I want a small excersize to understand how everything fits together. What I''d like to do is limit incoming ftp traffic to 10k/second. That''s all. This should be enough to understadn how everything works. Can someone help me with a quick recipe? Thanks -jeremy _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi, Try a simpler exercise first..... Try limiting your http traffic on port 80 (or 8080 if you have a proxy server) to 10k/second. The info for the above in in the LARTC HowTo document. ftp is much more difficult to filter due to the ports used -- see other posts in this maillist. Regards John Cushnie >>> -----Original Message----- >>> From: lartc-admin@mailman.ds9a.nl >>> [mailto:lartc-admin@mailman.ds9a.nl]On >>> Behalf Of Jeremy Hansen >>> Sent: 19 March 2003 15:26 >>> To: LARTC@mailman.ds9a.nl >>> Subject: [LARTC] very simple problem to help me understand >>> >>> >>> >>> I want a small excersize to understand how everything fits >>> together. What >>> I''d like to do is limit incoming ftp traffic to 10k/second. >>> That''s all. >>> This should be enough to understadn how everything works. >>> Can someone >>> help me with a quick recipe? >>> >>> Thanks >>> -jeremy >>> >>> _______________________________________________ >>> LARTC mailing list / LARTC@mailman.ds9a.nl >>> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: >>> http://lartc.org/ >>> >>> _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Sadly, you have chosen the most difficult protocol (from the network layer perspective) to start with. See recent FTP threads: http://mailman.ds9a.nl/pipermail/lartc/2003q1/007545.html http://mailman.ds9a.nl/pipermail/lartc/2003q1/007577.html Might I suggest using tcng? It is much more generally intelligble to non-specialists than tc syntax. I have recently made available a brief introductory article [1] on tcng usage. In order to get "everything" in perspective you may find that an attentive reading of the LARTC HOWTO [2] will put you a leap forward. Also don''t forget the generally instructive documentation about HTB (since you''ll probably be using HTB) [3]. And Stef Coene''s site is pretty much required reading for a detailed understanding of linux traffic control [4], complete with examples, graphs, diagrams and ample explanatory text. Also check the newly deployed FAQ-o-Matic [5]. -Martin [1] http://linux-ip.net/articles/htb-and-tcng.html [2] http://lartc.org/howto/ [3] http://luxik.cdi.cz/~devik/qos/htb/ [4] http://www.docum.org/ [5] http://www.docum.org/stef.coene/qos/faq/cache/1.html : I want a small excersize to understand how everything fits together. What : I''d like to do is limit incoming ftp traffic to 10k/second. That''s all. : This should be enough to understadn how everything works. Can someone : help me with a quick recipe? : : Thanks : -jeremy : : _______________________________________________ : LARTC mailing list / LARTC@mailman.ds9a.nl : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
ASCII art below: Internet ======== eth0-Linux-eth1===== LAN Assuming ftp traffic is active thus ftp-data port is 20 and connection port is 21. PASV uses high ports available and would be more cumbersome to filter. Incoming traffic on eth0 from the Internet is outgoing traffic on eth1 (Remember only outgoing traffic can be shaped). Shaping ftp traffic on eth1 will be equivalent to shaping incoming traffic on eth0. tc qdisc add dev eth1 root handle 1 htb default 20 tc class add dev eth1 parent 1: classid 1:10 htb rate 10kbit tc class add dev eth1 parent 1: classid 1:20 htb rate 100kbit ceil 128kbit #Match ftp and direct to class 1:10 tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dport 21 classid 1:10 tc filter add dev eth1 parent 1:0 protocol ip u32 match ip dport 20 classid 1:10 This should get you started. Hook on to http://www.docum.org and you''ll get some good stuff. Mohan -----Original Message----- From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Jeremy Hansen Sent: Wednesday, March 19, 2003 8:56 PM To: LARTC@mailman.ds9a.nl Subject: [LARTC] very simple problem to help me understand I want a small excersize to understand how everything fits together. What I''d like to do is limit incoming ftp traffic to 10k/second. That''s all. This should be enough to understadn how everything works. Can someone help me with a quick recipe? Thanks -jeremy _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/