* [LARTC] Limiting Bandwidth of an ppp interfaces
@ 2004-10-27 9:31 Florian Taeger
2004-10-28 22:18 ` Andy Furniss
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Florian Taeger @ 2004-10-27 9:31 UTC (permalink / raw)
To: lartc
Hi everyone.
I'm working on a problem since some days.
I have a linux router with about 100 ppp interfaces. Each interface should
bei limited to an individual bandwidth of 1024kbit, 2048kbit or 3096kbit. Up
AND downstream. (let's say for example 1024kbit upstream and 1024kbit
downstream)
The reason for this problem: I have to limit users to their booked
bandwidth, because there are hard rules, who is allowed to use which kind of
bandwidth. but some users used their 1024kbit login data with an 3096kbit
dsl line and of course they got the whole 3mbit bandwidth for
downloads/uploads.
So i MUST limit the users to a hard limit of bandwidth. no fair dealing or
something else. just a hardlimit for bandwidth. User X (pppX) get's 1024kbit
of bandwidth. no more nor less.
Another problem is, that behind an ppp interface there are some /29 net of
ip-adresses. So i am not able to filter by ip address. i have to filter by
interface.
but i just don't know how to deal with the problem Traffic shaping works
only for egress traffic, doesn't it?
Did anybody worked on the same problem before or can provide a solution for
this?
Regards
Florian Taeger
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
@ 2004-10-28 22:18 ` Andy Furniss
2004-10-28 22:25 ` Andy Furniss
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Andy Furniss @ 2004-10-28 22:18 UTC (permalink / raw)
To: lartc
Florian Taeger wrote:
> Hi everyone.
>
> I'm working on a problem since some days.
>
> I have a linux router with about 100 ppp interfaces. Each interface should
> bei limited to an individual bandwidth of 1024kbit, 2048kbit or 3096kbit. Up
> AND downstream. (let's say for example 1024kbit upstream and 1024kbit
> downstream)
>
> The reason for this problem: I have to limit users to their booked
> bandwidth, because there are hard rules, who is allowed to use which kind of
> bandwidth. but some users used their 1024kbit login data with an 3096kbit
> dsl line and of course they got the whole 3mbit bandwidth for
> downloads/uploads.
>
> So i MUST limit the users to a hard limit of bandwidth. no fair dealing or
> something else. just a hardlimit for bandwidth. User X (pppX) get's 1024kbit
> of bandwidth. no more nor less.
>
> Another problem is, that behind an ppp interface there are some /29 net of
> ip-adresses. So i am not able to filter by ip address. i have to filter by
> interface.
>
> but i just don't know how to deal with the problem Traffic shaping works
> only for egress traffic, doesn't it?
>
> Did anybody worked on the same problem before or can provide a solution for
> this?
If the traffic from all the ppps leave by one interface then you could
mark packets by incoming interface and set up egress shaping with say
HTB on that interface. If the traffic leaves on > 1 interfaces then you
need to use IMQ.
Andy.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
2004-10-28 22:18 ` Andy Furniss
@ 2004-10-28 22:25 ` Andy Furniss
2004-10-29 7:32 ` Florian Taeger
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Andy Furniss @ 2004-10-28 22:25 UTC (permalink / raw)
To: lartc
> If the traffic leaves on > 1 interfaces then you
> need to use IMQ.
I forgot to put - you can also attach policers to each ppp - thay are
not queues so they don't limit rate as such - but they can drop if over
rate - thus limiting TCP.
Andy.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
2004-10-28 22:18 ` Andy Furniss
2004-10-28 22:25 ` Andy Furniss
@ 2004-10-29 7:32 ` Florian Taeger
2004-10-29 8:51 ` Leslie Patrick Polzer
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Florian Taeger @ 2004-10-29 7:32 UTC (permalink / raw)
To: lartc
Hi.
> If the traffic from all the ppps leave by one interface then you could
> mark packets by incoming interface and set up egress shaping with say
> HTB on that interface.
There is only one eth0 interface to the internet and many ppp for the users.
So ... I have to shape every traffic from the ppp interfaces to eth0
(internet) and the same way around, don't I ??
How would it be done with htb ??
The problem ist - 50% of all the traffic on eth0 is to establish the ppp
session through a l2tp tunnel and the other 50% are for the real traffic to
the internet. So i only want to shape down the traffic from or to the ppp
interfaces. But I can't shape the whole traffic on eth0. So ... will there
be any problems regarding this ?
Of course i read the docs, but I just don't know how exactly to generate the
shape-filter for this. I know i have to establish a root entry and make
another entry for every ppp device. but how do i connect the interfaces an
the traffic ?!? How would I generate this "hard limit" for the traffic ?
Many thanks for the help.
Regards
F.Taeger
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
` (2 preceding siblings ...)
2004-10-29 7:32 ` Florian Taeger
@ 2004-10-29 8:51 ` Leslie Patrick Polzer
2004-10-29 11:45 ` Eric Leblond
2004-10-30 0:34 ` Andy Furniss
5 siblings, 0 replies; 7+ messages in thread
From: Leslie Patrick Polzer @ 2004-10-29 8:51 UTC (permalink / raw)
To: lartc
Florian Taeger wrote:
>Of course i read the docs, but I just don't know how exactly to generate the
>shape-filter for this. I know i have to establish a root entry and make
>another entry for every ppp device. but how do i connect the interfaces an
>the traffic ?!? How would I generate this "hard limit" for the traffic ?
>
>
Like Andy Furniss wrote:
Mark each incoming packets on pppn so you know where it is coming from.
Then attach n HTB classes below eth0's root and stuff each packet in its
class.
Kind regards,
Leslie
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
` (3 preceding siblings ...)
2004-10-29 8:51 ` Leslie Patrick Polzer
@ 2004-10-29 11:45 ` Eric Leblond
2004-10-30 0:34 ` Andy Furniss
5 siblings, 0 replies; 7+ messages in thread
From: Eric Leblond @ 2004-10-29 11:45 UTC (permalink / raw)
To: lartc
On Fri, 2004-10-29 at 10:51 +0200, Leslie Patrick Polzer wrote:
> Florian Taeger wrote:
> Mark each incoming packets on pppn so you know where it is coming from.
> Then attach n HTB classes below eth0's root and stuff each packet in its
> class.
Maybe not the best way to do. Script can be run when a ppp connection
come up. Username (ppp login) is at this moment available as a variable
environnement. Knowing that, you can then set up the correct QOS policy
on the link.
BR,
--
Eric Leblond <eric@regit.org>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [LARTC] Limiting Bandwidth of an ppp interfaces
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
` (4 preceding siblings ...)
2004-10-29 11:45 ` Eric Leblond
@ 2004-10-30 0:34 ` Andy Furniss
5 siblings, 0 replies; 7+ messages in thread
From: Andy Furniss @ 2004-10-30 0:34 UTC (permalink / raw)
To: lartc
Florian Taeger wrote:
> Hi.
>
>
>>If the traffic from all the ppps leave by one interface then you could
>>mark packets by incoming interface and set up egress shaping with say
>>HTB on that interface.
>
>
> There is only one eth0 interface to the internet and many ppp for the users.
>
> So ... I have to shape every traffic from the ppp interfaces to eth0
> (internet) and the same way around, don't I ??
I think you should think about what Eric says - I don't have experience
with many ppps and I guess you will need to use scripts per ppp.
For Egress you can add a TBF per ppp.
For ingress you could add a policer to each or you could use IMQ, but
you would need one device per ppp. To this you could then add a TBF to
ratelimit. This will not involve iptables.
Iptables plus HTB on eth is still a non IMQ option for doing ingress -
depends on detail though :-)
I am assuming that you don't want to do any sort of QOS for the customers.
>
> How would it be done with htb ??
>
> The problem ist - 50% of all the traffic on eth0 is to establish the ppp
> session through a l2tp tunnel and the other 50% are for the real traffic to
> the internet. So i only want to shape down the traffic from or to the ppp
> interfaces. But I can't shape the whole traffic on eth0. So ... will there
> be any problems regarding this ?
I think it would be OK. HTB has a default class for traffic it can't
classify AFAIK the default for this is no limits. Or you could just make
a class with a big limit.
>
> Of course i read the docs, but I just don't know how exactly to generate the
> shape-filter for this. I know i have to establish a root entry and make
> another entry for every ppp device. but how do i connect the interfaces an
> the traffic ?!? How would I generate this "hard limit" for the traffic ?
Exactly how you do things depends on whether you can get your scripts to
set a mark for a new ppp that relates it to a specific customer. If you
can do this and inserting the rules into running iptables works OK then
you could have an HTB class already setup on eth0 for each customers rates.
Andy.
>
> Many thanks for the help.
>
> Regards
>
> F.Taeger
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2004-10-30 0:34 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-10-27 9:31 [LARTC] Limiting Bandwidth of an ppp interfaces Florian Taeger
2004-10-28 22:18 ` Andy Furniss
2004-10-28 22:25 ` Andy Furniss
2004-10-29 7:32 ` Florian Taeger
2004-10-29 8:51 ` Leslie Patrick Polzer
2004-10-29 11:45 ` Eric Leblond
2004-10-30 0:34 ` Andy Furniss
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.