From: Stef Coene <stef.coene@docum.org>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] limiting bandwidth to one IP
Date: Sun, 23 Dec 2001 21:28:40 +0000 [thread overview]
Message-ID: <marc-lartc-100914308717473@msgid-missing> (raw)
In-Reply-To: <marc-lartc-100912617329520@msgid-missing>
> > Bandwith must be the real bandwith of the NIC. Usual 10 or 100 mbit.
>
> ok
>
> > What you want to do is easy. But you are using the wrong commands. I
> > have some working scripts. You can find them on www.docum.org.
>
> Ok, I have looked now...
>
> > But I advise you to use the htb qdisc. Much easier to set up and to
> > understand. Again, more information on www.docum.org. If you really
> > want to use CBQ, I can give you more information. Just leave a message
> > on the mailing list.
>
> I have seen htb qdisc. But I see that it isn't in standard Kernel. I would
> use standard kernel because (for various reasons). If I have time I will
> test htb qdisc.
>
> Now my script works (with the help of your webpage):
>
> DEV="dev eth1"
> OPTION="allot 1514 maxburst 20 avpkt 1000 prio 3"
> tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
> tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate \
> $2kbit $OPTION bounded
>
> tc filter add dev eth1 parent 10: protocol ip prio 1 u32 match ip \
> dst 192.168.0.5 flowid 10:2
>
> But now I would like limit the bandwidth that 192.168.0.5 is sending.
>
> I cannot change dst for src, I think, because I am doing NAT and I think
> that when the paquet traverse "tc filter bla bla bla" has IP of the
> firewall machine. Then I have to do with iptables and mangle table? But
> this table only has PREROUTING and OUTPUT:
>
>
> cpie:~/tc# iptables -L -t mangle | grep Chain
> Chain PREROUTING (policy ACCEPT)
> Chain OUTPUT (policy ACCEPT)
>
> I suppose that I can mark paquets in PREROUTING Chain before the IP is
> masqueraded. I will test.
Indeed. You can not use the u32 filter but you will need the fw filter in
conjuction with iptables if you do SNAT.
>
> Thank you very much for your attention.
You can makt it easier to understand for us if you (try) to draw a small
ASCII picture of your setup.
Stef
--
stef.coene@docum.org
More QOS info : http://www.docum.org/
Title : "Using Linux as bandwidth manager"
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
next prev parent reply other threads:[~2001-12-23 21:28 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-12-23 16:49 [LARTC] limiting bandwidth to one IP Carles Pina i Estany
2001-12-23 19:49 ` Stef Coene
2001-12-23 21:28 ` Stef Coene [this message]
2001-12-24 12:17 ` Jerome Petazzoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-100914308717473@msgid-missing \
--to=stef.coene@docum.org \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.