On Saturday 12 February 2005 17:12, George Alexandru Dragoi wrote: Ok. Thank you for the quick answer. I will do what you have said and, hopefully I won't need help again :) George > http://metropolitana.loginet.ro/ and reat that stuff, or > > you can try to diferentiate metro/interfor for download asking your > ISP if they set a specific DSCP for it. For upload limitting, i add > routes for all metropolitan ips (or bgp does it automatically), and > the default route has a special realm. You can then match the realm in > FORWARD or POSTROUTING chain in mangle and set a mark to those > packets, then mark every ip with a different mark. ex: > > eth0 - your ISP (let's say GTS) > eth1 - your lan 192.168.1.0/24 > > Gts uses 32 value as dscp for international traffic (0x20) > > tc qdisc add dev eth1 root handle 1: htb r2q 1 > > tc class add dev eth1 parent 1: classid 1:999 htb rate 90mbit > tc class add dev eth1 parent 1:999 classid 1:1 htb rate 2mbit > tc class add dev eth1 parent 1:999 classid 1:998 htb rate 80mbit > #client with ip 192.168.1.2 has at most 1mbit for metro, 128kbit for > external tc class add dev eth1 parent 1:1 classid 1:2 htb rate 256kbit > #Your total external bandwith > > tc class add dev eth1 parent 1:1 classid 1:11 htb rate 12kbit ceil > 1mbit #metro for client 1 > tc class add dev eth1 parent 1:2 classid 1:21 htb rate 8kbit ceil > 128kbit #external for first client > > FIlters are: > > tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip dst > 192.168.1.2/32 match tos 0x80 0xfc classid 1:21 > tc filter add dev eth1 parent 1: protocol ip prio 2 u32 match ip dst > 192.168.1.2/32 classid 1:11 > > A global filter for lan traffic would be: > tc filter add dev eth1 parent 1: protocol ip prio 0 u32 math ip src > 192.168.1.1/32 classid 1:998 > > For upload, after you make a script to add all metropolitan routes: > > ip ro add $prefix via $isp_gw > > and the default route would be: > > ip ro add default via $isp_gw realm 6 > > Check /etc/iproute2/rt_realms > > iptables -t mangle -N metro-up > iptables -t mangle -N ext-up > iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ext-up > iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ACCEPT > iptables -t mangle -A FORWARD -o eth0 -j metro-up > > iptables -t mangle -A ext-up -s 192.168.1.2 -j MARK --set-mark 0x21 > iptables -t mangle -A metro-up -s 192.168.1.2 -j MARK --set-mark 0x11 > > add classes similar to eth1 > > tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x21 fw classid > 1:21 tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x11 fw > classid 1:11 > > On Sat, 12 Feb 2005 14:08:55 +0200, George Vasiliu > > <gvasiliu@xxxxxxxxxxxxxxx> wrote: > > Hi all! > > I have a problem setting up HTB on my home network. > > I have a network: 192.168.1.0/24 and I want to limit the download to 200 > > KB to every IP from my city ( I have the IP's of most ISPs). The thing is > > that I I want to limit the international traffic too (I do not use BGP) > > and set it to 15 KB. Can someone help with this setup? Thanks! > > > > Best regards, > > -- > > George > > > > -- > > This message was scanned for spam and viruses by BitDefender. > > For more information please visit http://linux.bitdefender.com/ > > > > _______________________________________________ > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > -- > Bla bla > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- George Vasiliu BitDefender Technical Support Engineer ------------------------------------- SOFTWIN, Data Security Division ------------------------------------- HEADQUARTERS: e-mail: support@xxxxxxxxxxxxxxx phone: +(4021) 233 18 52 fax: (+4021) 233.07.63 Bucharest, ROMANIA http://www.bitdefender.com http://www.softwin.ro ESPAÃ?A: e-mail: soporte@xxxxxxxxxxxxxxxxxx Barcelona, ESPAÃ?A http://www.bitdefender-es.com ------------------------------------- secure your every bit ------------------------------------- -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://linux.bitdefender.com/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
