Capping bandwidth based on src/dst ip

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hija,

sorry for sounding a little lost here but that's probably because I am.

Let me explain what I'm trying to do:
I've a gateways with one uplink and several disjoint networks beneath it
like:
                    | T1
                ---------
                |  GW   |
                ---------
               /         \ 
   -------------         -------------
   |10.0.0.0/24|   ...   |10.0.5.0/24|
   -------------         -------------

Now what I need is to simply classify users in the network segments into
speed classes (gold/silver/bronze) and cap their traffic at fixed levels
inbound and outbound. My idea was to simply add one class and one filter
per used ip which should be no problem, however I have no idea how to
get rid of this class and filter once the user vanished or replace it by
another value when a different users shows up taking the same address.

The problems are: How do I figure out the tree id from the ip? Or how
can I reconfigure the limit without knowing the id?

A different idea would be to add (say) 500 classes for each speed level
and remember the used/unused ones in the application and serve the next
free class to a user by creating a filter on logon and removing that
later on.

If you now say: Hey, that pretty easy; please hold on. :) Additionally I
don't know the addresses in advance because they're either served using
DHCP or set up in a fixed manner and routed thanks to arpspoofing so
this doesn't seem to make a good case for hashing. Also I somehow need
to also take care of the traffic which goes through transparent DNS and
http proxies.

Any help and ideas would be greatly appreciated.

-- 
Servus,
       Daniel

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux