All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] HTB metro/international
@ 2005-02-12 12:08 George Vasiliu
  2005-02-12 15:12 ` George Alexandru Dragoi
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: George Vasiliu @ 2005-02-12 12:08 UTC (permalink / raw)
  To: lartc

Hi all!
I have a problem setting up HTB on my home network.
I have a network: 192.168.1.0/24 and I want to limit the download to 200 KB to 
every IP from my city ( I have the IP's of most ISPs). The thing is that I I 
want to limit the international traffic too (I do not use BGP) and set it
 to 15 KB. Can someone help with this setup? Thanks!

Best regards, 
-- 
George 


-- 
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] HTB metro/international
  2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
@ 2005-02-12 15:12 ` George Alexandru Dragoi
  2005-02-12 16:44 ` gypsy
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: George Alexandru Dragoi @ 2005-02-12 15:12 UTC (permalink / raw)
  To: lartc

http://metropolitana.loginet.ro/ and reat that stuff, or

you can try to diferentiate metro/interfor for download asking your
ISP if they set a specific DSCP for it. For upload limitting, i add
routes for all metropolitan ips (or bgp does it automatically), and
the default route has a special realm. You can then match the realm in
FORWARD or POSTROUTING chain in mangle and set a mark to those
packets, then mark every ip with a different mark. ex:

eth0 - your ISP (let's say GTS)
eth1 - your lan 192.168.1.0/24

Gts uses 32 value as dscp for international traffic (0x20)

tc qdisc add dev eth1 root handle 1: htb r2q 1

tc class add dev eth1 parent 1: classid 1:999 htb rate 90mbit
tc class add dev eth1 parent 1:999 classid 1:1 htb rate 2mbit
tc class add dev eth1 parent 1:999 classid 1:998 htb rate 80mbit
#client with ip 192.168.1.2 has at most 1mbit for metro, 128kbit for external
tc class add dev eth1 parent 1:1 classid 1:2 htb rate 256kbit #Your
total external bandwith

tc class add dev eth1 parent 1:1 classid 1:11 htb rate 12kbit ceil
1mbit #metro for client 1
tc class add dev eth1 parent 1:2 classid 1:21 htb rate 8kbit ceil
128kbit #external for first client

FIlters are:

tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip dst
192.168.1.2/32 match tos 0x80 0xfc classid 1:21
tc filter add dev eth1 parent 1: protocol ip prio 2 u32 match ip dst
192.168.1.2/32 classid 1:11

A global filter for lan traffic would be:
tc filter add dev eth1 parent 1: protocol ip prio 0 u32 math ip src
192.168.1.1/32 classid 1:998

For upload, after you make a script to add all metropolitan routes:

ip ro add $prefix via $isp_gw

and the default route would be:

ip ro add default via $isp_gw realm 6

Check /etc/iproute2/rt_realms

iptables -t mangle -N metro-up
iptables -t mangle -N ext-up
iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ext-up
iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ACCEPT
iptables -t mangle -A FORWARD -o eth0 -j metro-up

iptables -t mangle -A ext-up -s 192.168.1.2 -j MARK --set-mark 0x21
iptables -t mangle -A metro-up -s 192.168.1.2 -j MARK --set-mark 0x11

add classes similar to eth1

tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x21 fw classid 1:21
tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x11 fw classid 1:11

On Sat, 12 Feb 2005 14:08:55 +0200, George Vasiliu
<gvasiliu@bitdefender.com> wrote:
> Hi all!
> I have a problem setting up HTB on my home network.
> I have a network: 192.168.1.0/24 and I want to limit the download to 200 KB to
> every IP from my city ( I have the IP's of most ISPs). The thing is that I I
> want to limit the international traffic too (I do not use BGP) and set it
>  to 15 KB. Can someone help with this setup? Thanks!
> 
> Best regards,
> --
> George
> 
> --
> This message was scanned for spam and viruses by BitDefender.
> For more information please visit http://linux.bitdefender.com/
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> 


-- 
Bla bla
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] HTB metro/international
  2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
  2005-02-12 15:12 ` George Alexandru Dragoi
@ 2005-02-12 16:44 ` gypsy
  2005-02-13  1:08 ` Andy Furniss
  2005-02-13  8:34 ` George Vasiliu
  3 siblings, 0 replies; 5+ messages in thread
From: gypsy @ 2005-02-12 16:44 UTC (permalink / raw)
  To: lartc

George Vasiliu wrote:
> 
> Hi all!
> I have a problem setting up HTB on my home network.
> I have a network: 192.168.1.0/24 and I want to limit the download to 200 KB to
> every IP from my city ( I have the IP's of most ISPs). The thing is that I I
> want to limit the international traffic too (I do not use BGP) and set it
>  to 15 KB. Can someone help with this setup? Thanks!
> 
> Best regards,
> --
> George

You cannot shape downloads, only uploads.  You must "police" downloads,
which means to drop all packets that are over the specified limit.

Since you know IP ranges, sounds to me like you want one of the iptables
add ons that does rate limiting.
--
gypsy
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] HTB metro/international
  2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
  2005-02-12 15:12 ` George Alexandru Dragoi
  2005-02-12 16:44 ` gypsy
@ 2005-02-13  1:08 ` Andy Furniss
  2005-02-13  8:34 ` George Vasiliu
  3 siblings, 0 replies; 5+ messages in thread
From: Andy Furniss @ 2005-02-13  1:08 UTC (permalink / raw)
  To: lartc

gypsy wrote:
> George Vasiliu wrote:
> 
>>Hi all!
>>I have a problem setting up HTB on my home network.
>>I have a network: 192.168.1.0/24 and I want to limit the download to 200 KB to
>>every IP from my city ( I have the IP's of most ISPs). The thing is that I I
>>want to limit the international traffic too (I do not use BGP) and set it
>> to 15 KB. Can someone help with this setup? Thanks!
>>
>>Best regards,
>>--
>>George
> 
> 
> You cannot shape downloads, only uploads.  You must "police" downloads,
> which means to drop all packets that are over the specified limit.

You can - it's just not perfect bacause you are at the wrong end of the 
bottleneck - policing doesn't do it perfectly either IMO shaping 
(ratelimiting) is still better than policing.

> 
> Since you know IP ranges, sounds to me like you want one of the iptables
> add ons that does rate limiting.
> --
> gypsy
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> 


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] HTB metro/international
  2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
                   ` (2 preceding siblings ...)
  2005-02-13  1:08 ` Andy Furniss
@ 2005-02-13  8:34 ` George Vasiliu
  3 siblings, 0 replies; 5+ messages in thread
From: George Vasiliu @ 2005-02-13  8:34 UTC (permalink / raw)
  To: lartc

On Saturday 12 February 2005 17:12, George Alexandru Dragoi wrote:
Ok. Thank you for the quick answer. 
I will do what you have said and, hopefully I won't need help again :)

George

> http://metropolitana.loginet.ro/ and reat that stuff, or
>
> you can try to diferentiate metro/interfor for download asking your
> ISP if they set a specific DSCP for it. For upload limitting, i add
> routes for all metropolitan ips (or bgp does it automatically), and
> the default route has a special realm. You can then match the realm in
> FORWARD or POSTROUTING chain in mangle and set a mark to those
> packets, then mark every ip with a different mark. ex:
>
> eth0 - your ISP (let's say GTS)
> eth1 - your lan 192.168.1.0/24
>
> Gts uses 32 value as dscp for international traffic (0x20)
>
> tc qdisc add dev eth1 root handle 1: htb r2q 1
>
> tc class add dev eth1 parent 1: classid 1:999 htb rate 90mbit
> tc class add dev eth1 parent 1:999 classid 1:1 htb rate 2mbit
> tc class add dev eth1 parent 1:999 classid 1:998 htb rate 80mbit
> #client with ip 192.168.1.2 has at most 1mbit for metro, 128kbit for
> external tc class add dev eth1 parent 1:1 classid 1:2 htb rate 256kbit
> #Your total external bandwith
>
> tc class add dev eth1 parent 1:1 classid 1:11 htb rate 12kbit ceil
> 1mbit #metro for client 1
> tc class add dev eth1 parent 1:2 classid 1:21 htb rate 8kbit ceil
> 128kbit #external for first client
>
> FIlters are:
>
> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip dst
> 192.168.1.2/32 match tos 0x80 0xfc classid 1:21
> tc filter add dev eth1 parent 1: protocol ip prio 2 u32 match ip dst
> 192.168.1.2/32 classid 1:11
>
> A global filter for lan traffic would be:
> tc filter add dev eth1 parent 1: protocol ip prio 0 u32 math ip src
> 192.168.1.1/32 classid 1:998
>
> For upload, after you make a script to add all metropolitan routes:
>
> ip ro add $prefix via $isp_gw
>
> and the default route would be:
>
> ip ro add default via $isp_gw realm 6
>
> Check /etc/iproute2/rt_realms
>
> iptables -t mangle -N metro-up
> iptables -t mangle -N ext-up
> iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ext-up
> iptables -t mangle -A FORWARD -o eth0 -m realm --realm 6 -j ACCEPT
> iptables -t mangle -A FORWARD -o eth0 -j metro-up
>
> iptables -t mangle -A ext-up -s 192.168.1.2 -j MARK --set-mark 0x21
> iptables -t mangle -A metro-up -s 192.168.1.2 -j MARK --set-mark 0x11
>
> add classes similar to eth1
>
> tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x21 fw classid
> 1:21 tc filter add dev eth0 parent 1: protocol ip prio 1 handle 0x11 fw
> classid 1:11
>
> On Sat, 12 Feb 2005 14:08:55 +0200, George Vasiliu
>
> <gvasiliu@bitdefender.com> wrote:
> > Hi all!
> > I have a problem setting up HTB on my home network.
> > I have a network: 192.168.1.0/24 and I want to limit the download to 200
> > KB to every IP from my city ( I have the IP's of most ISPs). The thing is
> > that I I want to limit the international traffic too (I do not use BGP)
> > and set it to 15 KB. Can someone help with this setup? Thanks!
> >
> > Best regards,
> > --
> > George
> >
> > --
> > This message was scanned for spam and viruses by BitDefender.
> > For more information please visit http://linux.bitdefender.com/
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
> --
> Bla bla
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

-- 
George Vasiliu
BitDefender Technical Support Engineer
-------------------------------------
SOFTWIN, Data Security Division
-------------------------------------
HEADQUARTERS:
e-mail: support@bitdefender.com
phone: +(4021) 233 18 52
fax: (+4021) 233.07.63
Bucharest, ROMANIA
http://www.bitdefender.com
http://www.softwin.ro
ESPAÑA:
e-mail: soporte@bitdefender-es.com
Barcelona, ESPAÑA
http://www.bitdefender-es.com
-------------------------------------
secure your every bit
-------------------------------------



-- 
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-02-13  8:34 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-02-12 12:08 [LARTC] HTB metro/international George Vasiliu
2005-02-12 15:12 ` George Alexandru Dragoi
2005-02-12 16:44 ` gypsy
2005-02-13  1:08 ` Andy Furniss
2005-02-13  8:34 ` George Vasiliu

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.