From: Jonathan Gazeley <jonathan.gazeley@bristol.ac.uk>
To: lartc@vger.kernel.org
Subject: [LARTC] Classful queuing solution
Date: Thu, 23 Aug 2007 11:36:39 +0000 [thread overview]
Message-ID: <46CD7147.1090900@bristol.ac.uk> (raw)
Dear all,
I am trying to set up multi-user traffic control. In short, I want each
user (each IP) to be hard limited to 128kbit download and 64kbit upload.
On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc)
to be prioritised to minimise latency. It sounds like it ought to be
done with a classful qdisc but I don't really know what I'm doing. I
think I want something like the following:
root class (global limit 100mbit)
|
+ 192.168.0.1 class - limit 128kbit
| + priority 0: SSH, ICMP, ACK, etc
| + priority 1: all other traffic
|
+ 192.168.0.2 class - limit 128kbit
| + etc
... and similarly for the uplink, but with a per-IP limit of 64kbit.
I'm not sure if it's good to have ~250 classes for the IP addresses, and
sub classes within those for the different priorities, or if all the
traffic should be rate-limited by IP first, and then sorted into a
handful of shared classes, to be dequeued.
I have taken advice from this list for the past couple of weeks and I
have a semi functional script now. However the latency suddenly jumps to
>4000ms as soon as the user starts downloading. Also my script uses
police rate to limit upload speed - but this is not particularly
effective and also not really required, as the box is able to shape
traffic in both directions. It is also a NAT box.
Related, not but strictly to do with tc, is there any way of concisely
and effectively logging connections between NATd users and external IPs?
I need to be able to maintain a log which tells me that a certain user
was connected to a certain remote host on a certain port at a certain
time and date, for legal reasons.
I realise this is a bit of a mammoth request, but I hope someone can
help me.
Many thanks in advance,
Jonathan
------------------------
Jonathan Gazeley
ResNet | Wireless & VPN Team
Information Systems & Computing
University of Bristol
------------------------
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next reply other threads:[~2007-08-23 11:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-23 11:36 Jonathan Gazeley [this message]
2007-08-27 19:50 ` [LARTC] Classful queuing solution Andy Furniss
2007-09-02 11:43 ` Marek Kierdelewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46CD7147.1090900@bristol.ac.uk \
--to=jonathan.gazeley@bristol.ac.uk \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.