Re: Throttling or policing incoming bandwidth to my linux server

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tuesday 17 September 2002 20:02, Josh Chamas wrote:
> Does anyone have an idea on how to police incoming bandwidth
> to my server/workstation, in addition to outgoing.  I have
> a rule set like this so far that does well to limit my
> outbound traffic, but what could I add to this that would
> limit my inbound traffic to $LIMIT as well, ideally both
> inbound & outbound sharing the same $LIMIT say 200kbit.
If you create a imq devce (you need to patch kernel + iptables for this), you 
can redirect incomint and outgoing to this device so you can make sure IN + 
OUT < 200kbit.

> LIMIT=200kbit
> HOSTIP=NNN.NNN.NNN.NNN
>
> start () {
>      tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 10mbit
>      tc class add dev eth1 parent 1: classid 1:1 cbq rate $LIMIT allot 1500
> prio 5 bounded isolated tc filter add dev eth1 parent 1: protocol ip prio
> 16 u32 match ip src $HOSTIP flowid 1:1 tc qdisc add dev eth1 parent 1:1 sfq
> perturb 10
> }
>
> The reason I want this is to be able to limit my bandwidth
> to what I pay for at my colocation facility, & I only have
> one server/host machine there, no router.
>
> I have read the docs about policing bandwidth with little
> help, and it seems that when I try to reference the ingress
> rules, I get a kernel error, maybe its not compiled into my
> stock 7.2 redhat by default?  It sounded like ingress rules
> might be related to policing, if so I am out of luck.
You also need tc with ingress support.  Why not compile your own kernel ?  And 
I don't use RH, so I don't know if there kernels support ingress.

> The FreeBSD dummynet/ipfw implementation seem to handle this
> just fine out of the box, so I suspect this functionality
> is lurking in the tc rules, but have not found any online
> docs that seem to know how to clearly do it.
It is, ingress + policer is the answer.

Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux