LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-02-2007, 06:25 AM   #1
kripz
LQ Newbie
 
Registered: Dec 2007
Posts: 18

Rep: Reputation: 0
Bandwidth limiting using iptables


Need help configuring my WRT54GL router, here is my message i posted on another forum which seems dead. This is regarding a program which generates scripts for bandwidth limitingm i dont have any linux knowledge so please bare with me.

Quote:
I want to have a list of MAC addresses that are NOT bandwidth limited.
MAC's NOT on the list are limited to X kpbs download and Y kpbs upload.

Using your program i tried using "secure your network" and modifying the script to limit to Xkpbs but i am not sure how to permit full bandwidth for the listed MAC's.
I tried adding users with 1kbps rate and ceiling of 1536, is this correct?

Here is the script generated by your program
Quote:
#--------------------------------------------
#WRT54 Script Generator v1.01
#(C) 2006-2007 Robert "Robson" Mytkowski
#--------------------------------------------
#Deleting root qdisc
tc qdisc del dev br0 root
#Creating new root qdisc
tc qdisc add dev br0 root handle 1: htb default 99
#Creating main class 1:1
tc class add dev br0 parent 1: classid 1:1 htb rate 1536kbit
#Creating users classes
tc class add dev br0 parent 1:1 classid 1:10 htb rate 1kbit ceil 1536kbit prio 2
tc class add dev br0 parent 1:1 classid 1:11 htb rate 1kbit ceil 1536kbit prio 2
tc class add dev br0 parent 1:1 classid 1:99 htb rate 1kbit ceil 1kbit
#Added class handles
#Adding packet matches
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000001 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:10
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000002 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:11
#Creating ingress qdisc for upload
tc qdisc add dev br0 ingress
#Adding packet matches
tc filter add dev br0 parent ffff: protocol ip handle 50 fw police rate 128kbit mtu 12k burst 10k drop
iptables -t mangle -A PREROUTING -m mac --mac-source 00:00:00:00:00:01 -j MARK --set-mark 50
tc filter add dev br0 parent ffff: protocol ip handle 51 fw police rate 128kbit mtu 12k burst 10k drop
iptables -t mangle -A PREROUTING -m mac --mac-source 00:00:00:00:00:02 -j MARK --set-mark 51
Does
Quote:
$TCA parent 1:1 classid 1:99 htb rate 1kbit ceil 1kbit
limit both upload and download?
How do i limit download to X and upload to Y?

These 2 classes are the same:
Quote:
#Creating users classes
$TCA parent 1:1 classid 1:10 htb rate 1kbit ceil 1536kbit prio 2
$TCA parent 1:1 classid 1:11 htb rate 1kbit ceil 1536kbit prio 2
can i reuse them like this:
Quote:
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000001 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:10
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000002 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:10
instead of:
Quote:
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000001 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:10
tc filter add dev br0 parent 1:0 protocol ip prio 2 u32 match u16 0x0800 0xFFFF at -2 match u32 0x00000002 0xFFFFFFFF at -12 match u16 0x0000 0xFFFF at -14 flowid 1:11
It would be nice if there is only one computer on the network (whos MAC is not on the list and therefore bandwidth limited) to be able to use all the bandwidth.

Im not sure but there should be a better way to achieve what im after.

Also with the classes if they are reusable i think you should add it to the next version as it saves space.

Thanks for your time.

EDIT: What is SFQ and what happens when your rates in the script are faster than actual sync speeds?
 
Old 12-04-2007, 04:05 AM   #2
checkmate3001
Member
 
Registered: Sep 2007
Location: Folsom, California
Distribution: Debian 4.0 (Etch), Debian 5.0 (Lenny), Ubuntu 8.04
Posts: 301

Rep: Reputation: 32
I don't know the answer, but are you using dd-wrt or something similar on the router? or is it stock firmware?
 
Old 12-04-2007, 05:22 AM   #3
kripz
LQ Newbie
 
Registered: Dec 2007
Posts: 18

Original Poster
Rep: Reputation: 0
tomato firmware
 
Old 12-04-2007, 09:11 PM   #4
yawe_frek
Member
 
Registered: Sep 2005
Distribution: feather 0.72-usb, DSL,CentOS,Ubuntu, Redhat 9
Posts: 144

Rep: Reputation: 15
stock or tomato !!!!!! al i know is i laughed
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bandwidth Limiting signature16 Linux - Software 4 05-21-2006 04:53 PM
"iptables tc" limiting bandwidth for specific port maxut Linux - Enterprise 0 09-09-2004 09:50 AM
bandwidth limiting help!!! jojo1031 Linux - Networking 1 08-23-2004 10:05 AM
Bandwidth limiting OmniXBro Linux - Software 2 06-14-2004 05:50 PM
Bandwidth limiting turb0freak Linux - Networking 10 08-15-2003 11:29 PM


All times are GMT -5. The time now is 07:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration