Limit bandwidth.

[andy2008]

Hey guys. I currently have a Fedora 10 BGP router configured with quagga which routes two external IP classes in my network. Until now I never needed bandwidth limiting, but it turns out I need it now and I'm in a jam. I have no idea where to start. I tried searching this forum but the answers are so many and vague... So, basically, I want IP 121.xxx.xx.xx to have a maximum download speed of 500 k/s and a maximum upload speed of 50 k/s. Is there any - somewhat easy - way of doing this?

[marinaccio]

http://www.computing.net/answers/lin...hat/25765.html

http://www.linux.org/docs/ldp/howto/...WTO/index.html

The first is pretty easy, to the point. The second link goes more in depth.

Hope that helps, and have a good weekend.

[andy2008]

Thanks for your answer but I don't think Squid is the answer to my problem. I also forgot to mention that one of the IPs that I want to limit has a mail/http/dns server on it.

[marinaccio]

No problem. Good luck, and have a good weekend.

[nucleo]

May be this can help you.
http://forums.fedoraforum.org/showthread.php?t=152073

I build htb.init rpm from modified PLD's spec:
zip archive with htb.init-0.8.5-2.fc8.noarch.rpm
zip archive with htb.init-0.8.5-2.fc8.src.rpm

htb.init configs in /etc/sysconfig/htb, config examples in /usr/share/doc/htb.init-0.8.5

[andy2008]

Thanks a bunch mate!

[andy2008]

works like a charm dude. Thanks a lot.
Just one question though, if let's say, I want to "unlimit" an IP and I erase the files containing that rule and do a "service htb restart", the bandwidth limit doesn't disappear. What gives? Am I missing something?

Edit: And yet another problem. Even though I configured eth0 and eth1 (eth0 - external / eth1 - internal) I can't for the life of me figure out how to limit the upload speed. Only download speed gets limited. What could be the problem?

[nucleo]

Documentation is in file /etc/rc.d/init.d/htb

Quote:

Remember that you can only control traffic going out of your linux machine.
If you have a host connected to network and want to control its traffic on
the gateway in both directions (with respect to the host), you need to setup
traffic control for that host on both (or all) gateway interfaces.

Quote:

HTB.init uses simple caching mechanism to speed up "start" invocation if the
configuration is unchanged. When invoked for the first time, it compiles the
configuration files into simple shell script containing the sequence of "tc"
commands required to setup the traffic control. This cache-script is stored
in /var/cache/htb.init by default and is invalidated either by presence of
younger class config file, or by invoking HTB.init with "start invalidate".

If you want to HTB.init to setup the traffic control directly without the
cache, invoke it with "start nocache" parameters. Caching is also disabled
if you have logging enabled (ie. HTB_DEBUG is not empty).

If you only want HTB.init to translate your configuration to "tc" commands,
invoke it using the "compile" command. Bear in mind that "compile" does not
check if the "tc" commands were successful - this is done (in certain places)
only when invoked with "start nocache" command. When you are testing your
configuration, you should use it to check whether it is completely valid.

[andy2008]

Yeah but this is exactly what I did....

So, as I said, I have two eth interfaces. Eth0 with the internet connection, and Eth1 with a LAN IP (10.10.1.1)

I have a 30 Mbit download speed with a 5 Mbit upload speed. These are the files I created in /etc/sysconfig/htb and the content of these files:

eth0

DEFAULT=30
R2Q=100


eth0-2.root

RATE=5Mbit


eth0-2:10.default

RATE=128Kbit
CEIL=256Kbit
LEAF=sfq
RULE=10.10.1.21 # this is the IP of the machine I want to limit (upload)
PRIO=10



eth1

DEFAULT=30
R2Q=100


eth1-2.root

RATE=30Mbit


eth1-2:10.default

RATE=256Kbit
CEIL=512Kbit
LEAF=sfq
RULE=10.10.1.21 # this is the IP of the machine I want to limit (download)
PRIO=10


So, the download limiting part - eth1 - works, but what I thought would be upload limiting on eth0 does not work at all.
I would greatly appreciate some help

[nucleo]

I am not sure but if you using NAT on eth0 you should use MARK instead RULE.

Code:

iptables -t mangle -A PREROUTING -s 10.10.1.21 -j MARK --set-mark 102
iptables -t mangle -A PREROUTING -s 10.10.1.21 -j RETURN

and MARK=102 instead of RULE=10.10.1.21 in eth0-2:10.default.

http://surrender-zen-way.blogspot.co...tb-shaper.html

[andy2008]

Well, that did the trick. Now both upload and download are limited. I really don't know how to thank you. You were very helpful! Cheers!

[andy2008]

Well, it's me again!
I do have another problem. Even though everything related to external traffic works great, the big problem is that network traffic was also affected. So, if I want for example to use SAMBA on the internet server which does the traffic shaping, of course, the network speed transfer is the same as the internet speed. I tried various ways of changing this, marked packets coming from a certain IP, to certain ports, etc... can't seem to figure it out.

[nucleo]

I didn't try to do this.
About similar problems you can read in translation of this site
http://translate.google.com/translat...u&tl=en&swap=1
There is FTP server with speed higher than speed of access to the Internet.

[andy2008]

Yup. Thanks! It worked. It was because I hadn't created the ".lanload" files. After following to the letter the guide, it worked: LAN traffic to the server is no longer affected, only internet traffic. Thanks again!