idea where each user would be able to up/download a certain
> amount of data per day with no restrictions (say, 250 MB). After that they
> would be limited in their (ab)use; namely being capped on their bandwidth
> usage so that they'd be able to up/download at a rate of, say, 3Kb/s. Not
> enough to run their 500 users 31337 W4R3Z FTP-server, but enough to do
what
> the intention of the Internet access is - search for information and
> communicate.

> Now, my question is, how do I go about that? Restricting download is not
> much of a problem (attach a shaper interface to the internal gateway NIC
and
> route their IP through that), but restricting upload is more tricky. Do
> anyone have a suggestion as how to go about that?

> Furthermore there's the question of measuring the usage; I assume that
> iptables accounting will be able to cut it with the aid of a cron job to
> keep an eye out for users exceeding their limit - any objections to that?

> Each and every machine is connected via a number of switches and a central
> router; there is no NAT performed anywhere.

> If someone have helping hints, documents or (preferred, surprise, surprise
> :-) working examples for this, I'd greatly appreciate it!

> Thanks in advance :-)

> Best regards,
> -Allan Jensen


 
 
 

Incoming and outgoing bandwidth limiting

Post by Dave Berntso » Sun, 26 Aug 2001 00:37:42


On Thu, 23 Aug 2001 08:02:06 -0700, "blackhole"


>d00d,

>What you need is the traffic shaping tool for linux.  I'm experimenting with
>it now and having some luck getting it working (not really).  I think the
>better solution is to use tc (traffic control)...more sophisticated
>bandwidth throttling for the 2.4.x kernel.

>"OK" you say WTF do I get this stuff.  Try here:
>http://lwn.net/1998/1119/shaper.html (shaper)

>http://www.ds9a.nl/2.4Routing/  (traffic control)
>or more specifically
>http://www.ds9a.nl/2.4Routing/HOWTO//cvs/2.4routing/output/2.4routing...
>...then do your faviorite google searches.

In my case, I would like to share an internet connection (with my game
fanatic kid), in which his connection has absolute priority over my
connection.  IOW, my computer would only d/l during times when his game is
not passing data.  Is there a relatively simple way to achieve this?
Dave




[original post, snipped]
 
 
 

Incoming and outgoing bandwidth limiting

Post by Geof » Sun, 26 Aug 2001 12:50:04




>On Thu, 23 Aug 2001 08:02:06 -0700, "blackhole"

>In my case, I would like to share an internet connection (with my game
>fanatic kid), in which his connection has absolute priority over my
>connection.  IOW, my computer would only d/l during times when his game is
>not passing data.  Is there a relatively simple way to achieve this?
>Dave

I dont know about relatively simple but using tc you can queue packets
based on just about any packet criteria, in your case you would filter
your kids traffic by port # maybe into a queue with higher priority
than all other traffic.
This would give you the ability to web surf or whatever similtaneously
to your kids online *.
 
 
 

1. Limiting outgoing bandwidth per machine, using Linux (2.2.19) on ADSL

Hello,

Ok, to start, some facts:

- I have a local network within my home, with IP addresses in the
192.168.0.0/24 subnet, assigned via DHCP
- I'm using a linux 2.2.19 machine as a router/server, that does IP
masquerading to allow all the machines within my network to share the
one internet connection I have. The local network interface is eth0,
while the internet connection is ppp0 (or eth1).
 - I have an ADSL connection with 640 kilobits/sec downstream (80
kilobytes/sec), 90 kilobits/sec upstream (11.25 kilobytes/sec).
My service provider (Verizon Online) is rather facist with their
bandwidth allocation -- when anymore than 50% of my upstream bandwidth
is utilized, it cuts into my downstream. So say I'm downloading
something at 70 kilobytes/sec, and another computer on my network is
sending some data upstream, at 8 kilobytes/sec, my download speed will
drop to about 10kilobytes/sec, and it will stay that way until the
upstream bandwidth is no longer used.
 - I have iproute2 installed with support built into the kernel

I want to setup some kind of traffic shaping policy so each computer
in the network can only send a certain kilobytes/sec upstream, via the
adsl interface (ppp0).

I have read the linux advanced routing howto, and that only left me
really confused. I fiddled around with the tc command but
unfortunately I wasn't able to make any progress.

I would really appreciate any help anyone could give me.

Thanks in advance,

Paul Lesiak

2. What's a good WWW mirroring porgram for Linux????

3. Outgoing bandwidth limit

4. Downgrading XFree86?

5. limit outgoing bandwidth for an application

6. sendmail on Solaris 2.3

7. Bandwidth limiting for incoming traffic

8. Sendmail 8.8.5 binaries ?

9. incoming bandwidth limit

10. Limit incoming bandwidth

11. How to rewrite only the port on incoming/outgoing packets

12. PPP load balancing works for incoming but not outgoing???

13. Incoming and outgoing Packets under Solaris2.6