[RP-PPPoE] Limit internet bandwidth but not local
Alex Pilon
alp at alexpilon.ca
Tue Aug 6 10:24:06 EDT 2013
On Tue, Aug 06, 2013 at 02:32:34PM +0200, Fabrizio wrote:
> I would like to configure this system to be able to limit the user
> internet bandwidth ( this is possible by WISPr-Bandwidth-Max-Down and
> WISPr-Bandwidth-Max-Up attributes )
Do you mean throughput and how to actually control it (rather than
related AAA with FreeRADIUS details)? If so, read on.
> but at the same time allow local user's traffic (i.e. to my smtp or
> ftp server) to be guaranteed at maximum speed. How can i do this?
Such traffic control is better left to the OS. Since it seems that
you're running linux, take a look at tc from iproute2, specifically, the
man pages tc-tbf(8), and tc-htb(8).
Should you have just wanted a global limit, one of the following would
have done.
# tc qdisc add dev ${DEV} root tbf rate ${RATE}mbit burst ${BURST}kbit \
latency ${LATENCY}ms
# tc qdisc add dev ${DEV} root tbf rate ${RATE}mbit burst ${BURST}kbit \
limit ${LIMIT}kb
Define ${DEV} to be your PPP device. ${RATE} and ${BURST} are
self-explanatory. See the man pages mentioned previously for details, or
take a look at this article.
http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:networking:traffic_control
LARTC is another source of documentation for these matters.
Note that this limits only outbound traffic on that interface (i.e.,
you're *shaping*). To *police* inbound traffic, look at the ingress
qdisc,
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-qdisc.ingress.html
and tc filters:
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.qdisc.filters.html
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-filter.policing.html
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-filter.hashing.html
If you want to apply global throughput limits, or otherwise
perform QoS on more than one device, see the intermediate queuing device
(IMQ), unless the traffic is going through one device only, like
*outbound* internet traffic.
http://www.linuximq.net/faq.html
http://www.linuximq.net/usage.html
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.imq.html
IMQ is in upstream, so some of the notes in the FAQ are dated.
However, since your needs are a bit more particular, you'll probably
need to do most of your work with tc filters instead of the tbf qdisc.
I'm not aware of a classful qdisc where you can explicitly set an
unlimited maximum throughput.
Also, if you don't feel like learning too much tc, you could mark
traffic using iptables. That's probably easier here anyway. You'll have
to set the fwmark in the mangle table, in PREROUTING.
iptables -A PREROUTING -t mangle -i ppp+ -o eth0 -j MARK --set-mark 1 -m comment --comment "Users' forwarded traffic."
Change the mark number appropriately, if you're already using that one.
I can't answer for the *BSD folks.
Regards,
Alex Pilon
More information about the RP-PPPoE
mailing list