[ale] Ethernet bandwidth choker

Bob Toxen bob at verysecurelinux.com
Wed Dec 8 14:51:08 EST 2004 

On Wed, Dec 08, 2004 at 11:04:39AM -0500, Dow Hurst wrote:
> Add the rate limiting to both interfaces of your router/firewall in 
> between the two feeds your wanting to work with.  That way you 
> completely control the bandwidth thru the router.  Also with tweaking 
> iptables and the tc rate limiting you can pick what is limited.  The 
> advanced routing howto has a lot of info and links on this subject.  You 
> can limit down to modem speeds and up to the bandwidth of your feeds.  

> It is very versatile.
Yes, the rate limiting (frequently called "Traffic Shaping") is very
versatile.  One can specify what rule (shape or bandwidth) to apply to
any combination of source and destination IP/netmask, source and destination
protocol and port numbers.  I've used it rather successfully for clients.

> Dow
Bob


> Michael Still wrote:

> >On Wed, 8 Dec 2004 06:45:41 -0500, David Corbin <dcorbin at enttek.com> wrote:
> > 
> >
> >>I need a device that I can use to simulate low-bandwidth between two 
> >>ethernet
> >>machines.  Ideally,  the box would have some limited interface to enter 
> >>in  a
> >>desired bandwidth to simulate.  Something that works in increments of 
> >>64kbs
> >>would be fine.
> >>
> >>1) Is there a correct name for such a product.
> >>2) Any recommendations?
> >>
> >>   
> >>
> >You can do this with rate limiting between ethernet interfaces I
> >believe.  Here's an example you can play with:
> >
> >tc qdisc add dev eth0 root handle 1: cbq avpkt 1000 bandwidth 100mbit
> >
> >tc class add dev eth0 parent 1: classid 1:1 cbq rate 64kbit allot 1500
> >prio 5 bounded isolated
> >
> >tc filter add dev eth0 parent 1: protocol ip prio 16 u32 match ip dst
> >0.0.0.0/0 flowid 1:1
> >
> >It has been my experience that the limiting is not exactly at 64kbits
> >(or it might be a problem at higher limits) so you might have to
> >change it to get it to work at the right speed.  Once you do find the
> >right limit, it does stay under it.  Also this only affects outbound
> >traffic, but you can make it affect inbound with more tc filter rules.
> >If the interface on the sending side is rate limited though, then I
> >wouldn't mess with the inbound limit.
> >_______________________________________________
> >Ale mailing list
> >Ale at ale.org
> >http://www.ale.org/mailman/listinfo/ale
> >
> > 
> >
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list