Hi, First of all I must say that I''m a newbie in the network adimistration domain. I have the following situation: a network composed of ~10 computers which are connected to the internet through a gateway. The connection speed is 128kbps for the addresses outside my country, and 10mbps for the addresses in my country. I would like to set-up a traffic shaper on the router machine with the following features: - if all the users are browsing/downloading in the same time, the bandwidth must be equally shared - if the users are using file sharing software, their bandwidth for such applications must be limited to maximum 10kbps if noone else is requesting bandwidth for normal http transfers, else the bandwidth must be 0 for such applications. - i want also that some computers from the network to get priviledged access, with no restrictions If possible i wold also like that: - the users who are using network scanning software to have their bandwidth cut to 0 for a period The router has 2 NIC''s eth0 and eth1. eth0 is connected to the outside world and eth1 to the internal network. Can you help me with examples? What solutions do you advise me to implement? I know I can read the manuals (as most of my friends say), but it''s very difficult for me to get it right form the first time. Thanks, Adrian _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Buna ziua, Adrian :) Adrian Coman wrote:> - if the users are using file sharing software, their bandwidth for such > applications must be limited to maximum 10kbps if noone else is > requesting bandwidth for normal http transfers, else the bandwidth must > be 0 for such applications.There are two things that might be interesting for your work: 1. http://l7-filter.sf.net That''s a facility for either the QoS framework or iptables that enables to distinct between several application layer (iso layer 7, hence the name) protocols such as http and ftp. You could use that to apply special marks to packets which then help you to classify the packets. 2. http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html That''s an extenstion to iptables which allows to mark connections that belong to common peer-to-peer applications (which would be helpful to apply the above quoted rule). Unfortunately I can''t give you any more pointers, as I''m myself new to the whole QoS-stuff. But I hope this will help you a little. La revedere. Mike _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Michael Renzmann wrote:> 2. http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html > That''s an extenstion to iptables which allows to mark connections that > belong to common peer-to-peer applications (which would be helpful to > apply the above quoted rule).I personally use ipt_p2p for that and it gets job done pretty well. http://freshmeat.net/projects/ipt_p2p/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi. Artu-ras Šlajus wrote:> I personally use ipt_p2p for that and it gets job done pretty well. > http://freshmeat.net/projects/ipt_p2p/Thanks for the hint, I''ll give it a try. Bye, Mike _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/