From: George Vasiliu <gvasiliu@bitdefender.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] HTB metro/international
Date: Sun, 13 Feb 2005 08:34:26 +0000 [thread overview]
Message-ID: <200502131034.26637.gvasiliu@bitdefender.com> (raw)
In-Reply-To: <200502121408.55574.gvasiliu@bitdefender.com>
On Saturday 12 February 2005 17:12, George Alexandru Dragoi wrote:
Ok. Thank you for the quick answer.
I will do what you have said and, hopefully I won't need help again :)
George
> http://metropolitana.loginet.ro/ and reat that stuff, or
>
> you can try to diferentiate metro/interfor for download asking your
> ISP if they set a specific DSCP for it. For upload limitting, i add
> routes for all metropolitan ips (or bgp does it automatically), and
> the default route has a special realm. You can then match the realm in
> FORWARD or POSTROUTING chain in mangle and set a mark to those
> packets, then mark every ip with a different mark. ex:
>
> eth0 - your ISP (let's say GTS)
> eth1 - your lan 192.168.1.0/24
>
> Gts uses 32 value as dscp for international traffic (0x20)
>
> tc qdisc add dev eth1 root handle 1: htb r2q 1
>
> tc class add dev eth1 parent 1: classid 1:999 htb rate 90mbit
> tc class add dev eth1 parent 1:999 classid 1:1 htb rate 2mbit
> tc class add dev eth1 parent 1:999 classid 1:998 htb rate 80mbit
> #client with ip 192.168.1.2 has at most 1mbit for metro, 128kbit for
> external tc class add dev eth1 parent 1:1 classid 1:2 htb rate 256kbit
> #Your total external bandwith
>
> tc class add dev eth1 parent 1:1 classid 1:11 htb rate 12kbit ceil
> 1mbit #metro for client 1
> tc class add dev eth1 parent 1:2 classid 1:21 htb rate 8kbit ceil
> 128kbit #external for first client
>
> FIlters are:
>
> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip dst
> 192.168.1.2/32 match tos 0x80 0xfc classid 1:21
> tc filter add dev eth1 parent 1: protocol ip prio 2 u32 match ip dst
> 192.168.1.2/32 classid 1:11
>
> A global filter for lan traffic would be:
> tc filter add dev eth1 parent 1: protocol ip prio 0 u32 math ip src
> 192.168.1.1/32 classid 1:998
>
> For upload, after you make a script to add all metropolitan routes:
>
> ip ro add $prefix via $isp_gw
>
> and the default route would be:
>
> ip ro add default via $isp_gw realm 6
>
> Check /etc/iproute2/rt_realms
>
> iptables -t mangle -N metro-up
> iptables -t mangle -N ext-up
> iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ext-up
> iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ACCEPT
> iptables -t mangle -A FORWARD -o eth0 -j metro-up
>
> iptables -t mangle -A ext-up -s 192.168.1.2 -j MARK --set-mark 0x21
> iptables -t mangle -A metro-up -s 192.168.1.2 -j MARK --set-mark 0x11
>
> add classes similar to eth1
>
> tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x21 fw classid
> 1:21 tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x11 fw
> classid 1:11
>
> On Sat, 12 Feb 2005 14:08:55 +0200, George Vasiliu
>
> <gvasiliu@bitdefender.com> wrote:
> > Hi all!
> > I have a problem setting up HTB on my home network.
> > I have a network: 192.168.1.0/24 and I want to limit the download to 200
> > KB to every IP from my city ( I have the IP's of most ISPs). The thing is
> > that I I want to limit the international traffic too (I do not use BGP)
> > and set it to 15 KB. Can someone help with this setup? Thanks!
> >
> > Best regards,
> > --
> > George
> >
> > --
> > This message was scanned for spam and viruses by BitDefender.
> > For more information please visit http://linux.bitdefender.com/
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
> --
> Bla bla
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
--
George Vasiliu
BitDefender Technical Support Engineer
-------------------------------------
SOFTWIN, Data Security Division
-------------------------------------
HEADQUARTERS:
e-mail: support@bitdefender.com
phone: +(4021) 233 18 52
fax: (+4021) 233.07.63
Bucharest, ROMANIA
http://www.bitdefender.com
http://www.softwin.ro
ESPAÑA:
e-mail: soporte@bitdefender-es.com
Barcelona, ESPAÑA
http://www.bitdefender-es.com
-------------------------------------
secure your every bit
-------------------------------------
--
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2005-02-13 8:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
2005-02-12 15:12 ` George Alexandru Dragoi
2005-02-12 16:44 ` gypsy
2005-02-13 1:08 ` Andy Furniss
2005-02-13 8:34 ` George Vasiliu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200502131034.26637.gvasiliu@bitdefender.com \
--to=gvasiliu@bitdefender.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.