Ben wrote: > Hey guys, I'm looking for a way to limit ingress throughput for each > tcp session to a destination port on my server. I've found lots of > ways to limit total throughput to a given port on an ip-level, but > that's not quite the same thing. > > I'm somewhat surprised this doesn't seem to be implemented > already. Maybe it is and I'm not seeing it? I have a need for a very similar thing. But in my case, I wish to schedule tcp sessions to a different transfer class if they transfer faster than a certain speed. Doing this on the actual traffic control side of things seems tricky, since none of them have any notion of connections or tcp sessions. Doing this by the way of the 'connbytes' match, eg. by storing the data in the connection tracking table, seems rather easily doable. What you would wish to do is have a simple per connection token bucket, and just DROP every packet exceeding the rate in the connection, am I right? What I would wish is a bit more complex. I'd like to have per connection token bucket, but have it such that when it runs out of tokens, the rule stops matching, but every packet will still take whatever tokens there are in the bucket. And the rule would start matching again only after a certain amount of tokens has again been amassed in the bucket. This is to prevent too rapid churn between different transfer classes per connection. And I haven't found anything which would do this for me anywhere. So, I might code it myself if no other solution comes up. -- Naked _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
