>Hi to all, Hi, >This limit should be for upstram and dowstream >I searched around and have read a lot about: >shaper, wondershaper, tc, qdisc, etc. >But I'm not sure what are pro and cons of each method. >I'm sure you can tell more! I recommend using tc tool[1]& IFB device[2] & htb qdisc[3] & u32 filter[4] for the job. Following page contains HTB user guide with examples[5]. Building configuration to suit your needs shouldn't be too hard. If you have any problems just ask. General idea: - Let's assume eth0 is your upstream interface (to Internet) that you do NAT on and eth1 is downstream interface connected to servers, - Downstream shaping would be done on eth1, - Ingress traffic on eth1 would be redirected to ifb0 [2], - Upstream shaping would be done on ifb0 (source addresses of traffic from your servers would be pre-nat addresses, so no need for iptables packet marking - u32 filter[4] is usable). >And also about monitoring to see if it work: >ntop, sntop, iptraf, etc. tc tool[1] with specific parameters (eg. "tc -s -d class sh dev eth0") can show you rates and pps of each class on specified interface. Good luck in your endeavours. [1] http://linux.die.net/man/8/tc [2] http://www.linuxfoundation.org/en/Net:IFB [3] http://linux.die.net/man/8/tc-htb [4] http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-filter.u32.html [5] http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm Regards, Marek Kierdelewicz -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
