I think you can use tc divisor command to solve the problem? Regards, Horace Ng ----- Original Message ----- From: "Jérôme Féneau" <feneau@xxxxxxxxx> To: "Vitaly Repin" <vitaly_repin@xxxxxxxx> Cc: "lartc" <lartc@xxxxxxxxxxxxxxx> Sent: Tuesday, November 17, 2015 5:58:24 PM Subject: Re: Limiting bandwidth per user (unknown IP) Hi Vitaly, thanks for your inputs. Did you finally find a solution for your problem ? There are interesting things in your answer, here is what I noticed : "My current idea is to store mark in the shared memory and increment it with every new client." It could be a good solution but how do you achieve this ? And how do you accordingly create the relevant rules in tc ? Regards Jérôme 2015-11-17 10:13 GMT+01:00 Vitaly Repin <vitaly_repin@xxxxxxxx>: > Hello, > > I had a little bit more complicated task but I think you can take > some useful ideas from there: > http://www.spinics.net/lists/lartc/msg23254.html > > 2015-11-17 10:55 GMT+02:00 Jérôme Féneau <feneau@xxxxxxxxx>: >> >> Hello LARTC community, >> >> finally any idea how to implement traffic shhaping with netfilter and >> tc with unknown IP addresses and the same class of traffic for all ? >> >> Regards >> >> Jérôme >> >> 2015-11-14 17:46 GMT+01:00 Jérôme Féneau <feneau@xxxxxxxxx>: >> > Hi Yucong, >> > >> > HTTP server actually is not the first application that end-users >> > reach, but Varnish. And behind Varnish I have a NGINX web server. >> > >> > Regards >> > >> > Jérôme >> > >> > 2015-11-14 15:48 GMT+01:00 Yucong Sun <sunyucong@xxxxxxxxx>: >> >> What HTTP server you are using? nginx support per-conenction hashlimit >> >> pretty good. >> >> >> >> On Sat, Nov 14, 2015 at 8:09 PM, Jérôme Féneau <feneau@xxxxxxxxx> wrote: >> >>> >> >>> Hello LARTC community, >> >>> >> >>> I have a project where I want to limit bandwidth per user connection. For >> >>> instance all users that will be connecting to my HTTP server will be >> >>> provided 256 Kbps. >> >>> >> >>> I know how to do it from known IP addresses by marking and allocating each >> >>> IP to its own QoS class (actually they all have the same, ie 256 Kbps). >> >>> This involves to create a lot of lines (one by IP) in iptables and tc. >> >>> >> >>> The tricky thing - from my point of view - is to be able to dynamically >> >>> allocate each user (you don't know his IP in advance) to his QoS class >> >>> from >> >>> iptables and tc (reminder : all users must be allocated the same >> >>> bandwidth). >> >>> >> >>> I would sincerely appreciate your help on this. >> >>> >> >>> Regards >> >>> >> >>> Jérôme >> >>> -- >> >>> To unsubscribe from this list: send the line "unsubscribe lartc" in >> >>> the body of a message to majordomo@xxxxxxxxxxxxxxx >> >>> More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- > WBR & WBW, Vitaly -- Jérôme Féneau 06 67 31 46 07 Skypeid : jfeneau92 -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html