Re: Limiting bandwidth on router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 23, 2010 at 6:53 PM, Pascal Hambourg
<pascal.mail@xxxxxxxxxxxxxxx> wrote:
> Hello,
>
> Elison Niven a écrit :
>>
>> I have an ARM based board with 2 ethernet interfaces eth0 and eth1.
>> eth0 - LAN interface. 192.168.2.149
>> eth1 - WAN interface. 192.168.1.149
>> I have setup a simple router using iptables that allows PCs on the LAN
>> to browse the internet via the WAN.
>> I want to limit incoming bandwidth on the LAN interface to about
>> 8mbit/s as when there are massive data transfers initiating from the
>> PCs on the LAN, the system is under heavy load and is not able to
>> execute any applications.
>>
>> I tried to limit the bandwidth using tc's tbf and ingress but it isn't
>> really working well.
>> For example from a PC on the LAN (ip 192.168.2.13, default gw
>> 192.168.2.149)
>> # ping -f -s 1000 192.168.1.3
>> This is correctly limited and ping results show the loss.
>>
>> # ping -f -s 1 192.168.1.3
>> Here the system is under heavy load and is not able to execute any
>> applications. No loss in ping.
>
> This result may indicate that the router's load depends more on the packet
> rate than the bandwidth, which makes sense. So it may be more efficient to
> limit the packet rate instead of the bandwidth.
>
>> Also when I create a udp socket from this PC to an address on the WAN,
>> the rate is not limited.
>> #./udpclient 20000 192.168.1.3 20000 1000
>> This utility sends 20000 packets of 1000 bytes each to 192.168.1.3.
>> Here also the rate is not limited.
>
> I did not understand well whether you want to limit incoming (WAN to LAN) or
> outgoing (LAN to WAN) traffic. The ping test above does not tell whether
> incoming (echo reply) or outgoing (echo request) traffic is limited.
>
> Also, remember that by definition received traffic rate cannot be directly
> controlled. All you can do is drop incoming packets. Due to TCP
> acknowledgement and congestion control mechanism, the sender will interpret
> the packet loss as congestion and reduce the sending rate. But UDP has no
> such mechanism. Anyway, does this really matter ? If the heavy data
> transfers use TCP, it should work. Did you test it ?
>
>
>

Thanks for the reply, I will test with tcp and send the relevant
iptables and tc rules that i have used.

Regards,
Elison
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux