router of a huge network... need a little help here.
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
router of a huge network... need a little help here.
Ok, by huge network I don't mean with a lot of computers, I mean with a lot of usage. hehehe...
Here is the problem: I have a linux box with red hat7.1 as a router/firewall. And I have 5 other computers on the network.
I was wandering if there is a way (I'm thinking squid) to limit the maximum bandwidth available for each machine.
Ok, I know there is a way, ISP's do it all the time, but I was wandering if it was hardware or software managed. And if it is software what kind of software... and if it is hardware... is it too expensive for a home LAN?.
I know this will limit my bandwidth all the time, but I think it is worth it. Does this 'splitter' support 'over-selling'??? (you know, when they say they sell you 128kbps but they use the same 128 for 3 or 4 users.
1. Compile you kernel with some QoS options and advanced router options, for iptables the mark options
2. Write rules in the mangle table to mark the packets reagrding from which machine they come from (you could use the mac address)
3. Create your queueing disciple and your classes and attach the mark packets to the class you want it to belong to.
Ok... I didn't understand a thing. what is QoS (queue of service?) iroute2 and netfilter... do I need to recompile my kernel to enable them? becaus I don't like to recompile it... it is trickie and I'm using a special kernel (for alpha processors)...
could you please be a little more clear... and give me a few addresses where I can find info about what you are talking about...
Ok, the problem is that I'm using an alpha procesor. an alphaserver. So, I don't have the same kind of boot loader and I think that toms root boot wont work. IF something goes wrong with my recompile or if I lose my OS I'll have to reintall EVERYTHIN... and that will take a few hours... not to mention that I won't have access to internet in any other machine.... AND I dont have a contigency. is there something like step-by-step guide to recompile your kernel... I've never done that alone... so... I thik a guide would be great...
about netfilter and iproute2 I've found a lot of documentation... but about kernel recompilation... none. could you help me on this one please. THANKS.
first download the latest kernel (or one that works) 2.4.18 work well, but the latest is 2.4.20
Copy it in /usr/src and decompress it.
do make config or make menuconfig (requires libncurses-dev) or make xconfig depending if you want text mode, bash windows or Xwindow style
The (this is the most difficult)
choose your options in the kernel, this part is very important and will cause you a kernel panic or minor problems if you forget something. Save your kernel configuration once you've finished
the make dep && make bzImage && make modules && make modules_install
(be carefull if you're using the same version of your kernel you have to back up your modules !!!)
The make a dual boot with you're old kernel and your new one (very important !!!! if it crashes)
And that's all !!!
Try to find a junk machine to get some trainning with recompilation.
If you're confident make sure you have a nice dual boot on your alpha machine.
I would advice you to ask help to a good sysadmin besides you to help to configure the kernel.
btw the command dmesg|less will help you to configure the kernel
Peter, I appreciate a lot that link. It would have taken me over two weeks to find it... excuse my previous post.. but it is just true.
I thinkI can work it out now... I'll post here a step-by-step guide as soon as I'm done.
Thanks.
BTW: what ports does KAZAA use?? cause it would be a hard task to isolate them using the tcpdump... hehe... I'll try google... but I don't know what will come out.
Kazaa starts by using tcp port 1214 but can re-establish p2p connections on other low number ports.
You may wish to limit by user or local_ip if there are a lot of connections. One trick I have used is to allow only 1 big pc external access, then the local users must talk internally to this p2p. When Kazaa starts, it creates a huge scanning storm looking for port 1214 in every possible ip range.
When I search Google, I just use keywords, eg "bandwidth control"
When I search tldp, I use this page first ..http://tldp.org/HOWTO/HOWTO-INDEX/howtos.html
then in the browser, the EDIT, Find in this Page, "Keyword" combination.
So, how do I control the bandwidth in kazaa? I have a big PC... it works as router/firewall And I kind of don't understand what you are saying... If i understood correctly then kazaa uses port 1214... but can use lower number ports??? is that it?. If so... how do I limiti them?.
Another question... Is there a BIG site for IPTraf and SQUID??? like php.net or samba.org but for those utilities... because I need special bouilds or source code...
I have a windoze pc set up to be a kazaa p2p member.
It's the ONLY pc that can connect directly past the firewall, everyone else is dropped, so they are forced to talk to this pc to get their sharing to work.
If Kazaa starts with it's entire internet ip scan, (it can be made to look for single ip numbers) I drop these as well.
It's a BIG pc coz it will hold a huge amount of "files".
I now only have to control the traffic from this one internal pc now, kazaa is all it does.
Kazaa starts by using destination port 1214 but will use higher numbers later, making it hard to control if everyone is using it externally.
Practise your Google search for iptraf & squid !! Enjoy !!
ok... but the problem is how to control the traffic... I use it on tow PCs so it shouldn't be that hard... First I want to limit the use of kazaa to 15KBps. the rest I don't care... we don't download mp3 or avi from http servers... (that is why we use kazaa).
Ok... I was reading that how to... and in the squid configuration file there are a few lines I don't know what they are for...
Code:
#To make our connection even faster, we put two lines similar
#to the ones below. They will point a parent proxy server our own Squid
#will use. Don't forget to change the server to the one that will
#be fastest for you!
#Measure pings, traceroutes and so on.
#Make sure that http and icp ports are correct.
#Uncomment lines beginning with "cache_peer" if necessary.
#This is the proxy you are going to use for all connections...
#cache_peer w3cache.icm.edu.pl parent 8080 3130 no-digest default
#...except for the connections to addresses and IPs beginning with "!".
#It's a good idea not to use a higher
#cache_peer_domain w3cache.icm.edu.pl !.pl !7thguard.net !192.168.1.1
#This is useful when we want to use the Cache Manager.
#Copy cachemgr.cgi to cgi-bin of your www server.
#You can reach it then via a web browser typing
#the address http://your-web-server/cgi-bin/cachemgr.cgi
cache_mgr your@email
cachemgr_passwd secret_password all
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.