Hi , I need to limit traffic from my LAN (172.16.1.x/24) every IP. All IPs are with different speed. For example if I have BG_Traffic (couple LANs 212.50.16.0/24, 217.9.231.0/24, 195.24.39.0/24) and I have not_BG_Traffic (rest of Internet world). I want for example IP 172.16.1.10 to have 10K for BG_Traffic and 25K for not_BG_Traffic. IP 172.16.1.11 to have 6K for BG_Traffic and 64K for not_BG_Traffic. IP 172.16.1.12 to have 8K for BG_Traffic and 10K for not_BG_Traffic. All computer from LAN are connected on eth0 to 1 Linux mashine ( tc ,iptables ) Internet Traffic is from eth1 on same mashine +------------------------+ -LAN(172.16.1.x/24)---|eth0 Linux machine eth1 |---ISP +------------------------+ Can help me? Im newer with tc&iproute and this is very difficult for me. --- Emo __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/
Emil Terziev said:> Hi , > I need to limit traffic from my LAN (172.16.1.x/24) > every IP. > <snip> > I have BG_Traffic (couple LANs 212.50.16.0/24, > 217.9.231.0/24, 195.24.39.0/24) > and I have not_BG_Traffic (rest of Internet world). > I want for example > IP 172.16.1.10 to have 10K for BG_Traffic and 25K for > not_BG_Traffic. > IP 172.16.1.11 to have 6K for BG_Traffic and 64K for > not_BG_Traffic. > IP 172.16.1.12 to have 8K for BG_Traffic and 10K for > not_BG_Traffic. > <snip> > Can help me? Im newer with tc&iproute and this is > very difficult for me.If you look through the archive for this mailing list for an htb/tc script you should an example of how to classify traffic useing iptables for tc controlled shapers. As you want hard limits you may not want to use the prio settings. Obviously you wont want to use the iptables classifications I use (which go by traffic type) but use network matches instead. You should also read the htb manual (http://luxik.cdi.cz/~devik/qos/htb/) as it contains some useful worked examples that are pretty clear about the paremeters for htb shapers. Alex www.bennee.com/~alex/
the data transfer port of ftp (in most cases at least) is 20 at the service side. try to match this. i have done this before. bl>From: Stef Coene <stef.coene@docum.org> >To: "Nandan Kaushik" <nandan_kaushik@rediffmail.com>, lartc@mailman.ds9a.nl >Subject: Re: [LARTC] (no subject) >Date: Fri, 3 May 2002 12:21:13 +0200 > >On Friday 03 May 2002 11:09, Nandan Kaushik wrote: > > hi all, > > Iam using the following CBQs to limit the FTP bandwidth > > pease tell what changes are rquired to make it work.... >You are only matching port 21. This is only the command path. There is >also >a data-path in an ftp-channel. But the data-channel has no fixed ports. >So >you can''t match them. But there is a iptables-hack that can mark all >ftp-packets and after that you can use that mark with the fw filter to put >all packets in a class. > >Stef > > > > > tc qdisc del dev eth0 root > > tc qdisc add dev eth0 root handle 1:0 cbq allot 1514 avpkt 1000 > > bandwidth 100Mbit > > tc class add dev eth0 parent 1:0 classid 1:1 cbq allot 1514 > > bandwidth 100Mbit rate .4Mbit weight .4 prio 2 maxburst 20 cell > > 8 avpkt 1000 > > > > tc class add dev eth0 parent 1:0 classid 1:2 cbq allot 1514 > > bandwidth 100Mbit rate .6Mbit weight .4 prio 4 cell 8 maxburst > > 20 avpkt 1000 > > > > tc qdisc add dev eth0 parent 1:1 handle 10:1 sfq > > > > tc qdisc add dev eth0 parent 1:2 handle 20:1 sfq > > > > tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip > > sport 21 0xffff match ip dport 21 0xffff flowid 1:1 > > > > ip route add 172.17.1.0/24 via 172.17.1.0 dev eth0 realm 10 > > > > tc filter add dev eth0 parent 1:0 prio 2 protocol ip route to 10 > > flowid 1:2 > > > > Thanks > > NAndan > > _________________________________________________________ > > Click below to visit monsterindia.com and review jobs in India or > > Abroad > > http://monsterindia.rediff.com/jobs > > > > _______________________________________________ > > LARTC mailing list / LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >-- > >stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.openprojects.net >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.