I got little stuck with my configuration :
I have network like this :
ADSL<---(ppp0 in eth0 : pppoe)---> [Linux BOX : squid+LAN portal+samba ] <---> LAN
ADSL link down/up = 256kbps/64kbps
ADSL ppp0/eth0 = public IP
eth1 = 172.16.1.1/24
LAN = 172.16.1.0/24
in linux box I run squid transparent proxy in port 8080, web server, and samba file sharing.
I already masquerade all traffic in ppp0 using :
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
proxy redirection success with this command :
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
I have limit bandwidth for all client (one-by-one) with this script :
#!/bin/sh
tc qdisc del dev eth1 root
tc qdisc add dev eth1 root handle 1: htb default 9999
tc class add dev eth1 parent 1:0 classid 1:10 htb rate 100Mbit
RATE=92kbit
tc class add dev eth1 parent 1:10 classid 1:100 htb rate $RATE
tc qdisc add dev eth1 parent 1:100 sfq quantum 1514b perturb 15
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 172.16.1.2/32 flowid 1:100
tc class add dev eth1 parent 1:10 classid 1:200 htb rate $RATE
tc qdisc add dev eth1 parent 1:200 sfq quantum 1514b perturb 15
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 172.16.1.3/32 flowid 1:200
tc class add dev eth1 parent 1:10 classid 1:300 htb rate $RATE
tc qdisc add dev eth1 parent 1:300 sfq quantum 1514b perturb 15
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 172.16.1.4/32 flowid 1:300
tc class add dev eth1 parent 1:10 classid 1:400 htb rate $RATE
tc qdisc add dev eth1 parent 1:400 sfq quantum 1514b perturb 15
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 172.16.1.5/32 flowid 1:400
tc class add dev eth1 parent 1:10 classid 1:9999 htb rate 8Kbit
this is my problem:
1. how to make total bandwidth down/up for client only 48kbps/240kbps with class :
- DNS, ssh and telnet, messenger (YM, MSN) -> 1st priority -> 30% of 48kbps/240kbps
- http/https -> 2nd priority -> 50% of 48kbps/240kbps
- others (online game, etc) -> 20%.
2. how to make each class above shared fairly for all client, and all class able to share each other if there're any unused bandwidth. so, no one able use full bandwidth when other clients are online except able to use all 48kbps/240kbps if only himself online that time.
3. how to make all client able to access the router 172.16.1.1 services without queuing in these class above, so all client able access to router service (internal portal, samba file sharing) without any traffic limit (use full speed ~ 100Mbps).
4. how to make all client able to access cache that already exist in proxy without limit.
I would be very grateful if you could give me any suggestions to solve this problem...
regards,
denny
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc