[H-GEN] Limit adsl bandwidth

Russell Stuart russell at stuart.id.au
Mon Jun 26 20:50:00 EDT 2006 

On 27/06/2006 10:22 AM, Anthony Irwin wrote:
> I have been looking into bandwidth limiting and
> everyone seems to talk about using squid and using
> delay pools. I believe that this method would not stop
> peer 2 peer programs and I don't really want to use a
> proxy if I can get away with it.
> 
> Is it possible to use iptables or some other solution
> to limit bandwidth to a particular ip or mac address
> and only to ports above 1024?
> 
> If so can you point me to any relevant docs.

Assuming you are running Linux, then yes there is a
solution.  In short:

   - Yes linux can do this.  It is for the most part
     already built into the kernels and tools you
     probably have installed now.

   - Unless you are fairly experienced at Linux in
     general, or receive help, you probably won't be
     able to get it working.

Longer version: the Linux kernel has a traffic control
engine built into it as standard.  It is a very powerful
and flexible beast.  It is also unbelievably complex
(making iptables look like childs play in comparison),
and there is IMHO no good documentation.  For example,
no man pages are provided for the tools you need.  Most
people who do manage to configure it seem to do so by
cutting and pasting from this:

   http://lartc.org/

There is also a very active mailing list.  If you ask
a question and it is clear your have read the above
document beforehand, you will receive an answer.

   http://mailman.ds9a.nl/mailman/listinfo/lartc

The traffic control engine at it comes can only do flow
control on outgoing traffic.  This is because the
current kernel development team for the engine seem to
have religious objections to doing incoming traffic
control.  Of course most typical Linux users are more
interested in doing incoming traffic control, so there
is a patch that enables you do do this:

   http://www.linuximq.net/

It needs a patched version of the iproute2 package (aka
iproute on some distributions).  If you are running Debian
you can find packages for all these things (including a
pre-patched kernel) here:

   http://www.stuart.id.au/russell/files/debian

Finally if you get stuck post another request for help
detailing exactly what you want, (with ip addresses,
ports, bandwidth limits, etc) and I will give you a
script.

More information about the General mailing list