Hi, i have 200 cleint a building network is cat5 cable and switches i want limiting user can i do with LARTC? Ismet Sonmez Bsy Bilgi Sistemleri Tel : 0090 224 255 77 47 Fax : 0090 224 254 89 24 Mail : isonmez@bsy.com.tr _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Yes its possible Please look following URL''s 1. www.lartc.org 2. www.docum.org 3. www.apconnections.net hare ----- Original Message ----- From: "Ismet Sonmez" <isonmez@bsy.com.tr> To: <lartc@mailman.ds9a.nl> Sent: Tuesday, May 13, 2003 11:46 AM Subject: [LARTC] new user> Hi, > i have 200 cleint a building > network is cat5 cable and switches > i want limiting user > can i do with LARTC? > > Ismet Sonmez > Bsy Bilgi Sistemleri > Tel : 0090 224 255 77 47 > Fax : 0090 224 254 89 24 > Mail : isonmez@bsy.com.tr > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tuesday 13 May 2003 08:16, Ismet Sonmez wrote:> Hi, > i have 200 cleint a building > network is cat5 cable and switches > i want limiting user > can i do with LARTC?Yes. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Ok.it is possible. i have 200 client but not in one network. 1 client 1 network for security. exam. 7.cleint 10.client cant connect p2p. all cleint bandwidth 128 kbps -------client1 10.1.1.1/24 | internet<----->router<---->switch----client2 10.1.2.1/24 | | | ------client3 10.1.3.1/24 | |---switch .... | |---switch<---->client200 10.1.200.1/24 client1 not connect client200 router eth1 ip 10.1.(1...200).254/24 :) is it possible? -----Original Message----- From: Stef Coene [mailto:stef.coene@docum.org] Sent: Tuesday, May 13, 2003 8:06 PM To: isonmez@bsy.com.tr; lartc@mailman.ds9a.nl Subject: Re: [LARTC] new user On Tuesday 13 May 2003 08:16, Ismet Sonmez wrote:> Hi, > i have 200 cleint a building > network is cat5 cable and switches > i want limiting user > can i do with LARTC?Yes. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
hi, eth0 internet eth1 local i want 200 ip on eth1 10.1.1.254/24 router 10.1.1.1/24 client1 10.1.2.254/24 router 10.1.2.1/24 client2 . . 10.1.200.254/24 router 10.1.200.1/24 client200 dummynet it is possible in LARTC? -----Original Message----- From: hare ram [mailto:hareram@sol.net.in] Sent: Wednesday, May 14, 2003 5:44 PM To: isonmez@bsy.com.tr Subject: Re: [LARTC] new user your Question really confusing what you want to achive hare ----- Original Message ----- From: "Ismet Sonmez" <isonmez@bsy.com.tr> To: <lartc@mailman.ds9a.nl> Sent: Wednesday, May 14, 2003 12:27 PM Subject: [LARTC] new user> Ok.it is possible. > > i have 200 client but not in one network. > 1 client 1 network for security. > exam. > 7.cleint 10.client cant connect p2p. > all cleint bandwidth 128 kbps > -------client1 10.1.1.1/24 > | > internet<----->router<---->switch----client2 10.1.2.1/24 > | | > | ------client3 10.1.3.1/24 > | > |---switch .... > | > |---switch<---->client200 10.1.200.1/24 > > client1 not connect client200 > router eth1 ip 10.1.(1...200).254/24 > :) > is it possible? > > > > -----Original Message----- > From: Stef Coene [mailto:stef.coene@docum.org] > Sent: Tuesday, May 13, 2003 8:06 PM > To: isonmez@bsy.com.tr; lartc@mailman.ds9a.nl > Subject: Re: [LARTC] new user > > > On Tuesday 13 May 2003 08:16, Ismet Sonmez wrote: > > Hi, > > i have 200 cleint a building > > network is cat5 cable and switches > > i want limiting user > > can i do with LARTC? > Yes. > > Stef > > -- > > stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net > > > > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Wednesday 14 May 2003 17:00, Ismet Sonmez wrote:> hi, > eth0 internet > eth1 local > i want 200 ip on eth1 > 10.1.1.254/24 router 10.1.1.1/24 client1 > 10.1.2.254/24 router 10.1.2.1/24 client2 > . > . > 10.1.200.254/24 router 10.1.200.1/24 client200 > dummynet > > it is possible in LARTC?This question is not easy to answer because it''s not clear what you want to do. But as fas I understand, it''s possible. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Ismet, As you may have noticed we don''t really understand exactly what you wish to do. We understand that you have a number of "client" networks behind your router, and that you wish to use linux (LARTC), but we are not sure about the nature of your question. : it is possible in LARTC? Quite probably. I understand that there may be a linguistic barrier for you in communicating your question to the list, but we need to know more in order to engage your question. So please ask better questions in the future. With that said, here are some answers to the questions I thought you were asking: Are you asking 1. if you can limit bandwidth for each client? Yes. You''ll want to learn about HTB. You will probably wish to create a top-level class to limit the total bandwidth to the available bandwidth for all of your clients, and then create child classes alloting 128k for each client, e.g., 1:1 (77mbit) +--------+ 1:1001 (128kbit) +--------+ 1:1002 (128kbit) +--------+ 1:1003 (128kbit) ... +--------+ 1:1200 (128kbit) Your clients will still be "fighting" over any bandwidth left in class 1:1, but at least you can limit the total bandwidth that all of them will be able to consume. You can also cap each individual class by using the rate and ceil parameters for the child classes. There is a metric boatload of documentation on HTB by the author [1] and by Stef Coene [2]. OR : eth0 internet : eth1 local : i want 200 ip on eth1 2. if you can use a single router with multiple IPs on a single ethernet interface? Yes. You can trivially host multiple IPs on the same interface by making use of the "ip address add" command. I have not completed writing my documentation [3] and examples for this command, but the ip-cref manual [4] which comes with the iproute2 package will provide the necessary clues. In short, the machine can host many IPs on a single interface, and according to the rules for source address selection [5], should even generate ICMP messages from the correct IPs for your client networks. OR : > client1 not connect client200 3. if you can prevent the different client networks from communicating with each other? Yes. You can do so by using iptables. I would suggest the iptables tutorial [6] for an introduction to the capabilities of packet filtering with kernel 2.4 and iptables. You can also prevent different client networks from connecting to each other by using clever policy routing. See a discussion between me and Tomas Bonnedahl from earlier this year [7]. I would suggest using policy routing in addition to (not as a replacement for) correctly configured packet filters (see next answer). OR : > 7.client 10.client cant connect p2p. 4. if you can configure different packet filters for each client? Yes. You can do so by using iptables. I would suggest the iptables tutorial [6] for an introduction to the capabilities of packet filtering with kernel 2.4 and iptables. There are a large number of tools for automating the writing of packet filters. These tools can be found on freshmeat.net [8]. I would suggest choosing one of these after you understand how iptables can help you solve your problem. So, in short, Ismet, linux-2.4 can probably do what you want. Please feel free to ask more specific questions after you have familiarized yourself with the wealth of options. -Martin [1] http://luxik.cdi.cz/~devik/qos/htb/ [2] http://www.docum.org/ [3] http://linux-ip.net/html/tools-ip-address.html [4] http://linux-ip.net/gl/ip-cref/node22.html [5] http://linux-ip.net/html/routing-saddr-selection.html http://linux-ip.net/gl/ip-cref/node155.html [6] http://iptables-tutorial.frozentux.net/ [7] http://mailman.ds9a.nl/pipermail/lartc/2003q1/007174.html [8] http://freshmeat.net/search/?q=iptables§ion=projects&x=0&y=0 -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Martin, so sorry my english.i am only read but dont write and talk. 1. if you can limit bandwidth for each client? YES 2. if you can use a single router with multiple IPs on a single ethernet interface? YES 3.if you can prevent the different client networks from communicating with each other? YES ok.understand all. -----Original Message----- From: Martin A. Brown [mailto:mabrown-lartc@securepipe.com] Sent: Wednesday, May 14, 2003 9:23 PM To: Ismet Sonmez Cc: lartc@mailman.ds9a.nl Subject: RE: [LARTC] new user Ismet, As you may have noticed we don''t really understand exactly what you wish to do. We understand that you have a number of "client" networks behind your router, and that you wish to use linux (LARTC), but we are not sure about the nature of your question. : it is possible in LARTC? Quite probably. I understand that there may be a linguistic barrier for you in communicating your question to the list, but we need to know more in order to engage your question. So please ask better questions in the future. With that said, here are some answers to the questions I thought you were asking: Are you asking 1. if you can limit bandwidth for each client? Yes. You''ll want to learn about HTB. You will probably wish to create a top-level class to limit the total bandwidth to the available bandwidth for all of your clients, and then create child classes alloting 128k for each client, e.g., 1:1 (77mbit) +--------+ 1:1001 (128kbit) +--------+ 1:1002 (128kbit) +--------+ 1:1003 (128kbit) ... +--------+ 1:1200 (128kbit) Your clients will still be "fighting" over any bandwidth left in class 1:1, but at least you can limit the total bandwidth that all of them will be able to consume. You can also cap each individual class by using the rate and ceil parameters for the child classes. There is a metric boatload of documentation on HTB by the author [1] and by Stef Coene [2]. OR : eth0 internet : eth1 local : i want 200 ip on eth1 2. if you can use a single router with multiple IPs on a single ethernet interface? Yes. You can trivially host multiple IPs on the same interface by making use of the "ip address add" command. I have not completed writing my documentation [3] and examples for this command, but the ip-cref manual [4] which comes with the iproute2 package will provide the necessary clues. In short, the machine can host many IPs on a single interface, and according to the rules for source address selection [5], should even generate ICMP messages from the correct IPs for your client networks. OR : > client1 not connect client200 3. if you can prevent the different client networks from communicating with each other? Yes. You can do so by using iptables. I would suggest the iptables tutorial [6] for an introduction to the capabilities of packet filtering with kernel 2.4 and iptables. You can also prevent different client networks from connecting to each other by using clever policy routing. See a discussion between me and Tomas Bonnedahl from earlier this year [7]. I would suggest using policy routing in addition to (not as a replacement for) correctly configured packet filters (see next answer). OR : > 7.client 10.client cant connect p2p. 4. if you can configure different packet filters for each client? Yes. You can do so by using iptables. I would suggest the iptables tutorial [6] for an introduction to the capabilities of packet filtering with kernel 2.4 and iptables. There are a large number of tools for automating the writing of packet filters. These tools can be found on freshmeat.net [8]. I would suggest choosing one of these after you understand how iptables can help you solve your problem. So, in short, Ismet, linux-2.4 can probably do what you want. Please feel free to ask more specific questions after you have familiarized yourself with the wealth of options. -Martin [1] http://luxik.cdi.cz/~devik/qos/htb/ [2] http://www.docum.org/ [3] http://linux-ip.net/html/tools-ip-address.html [4] http://linux-ip.net/gl/ip-cref/node22.html [5] http://linux-ip.net/html/routing-saddr-selection.html http://linux-ip.net/gl/ip-cref/node155.html [6] http://iptables-tutorial.frozentux.net/ [7] http://mailman.ds9a.nl/pipermail/lartc/2003q1/007174.html [8] http://freshmeat.net/search/?q=iptables§ion=projects&x=0&y=0 -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/