Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: Bandwidth limiting
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
nixnux
n00b
n00b


Joined: 13 Jul 2005
Posts: 12

PostPosted: Sat Oct 29, 2005 6:13 pm    Post subject: Reply with quote

Excellent Howto, worked great for me. One thing I'm trying to figure out is how to identify between the outgoing data in a BitTorrent application and the outgoing ACKs. I limit the upstream just great...It works awesome. Only problem is the downstream on a torrent goes way down. I'm assuming the outgoing ACKs are getting limited along with the outgoing data. Any one know how to distinguish between the two?

Thanks
Back to top
View user's profile Send private message
ultraViolet
Apprentice
Apprentice


Joined: 03 Apr 2004
Posts: 280
Location: Lyon, France

PostPosted: Wed Nov 23, 2005 7:36 pm    Post subject: Reply with quote

Hi all !
I have read this very interesting thread with attention, because I have tried in the past to control p2p traffic in this way :
if there is a connection etablished, p2p fall at 0 as input and output.
The matter was mainly that I am sharing my connection with other people which doesnt respect the rules I have etablished, like only use p2p clients allowing to be stopped from my 'workstation'. It can be seen as autoritative, but I am the one who pay for it. I am a gamer and I can't support to see my ping falling down for p2p traffic, when I can spare some night time to play.
I have tried marking p2p traffic via ipp2p. The result was positive, but not sufficient. According to what I have read, l7 seems to be efficient too, but the fact is that it only block bandwith, not the number of connection etablished for example.
My question will so be this one : Do you think it is pertinent to use ipp2p and l7 at the same time to detect the most p2p packet as possible ?
Any help would be appreciated, and would allow my users to keep their free connection... :wink:
Back to top
View user's profile Send private message
ssmaxss
Apprentice
Apprentice


Joined: 28 Jun 2005
Posts: 160
Location: Moscow, Russia.

PostPosted: Wed Mar 29, 2006 6:17 pm    Post subject: Reply with quote

I whant to lower priority of incoming bittorent traffic (For fast surfnig while downloading via bittorrent). I whant to find bittorrent packets by using ipp2p (ports are dynamic, and maybe I will use ed2k). How can I do it? I whant a simple and clear "Gentoo way".
Back to top
View user's profile Send private message
Falchion
n00b
n00b


Joined: 18 Dec 2005
Posts: 57

PostPosted: Thu Apr 27, 2006 12:02 pm    Post subject: Help on filtering specific program for different client Reply with quote

Supposedly I patched my iptables....
Can I filter my LAN connection so that I can make sure that both the ip & internet explorer use a limited bandwidth?

I did use tc filter add dev eth0 parent 1: protocol ip u32 match ip sport 80 0xffff flowid 1:20 & also for port 8080 + 3128.
It worked great. HOWEVER, it also filter the game online patch and I don't want that. I just want to filter internet explorer.

Does the patch work if my client is WinXP? and can I actually filter internet explorer for each computer differently? I want IE on comp1 to use 56kb/s, IE on comp2 56kb/s, IE on comp3 56kb/s, etc.

I tried adding iexplore/iexplore.exe without any patch and it says that it can't find the program specified because I don't have it if I type ps -A.

Please help me on this. Thanks.
Back to top
View user's profile Send private message
Moloch
Apprentice
Apprentice


Joined: 17 Mar 2003
Posts: 293
Location: Albuquerque, NM, US

PostPosted: Fri Apr 28, 2006 7:26 pm    Post subject: Reply with quote

nixnux wrote:
Excellent Howto, worked great for me. One thing I'm trying to figure out is how to identify between the outgoing data in a BitTorrent application and the outgoing ACKs. I limit the upstream just great...It works awesome. Only problem is the downstream on a torrent goes way down. I'm assuming the outgoing ACKs are getting limited along with the outgoing data. Any one know how to distinguish between the two?

Thanks
Yes, I use seperate ACK queues for each of of my categories. Say for example you have
Code:
iptables -A tcpost -t mangle -o $INTERFACE -p tcp --dport $port -j CLASSIFY --set-class 1:32
Then I would have an almost identical line
Code:
ACKS='--tcp-flags SYN,RST,ACK ACK -m length --length :255'
iptables -A tcpost -t mangle -o $INTERFACE -p tcp --dport $port $ACKS -j CLASSIFY --set-class 1:31
Where class 1:31 is a higher priority than 1:32.
So this uses the same port as the previous but the length of the packet must be from 0 to 255 and have the SYN,RST,ACK ACK TCP flags. This seems to work great for me. Even when I have a lot of bittorrents seeding. I can start downloading a torrent and it will slow down my seeding upload which allows the download to go much quicker. This works great for anything that uses TCP. Obviously this won't work with UDP.


Another trick for those trying to limit bittorrent traffic where you have the bittorrent client on another computer than the firewall. You could assign another IP address to the client machine. For example in in /etc/conf.d/net may look like
Code:
config_eth0=( "192.168.0.5/24" "192.168.0.200/24")
Then on your firewall tell it to match based upon that IP address
Code:
iptables -A tcpost -t mangle -o $INTERFACE -p tcp --source 192.168.0.200 -j CLASSIFY --set-class 1:74


Back on the client machine you can then configure the bittorrent client to bind to 192.168.0.200 rather thant the primary one or all interfaces. If the client doesn't support binding to an interface you can use iptables on the client machine (assuming it's running Linux of course) to force connections based upon user or program name to use 192.168.0.200. This looks like
Code:
iptables -A POSTROUTING -m owner --uid-owner bittorrent -j SNAT --to-source 192.168.0.200
Make sure port forwarding on the firewall is setup to forward bittorrent ports to 192.168.0.200.

This may not be the best way to do things, but it seems to work very well for me.
_________________
Understanding is a three-edged sword: your side, their side, and the truth. --Kosh
1010011010
Back to top
View user's profile Send private message
depontius
Advocate
Advocate


Joined: 05 May 2004
Posts: 3509

PostPosted: Mon May 08, 2006 1:54 pm    Post subject: Simple limiting (simulate DSL migration) Reply with quote

Parasietje wrote:
http://www.szabilinux.hu/bandwidth/
This URL is worth checking out. Download bandwidth limiting works like a charm on my router. If you run a squid proxy, you may have problems limiting download traffic if you use transparent proxying.
Use Delaying Pools for squid bandhwith limiting. (Line 2849 in squid.conf)


I'm looking to save $$$ by moving from cable to DSL, but first I want to "simulate" the move, by bandwidth-limiting. The first entry on this thread indicates that input bandwidth limiting is difficult, but the link you give seems to do it simply. (I haven't tried it yet, just read the link.) All of my LAN traffic passes through my server/router, so I do have a simple throttle point to do this.

I may have 2 DSL plans available, one saving $$$ and one saving $$. The cheap side of me would like to look at the low-bandwidth plan. I already run emerge sync from cron on my server, and my other systems sync to that. I'm also running http-replicator, so I have caching and provisions to move things into the wee hours, in order to avoid waiting and contention. I'm concerned about interactive bandwidth.

Is this a sane thing to do?
What are the "weight" factors? From what I can see, in my case the weights don't really matter, since I'm making all systems peers sharing one link. Correct?
_________________
.sigs waste space and bandwidth
Back to top
View user's profile Send private message
johnny_martins00
Apprentice
Apprentice


Joined: 01 Jun 2006
Posts: 293

PostPosted: Mon Apr 09, 2007 2:08 pm    Post subject: Reply with quote

hi. great howto! im trying something like your howto but with some subclasses. my question is if in one class i can declare 3 subclasses like :

Code:

localhost johnny # tc class add dev eth0 parent 1: classid 1:1 htb rate 120kbit burst 6k
localhost johnny # tc class add dev eth0 parent 1:1 classid 1:10 htb rate 100kbit burst 6k prio 1
localhost johnny # tc class add dev eth0 parent 1:1 classid 1:20 htb rate  10kbit burst 6k prio 2
localhost johnny # tc class add dev eth0 parent 1:1 classid 1:30 htb rate  10kbit burst 6k prio 3

now i want to declare 3 subclasses of class 10
localhost johnny # tc class add dev eth0 parent 1:10 classid 1:100 htb rate  60kbit
localhost johnny # tc class add dev eth0 parent 1:10 classid 1:200 htb rate  40kbit
localhost johnny # tc class add dev eth0 parent 1:10 classid 1:300 htb rate 20kbit


localhost johnny # tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
localhost johnny # tc qdisc add dev eth0 parent 1:100 handle 1000: sfq perturb 10
localhost johnny # tc qdisc add dev eth0 parent 1:200 handle 2000: sfq perturb 10
localhost johnny # tc qdisc add dev eth0 parent 1:300 handle 3000: sfq perturb 10
localhost johnny # tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
localhost johnny # tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10

localhost johnny # tc class show dev eth0
class htb 1:1 root rate 120000bit ceil 120000bit burst 6Kb cburst 1749b
class htb 1:10 parent 1:1 rate 100000bit ceil 100000bit burst 6Kb cburst 1725b
class htb 1:100 parent 1:10 leaf 1000: prio 0 rate 60000bit ceil 60000bit burst 1674b cburst 1674b
class htb 1:20 parent 1:1 leaf 20: prio 2 rate 10000bit ceil 10000bit burst 6Kb cburst 1612b
class htb 1:200 parent 1:10 leaf 2000: prio 0 rate 40000bit ceil 40000bit burst 1650b cburst 1650b
class htb 1:30 parent 1:1 leaf 30: prio 3 rate 10000bit ceil 10000bit burst 6Kb cburst 1612b
class htb 1:300 parent 1:10 leaf 3000: prio 0 rate 20000bit ceil 20000bit burst 1625b cburst 1625b


another thing is the tc filter command... i wanna make a filter for all the traffic http but... dont know how. i've tried this:
Code:

tc filter add dev eth0 parent 10:0 protocol ip prio 3 u32 \ match ip protocol 80 0xff lowid 10:100

but its not working....

another thing its the diferences between using tc filter and the iptables that i cant understand...


Thk,
Regards
Back to top
View user's profile Send private message
Xamindar
Veteran
Veteran


Joined: 03 Oct 2004
Posts: 1155
Location: California

PostPosted: Tue Nov 06, 2007 5:25 am    Post subject: Reply with quote

I have a problem. I simply ran the following and haven't add any clauses to shape traffic yet:
Code:

tc qdisc add dev eth0 root handle 1: htb default 10
tc class add dev eth0 parent 1: classid 1:1 htb rate 120kbit burst 6k
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 120kbit burst 6k prio 1
tc class add dev eth0 parent 1:1 classid 1:20 htb rate  60kbit burst 6k prio 2
tc class add dev eth0 parent 1:1 classid 1:30 htb rate  30kbit burst 6k prio 3
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10


but for some reason as soon as I add these not only does my outgoing slow to about 4k/s but so does my input! Why is it doing this? I checked and eth0 is indeed my outgoing interface.
Back to top
View user's profile Send private message
Xamindar
Veteran
Veteran


Joined: 03 Oct 2004
Posts: 1155
Location: California

PostPosted: Tue Nov 06, 2007 6:08 am    Post subject: Reply with quote

I even tried following this guide:
http://gentoo-wiki.com/HOWTO_Packet_Shaping

and the same thing happened. Both upload and download is being limited! What is the deal with this?
Back to top
View user's profile Send private message
exarkun
n00b
n00b


Joined: 13 Dec 2007
Posts: 1

PostPosted: Thu Dec 13, 2007 10:11 pm    Post subject: Reply with quote

Also, as of kernel 2.6.14, the pid-owner, sid-owner, and cmd-owner options are no longer available in iptables. Does anyone have a way to get this working for a specific program now? Running p2p kills my downstream such that my connection is near useless.

Thanks.
Back to top
View user's profile Send private message
sunilkb
n00b
n00b


Joined: 31 Jul 2014
Posts: 1

PostPosted: Fri Aug 01, 2014 6:59 am    Post subject: RegardinG bandwidth limiting post. Reply with quote

Dear Author of Bandwidth Limiting post .

You mentioned in Section 7 of this post, Point 3. Would you please help me how to do TCP Window manipulation to influence the speed of network streams?
3)TCP window manipulation is an advanced and better method of influencing the speed of network streams, unfortunately AFAIK there are no open source applications that implement that for the time being.

Thanks,
Sunil
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4
Page 4 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum