Ricardo Rios wrote:>Is there any chance i can limit upload and download per IP on my
>local network ? i have a box with a external and internal interface,
>and like 150 IPs in use on network, i am actually using a TC scrip
>who limit only download, i want to know if is there any chance to
>limit upload/download per-IP using shorewall, and not just a
>segment, i need to give to every IP is own speed, like 192.168.2.200
>with 64kbps upload and 256kbps download, and 192.168.2.201 with
>36kbps upload and 128kbps download, and like that with the rest of
>the 150 IPs
Technically you can do it - buy you have to do it on the internal
network connection before everything has been NATed onto one public
IP. Since you can''t do TC scheduling on ingress, you''d have to
route
the traffic through an IFB* (Intermediate Function Block) which
effectively routes the traffic out and back in through a virtual
interface that you can apply the scheduling on.
* Is that the right one, I can never remember if that is the current
functionality, or the older one that''s been replaced.
In practical terms though, it''s going to be hard to do. 36kbps * 150
is about 5.4Mbps - so if you haven''t got that much upstream bandwidth
then you cannot give all clients that much committed bandwidth each.
The sum of all your committed rates at any level in the setup must
not exceed that in the next higher level. You can however give many
users a low committed bandwidth and allow them to burst to a much
higher rate.
I also wonder how effective such traffic control would be - whether
any of the available scheduling methods would cope well with that
many separate classes.
Also, when writing the rules, don''t forget to allow (effectively)
unlimited traffic to/from the firewall itself from/to the internal
machines if they may access anything on the firewall. I have traffic
logging going on on my routers at work, and so need to allow that
data to be accessed without throttling.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d