[LARTC] Equal bandwidth for any client (i.e. automatic class generation)
Hello, I'm looking how (if) can I solve the following problem using HTB and iproute2: I need to assing the same bandwidth limit to every client, but the problem is that clients will be random - i.e. I know niether number of clients no IP or MAC addresses. If anybody knows FreeBSD's ipfw2 - I'm looking for something like ipfw pipe 150 config mask dst-ip 0x bw 700Bytes/s best regards, Andriy Korud ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Equal bandwidth for any client (i.e. automatic classgeneration)
http://wipl-wrr.sourceforge.net/wipl.html this link should help some time back i deployed total bandwidth split to number of users online its worked great may be you look at this like hare - Original Message - From: Andriy Korud [EMAIL PROTECTED] To: lartc@mailman.ds9a.nl Sent: Friday, May 13, 2005 6:52 PM Subject: [LARTC] Equal bandwidth for any client (i.e. automatic classgeneration) Hello, I'm looking how (if) can I solve the following problem using HTB and iproute2: I need to assing the same bandwidth limit to every client, but the problem is that clients will be random - i.e. I know niether number of clients no IP or MAC addresses. If anybody knows FreeBSD's ipfw2 - I'm looking for something like ipfw pipe 150 config mask dst-ip 0x bw 700Bytes/s best regards, Andriy Korud ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Traffic shaping problem
Dear all, I am a newbie,so excuse me if I ask stupid things. I have a proxy server with 2 nic,a subnet for wirelesslan (with DHCP),and I would like to limit up/download speed to every client, who is connected to this network. After reading howto I think the only one solution is to create classes for all possible hosts, with 1024k limits(for one client) and I create rules to assign classes to IP addresses. (class 1:1=match 192.168.0.2, class1:2=match 192.168.0.3, etc.) It means that I have to create 254 (one C class) classes,I'm afraid thatthere will be too mutchrules. Is there any other solution? Thank you. Peter. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Equal bandwidth for any client (i.e. automatic classgeneration)
On Fri, May 13, 2005 at 07:18:45PM +0530, hareram wrote: http://wipl-wrr.sourceforge.net/wipl.html total bandwidth split to number of users online its worked great I second that. Check out my linux distribution Route Hat (or its traffic control script) which allows you to set it up quickly. Bye, Peter Surda (Shurdeek) [EMAIL PROTECTED], ICQ 10236103, +436505122023 -- They say when you play that M$ CD backward you can hear satanic messages. That's nothing. If you play it forward it will install Windows. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] tableview.sh
netfilter and lartc members I just thought it's time I contribute. I created this little script to help me while setting up iptables rules for firewalling, shaping or both. I hope this helps someone. Called tableview.sh, inspired by Table Mountain, Cape Town, ZA :) --- SOF #!/bin/sh # # /\/\/\ # /__\ # # Simple loop for keeping track of what is happening in a # iptables setup # table_filter(){ echo echo FILTER TABLE echo echo iptables -nvL } table_mangle(){ echo echo MANGLE TABLE echo echo iptables -nvL -t mangle } table_nat(){ echo echo NAT TABLE echo - echo iptables -nvL -t nat } footer(){ echo echo - echo Show table: [F]ilter, [M]angle, [N]AT or hit return to reload } last=filter while [ 1 ]; do clear case $REPLY in F | f ) table_filter last=filter ;; M | m ) table_mangle last=mangle ;; N | n ) table_nat last=nat ;; Q | q ) exit 0 ;; *) table_$last ;; esac footer read done --- EOF --- Regards -- Kenneth Kalmer [EMAIL PROTECTED] http://opensourcery.blogspot.com ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] SQLiaison E-Mail Virus Alert
SQLiaison Mail Server: GroupShield Alert The email server has discovered a problem with the following email. Please note that the sender of the email will not be notified with this message. More information : Date/Time sent: 13 May 2005 13:17:01 Subject line: [LARTC] Re: From: [EMAIL PROTECTED] To: LARTC Action taken: Deleted Virus Found: W32/[EMAIL PROTECTED] Reason: Anti-Virus Rule Group: For additional information, please contact SQLiaison Support Team [EMAIL PROTECTED] ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Qdisc requeue should be void?
There is an design problem with the qdisc interface that causes qlen related bugs in netem, tbf, and other qdisc's that peek at the top of the queue. The problem is that requeue needs to be called from the dequeue function but requeue can fail. If requeue fails, then the calling qdisc can not properly handle the error. If it returns NULL, then the parent's expectation about qlen gets messed up. Example: prio (qlen = 1) skb = netem dequeue skb = htb dequeue ... decides not to send this skb now htp requeue(skb) fails ?? what now --netem.qlen // := 0 return NULL skb is NULL at this point prio qlen is 1 but underlying queue's are empty. My proposal is to require requeue to always succeed and change it to be void instead of returning int. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] New shaping program - ist-shaper
Hi al.. I just write program that helps to configure tc with HTB and iptables CLASS extension. Its written in perl and uses Apache like config files. Program can be found on http://sourceforge.net/projects/ist-shaper/ or http://www.ingwar.eu.org/ist-shaper/ In few days will be new version with time aware rules. The simply config file looks like this. ### # It's a simple example of a config file for Ist Shaper # It only prioritizes outgoing traffic on interface eth0 (128Kbit bandwidth) # by source and destination port. # # +--+ # | htb 1:1 128Kbit | # ++++ # | htb 1:10 96Kbit prio 1 | htb 1:10 64Kbit prio 2 | htb 1:10 32Kbit prio 3 | # ++++ # | ssh/telnet/dns | http/https/pop3/smtp | rest | # ++++ # # Root rule (htb 1:1) divides into 3 classess, each allocating part of total # bandwidth (96Kbit, 64Kbit, 32Kbit). # # More complex and working example can by found in file complex.conf # ### # location of log file Log_file = /var/log/ist.log # use RETURN target for each rule in class to avoid re-classifing of packets # generaly it's good idea Return_Rules = 1 ### # interfaces ### # outgoing interface (128Kbit) Device eth0 # Total bandwidth for a device (default 128Kbit) Rate = 128Kbit # default class for qdisc, it is used only if NO OTHER rule will match. # It should be empty, used only by tc Default = 30 ### # classes ### # Highest priority rule, for interactive sessions, like SSH/telnet/etc Class 10 Rate = 96Kbit Prio = 1 Rule = -p tcp --source-port ssh Rule = -p tcp --destination-port ssh Rule = -p tcp --source-port telnet Rule = -p tcp --destination-port telnet Rule = -p udp --source-port domain Rule = -p udp --destination-port domain /Class # Next rule for services that need some bandwidth, but not so demanding # as interactive sessions (like www browsing... you wouldn't notice # page being loaded 0.5 second longer, but in SSH you would) Class 20 Rate = 64Kbit Prio = 2 Rule = -p tcp --source-port http Rule = -p tcp --destination-port http Rule = -p tcp --source-port https Rule = -p tcp --destination-port https Rule = -p tcp --source-port pop3s Rule = -p tcp --destination-port pop3s Rule = -p tcp --source-port smtp Rule = -p tcp --destination-port smtp /Class # all of the rest (of corse you could add more classes, look for them in # complex.conf example) # This class is default one (See line above defining Default), it is not # defined in iptables, used only in tc. Class 30 Rate = 32Kbit Prio = 3 /Class /Device -- Lemmings don't grow older, they just die. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Strange pings.
Andy Furniss wrote: PPS. Is it possible to create a filter that will match all packets? I don't know about all, but all per protocol like - .. protocol ip prio 10 u32 match u32 0 0 .. .. protocol arp prio 11 u32 match u32 0 0 .. You can use .. protocol all prio 1 u32 match u32 0 0 .. for some reason when I tried, it gave an error - I must have made a mistake as I have just run a script which uses it and it's OK. Andy ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Need some help
Hi all, I have read the larc howto and I need to apply a traffic shaper with this configuration: router / two interface etho and eth1 lan lan is on eth1 and on eth0 I've the dsl connection (1.2 Mbit / 256 kbit) I need to limit the bandwith towards lan and I've thought at HTB and tcng. I write the script belove. I want limit the p2p and ftp (ssh and irc) connection at 15 kBps (128 kbps) and the other type of traffic at 32 kBps (256kbps). Is the script right? Moreover I want understand better how htb work: I can shape the traffic router-lan but I can't shape traffic lan-router, is it right? In this way I can limit the bandwidht towards lan, but I have the bandwith towards router always full. Thanks P.S.: sorry for my very bad english :) # script # /* *Simply tcng traffic control file. */ #define INTERFACE eth1 dev INTERFACE { egress { class( $p2p ) if tcp_sport == 4662 if udp_sport == 4672 if udp_sport == 4666 if tcp_sport == 6882 if tcp_sport == 6346 class ( $ftp ) if tcp_sport == 21 if tcp_sport == 22 || ip_tos_delay == 1 if tcp_sport == 6667 || tcp_dport == 7000; class ( $def ) if 1 ; htb () { class ( rate 256kbps, ceil 256kbps ) { $p2p = class ( rate 56kbps, ceil 128kbps ) { sfq; } ; $ftp = class ( rate 56kbps, ceil 128kbps ) { sfq; } ; $def = class ( rate 256kbps, ceil 256kbps ) { sfq; } ; } } } } ## -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Digitalpix: Il metodo piĆ¹ comodo, veloce e conveniente * per stampare le tue foto digitali migliori. Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=1523d=14-5 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Need some help
Hi.. Hi all, I have read the larc howto and I need to apply a traffic shaper with this configuration: router / two interface etho and eth1 lan lan is on eth1 and on eth0 I've the dsl connection (1.2 Mbit / 256 kbit) Thats most common config.. (same as mine) I need to limit the bandwith towards lan and I've thought at HTB and tcng. I write the script belove. I want limit the p2p and ftp (ssh and irc) connection at 15 kBps (128 kbps) and the other type of traffic at 32 kBps (256kbps). Is the script right? Moreover I want understand better how htb work: I can shape the traffic router-lan but I can't shape traffic lan-router, is it right? In this way I can limit the bandwidht towards lan, but I have the bandwith towards router always full. You can shape from lan to router but only In ingress qdisc what is not a good idea. If you want prevent your lan users from uploading too much you can limit your outgoing traffic on dev eth0. Thanks P.S.: sorry for my very bad english :) # script # /* *Simply tcng traffic control file. */ #define INTERFACE eth1 dev INTERFACE { egress { class( $p2p ) if tcp_sport == 4662 if udp_sport == 4672 if udp_sport == 4666 if tcp_sport == 6882 if tcp_sport == 6346 class ( $ftp ) if tcp_sport == 21 if tcp_sport == 22 || ip_tos_delay == 1 if tcp_sport == 6667 || tcp_dport == 7000; class ( $def ) if 1 ; htb () { class ( rate 256kbps, ceil 256kbps ) { $p2p = class ( rate 56kbps, ceil 128kbps ) { sfq; } ; $ftp = class ( rate 56kbps, ceil 128kbps ) { sfq; } ; $def = class ( rate 256kbps, ceil 256kbps ) { sfq; } ; } } } } ## -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Digitalpix: Il metodo piy comodo, veloce e conveniente * per stampare le tue foto digitali migliori. Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=1523d=14-5 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Traffic shaper using iptables and tc-HTB. Ist-shaper (http://sourceforge.net/projects/ist-shaper/) ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Re: Equal bandwidth for any client
Hi, If you are running brctl tool on the linux box then there is a command that will automatically determine the number ofMAC addressesin the network #brctl showmacs bridge nameport number of ur lan interfce grep -v -w port | wc -l Ex: #brctl showmacsabcd 1 grep -v -w port| wc -l Note that, for this to work your box should be confogurred as a bridge in promiscuous mode I use this method to automatically determine the number of MAC addresses in my LAN.. Use this in combination with crontab to do the job.. Hope, this helps. Regards KartheeK Yahoo! India Matrimony: Find your life partner online.___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Re: Equal bandwidth for any client
Hi, If you are running brctl tool on the linux box then there is a command that will automatically determine the number ofMAC addressesin the network #brctl showmacs bridge nameport number of ur lan interfce grep -v -w port | wc -l Ex: #brctl showmacsabcd 1 grep -v -w port| wc -l Note that, for this to work your box should be confogurred as a bridge in promiscuous mode I use this method to automatically determine the number of MAC addresses in my LAN.. Use this in combination with crontab to do the job.. Hope, this helps. Regards KartheeK Yahoo! India Matrimony: Find your life partner online.___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc