From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jonathan Gazeley Date: Thu, 23 Aug 2007 11:36:39 +0000 Subject: [LARTC] Classful queuing solution Message-Id: <46CD7147.1090900@bristol.ac.uk> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Dear all, I am trying to set up multi-user traffic control. In short, I want each user (each IP) to be hard limited to 128kbit download and 64kbit upload. On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc) to be prioritised to minimise latency. It sounds like it ought to be done with a classful qdisc but I don't really know what I'm doing. I think I want something like the following: root class (global limit 100mbit) | + 192.168.0.1 class - limit 128kbit | + priority 0: SSH, ICMP, ACK, etc | + priority 1: all other traffic | + 192.168.0.2 class - limit 128kbit | + etc ... and similarly for the uplink, but with a per-IP limit of 64kbit. I'm not sure if it's good to have ~250 classes for the IP addresses, and sub classes within those for the different priorities, or if all the traffic should be rate-limited by IP first, and then sorted into a handful of shared classes, to be dequeued. I have taken advice from this list for the past couple of weeks and I have a semi functional script now. However the latency suddenly jumps to >4000ms as soon as the user starts downloading. Also my script uses police rate to limit upload speed - but this is not particularly effective and also not really required, as the box is able to shape traffic in both directions. It is also a NAT box. Related, not but strictly to do with tc, is there any way of concisely and effectively logging connections between NATd users and external IPs? I need to be able to maintain a log which tells me that a certain user was connected to a certain remote host on a certain port at a certain time and date, for legal reasons. I realise this is a bit of a mammoth request, but I hope someone can help me. Many thanks in advance, Jonathan ------------------------ Jonathan Gazeley ResNet | Wireless & VPN Team Information Systems & Computing University of Bristol ------------------------ _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc