Re: throttling an internal IP's upstream bandwidth

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Martijn Lievaart <m@rtij.nl>
To: Scott van Looy <scott@ethosuk.org.uk>
Cc: netfilter@lists.netfilter.org
Subject: Re: throttling an internal IP's upstream bandwidth
Date: Sun, 18 Feb 2007 14:46:21 +0100	[thread overview]
Message-ID: <45D858AD.5060501@rtij.nl> (raw)
In-Reply-To: <Pine.LNX.4.64.0702181232550.32641@novak.ethosuk.org.uk>

Scott van Looy wrote:
> Today Martijn Lievaart did spake thusly:
>
>> Scott van Looy wrote:
>>>
>>> I'm on DSL, I only have small upstream and big downstream. 
>>> Everything goes through a 1:1 NAT iptables firewall - so internal 
>>> IPs are directly mapped to an external IP. I want to throttle the 
>>> internal upstream bandwidth so the internal machines can't upload at 
>>> more than 25k/s as the maxing out of the upstream is killing the 
>>> much faster downstream...is there a way to do this using iptables?
>>>
>>
>> Google for wondershaper.
>
> I use wondershaper, it doesn't let me throttle on a per machine basis 
> tho - I want the firewall to only allow a max of 25k out for each of 
> my internal machines
>

Ah, then you have to do some work yourself. The answer is most probably 
tc, not netfilter. If you don't have a lot of internal machines, you can 
add a filter/qdisc for all of them but for large amounts of internal 
machines (or with dhcp), this gets unwieldy.

However, wondershaper should do what you ultimately want, shape traffic 
so uploads don't disturb downloads. It works for me.

M4

next prev parent reply	other threads:[~2007-02-18 13:46 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-02-09 11:38 throttling an internal IP's upstream bandwidth Scott van Looy
2007-02-18 11:46 ` Martijn Lievaart
2007-02-18 12:33   ` Scott van Looy
2007-02-18 13:46     ` Martijn Lievaart [this message]
2007-02-19  2:29       ` Gregory Carter
     [not found]         ` <Pine.LNX.4.64.0702191106070.32641@novak.ethosuk.org.uk>
2007-02-19 15:52           ` Gregory Carter
2007-02-19 13:04       ` Pedro Abreu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=45D858AD.5060501@rtij.nl \
    --to=m@rtij.nl \
    --cc=netfilter@lists.netfilter.org \
    --cc=scott@ethosuk.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.