* [LARTC] Traffic shaper based on UIDs
@ 2006-09-02 16:23 vit
2006-09-08 21:53 ` Andreas Mueller
2006-09-08 22:09 ` vit
0 siblings, 2 replies; 3+ messages in thread
From: vit @ 2006-09-02 16:23 UTC (permalink / raw)
To: lartc
Hello!
I need assistance to solve my problem related to traffic shaping based on
the user ids.
The problem: each unix user (of the linux host) has to be limited with
incoming channel (internet) bandwidth. I need this to implement
internet access solution based on ltsp (http://www.ltsp.org).
As far as I know the best way to shape traffic in linux is CBQ.
But there is no filter based on unix user id (the reason is clear for
everybody -- ip packet doesn't contain this information).
I've found the very interesting netfilter patches at the patch-o-matic:
http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-owner-socketlookup
http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-owner-supgids
http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-ip_queue_vwmark
Am I on the right way? How can I combine the power of netfilter and
traffic control systems to solve my problem?
I am new in this topic, so excuse me if my questions are too simple or "dummy" ::-)
Thank you beforehand!
--
Sincerely yours, Vitaly Repin
Ice Brains Software, ltd
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] Traffic shaper based on UIDs
2006-09-02 16:23 [LARTC] Traffic shaper based on UIDs vit
@ 2006-09-08 21:53 ` Andreas Mueller
2006-09-08 22:09 ` vit
1 sibling, 0 replies; 3+ messages in thread
From: Andreas Mueller @ 2006-09-08 21:53 UTC (permalink / raw)
To: lartc
Hi,
vit@icebrains-soft.com wrote:
...
> But there is no filter based on unix user id (the reason is clear for
> everybody -- ip packet doesn't contain this information).
>
> I've found the very interesting netfilter patches at the patch-o-matic:
...
There is no need for POM patches, you may use the "owner" match from
iptables. (see: man iptables)
> Am I on the right way? How can I combine the power of netfilter and
> traffic control systems to solve my problem?
...
You might match for each user and then set a mark or even classify directly
by iptables. (see man, too)
Howto mark: http://lartc.org/howto/lartc.qdisc.filters.html (9.6.2, fwmark)
Btw.. there is no best (classful) qdisc, this varies on your needs.
Nevertheless, I'd take htb because it's relativly simple to setup
(personally I like hfsc though).
You may just try them out. :)
Bye,
Andreas.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] Traffic shaper based on UIDs
2006-09-02 16:23 [LARTC] Traffic shaper based on UIDs vit
2006-09-08 21:53 ` Andreas Mueller
@ 2006-09-08 22:09 ` vit
1 sibling, 0 replies; 3+ messages in thread
From: vit @ 2006-09-08 22:09 UTC (permalink / raw)
To: lartc
Hello, Andreas!
Yes, the owner match is great. But I can mark only outgoing packets
this way. And as far as I know, traffic shaper needs to know who is
the owner of the incoming packets to do the shaper job.
And that's why it is required to patch the kernel, it seems to me.
Have I misunderstood something?
But I've recently sent to this mailing list another letter related
to this problem. It seems to me, if each unix user would use the
different IP address, it is not a problem to do the shaping.
Thank you for your response.
> Hi,
>
> vit@icebrains-soft.com wrote:
> ...
> > But there is no filter based on unix user id (the reason is clear for
> > everybody -- ip packet doesn't contain this information).
> >
> > I've found the very interesting netfilter patches at the patch-o-matic:
> ...
> There is no need for POM patches, you may use the "owner" match from
> iptables. (see: man iptables)
> > Am I on the right way? How can I combine the power of netfilter and
> > traffic control systems to solve my problem?
> ...
> You might match for each user and then set a mark or even classify directly
> by iptables. (see man, too)
>
> Howto mark: http://lartc.org/howto/lartc.qdisc.filters.html (9.6.2, fwmark)
>
> Btw.. there is no best (classful) qdisc, this varies on your needs.
> Nevertheless, I'd take htb because it's relativly simple to setup
> (personally I like hfsc though).
> You may just try them out. :)
>
> Bye,
> Andreas.
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
--
Sincerely yours, Vitaly Repin
Ice Brains Software, ltd
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-09-08 22:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-02 16:23 [LARTC] Traffic shaper based on UIDs vit
2006-09-08 21:53 ` Andreas Mueller
2006-09-08 22:09 ` vit
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.