On Friday 10 September 2004 01:57, Simon Byrnand wrote: > The scenario is a mailserver - say you want to limit individual TCP > sessions (pop3, smtp etc) to no more than 512Kbit so that an individual > session can't hog your bandwidth, but you don't want to place a maximum > limit on the TOTAL traffic. It's not quite clear to me what you want to do. Either you don't want to limit bandwidth and just make sure that one connection cannot choke the other - I'd use SFQ or similar for that, some kind of scheduler that makes sure that every connection gets it's turn. Or you want to limit traffic one way or another, then you have to put it into a traffic limiting QoS class. All connections together, of course. How to impose a bandwidth limit on a PER CONNECTION basis is quite a frequently asked question on this list, and I don't remember seeing any good answer for that one yet. But I don't even think that it's a good approach of shaping at all. You'd have to add another class for each connection, and no one can guarantee that summed together, these connections don't exceed the total bandwidth of your line. As long as you can open as many connections as you like, you can torpedize such a shaping setup easily. Especially if you don't know your users... users are intelligent and evil. As soon as they notice that some types of connections get better bandwidth than others, they'll start tunneling their data transfers... Andreas _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
