>> I'll again do some advertisement for my bytelimit patch :-) >> it is a patch for netfilter (iptables) allowing to limit bandwidth, >> like the "limit" match but allowing to specify rates in bytes/second >> instead of packets/second. > Does it have a peakrate? If not, why not? sort of... it has a very simple algorithm : each "bytelimit" has a bucket of "tokens", each "token" allowing 1 byte to pass. the bucket has a maximal size, and "gains" X tokens per second, where X is the "nominal rate". you can set separately the bucket maximal size and the rate, so for instance, if you set 1000 bytes/second "rate", and 10000 "bucket size", you'll be able to do 2000 bytes/second during 10 seconds, or 10000 bytes/second during 1 second, and so on. of course, you can combine two rules, if you want to allow 1000 bytes per second on average, and 2000 bytes per second while 10 seconds but no more, just chain a 1000 bps rule with 10000 bucketsize, and a 2000 bps rule with 1600 bucketsize. the "rule of thumb" for bucketsize calculations should be : - no less than 1600 (that's roughly one ethernet frame) - rate/HZ for minimal burstiness (IIRC, HZ is 100 for intel, 1024 for alpha, don't know for others) of course, this patch is not as powerful as the full QoS+tc suite ; but it allows very simple and straightforward shaping. IMHO, the biggest flaw is the lack of qdisc, so it would be interesting to setup a 3-band qdisc respecting TOS marks, and set TOS marks with iptables. and before people start asking why is the point of this patch : if you have a nice way to configure your iptables rules (web interface for customers, or whatever), you are *very happy* to integrate bandwidth shaping into it, instead of having to design another interface for QoS, which would have to be coupled with the first one anyway :( . regards, Jerome Petazzoni <skaya at enix dot org> -- 'Things either exist or they don't,' said Jeremy. 'I am very clear about that. I have medicine.' (The Thief of Time)
