Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: [SOLVED] Limiting upload speed for non-local connections

  1. #1
    Join Date
    Jun 2008
    Beans
    13

    [SOLVED] Limiting upload speed for non-local connections

    The solution can be found here

    Hi,

    I'm looking for a way to limit the upload speed on my Ubuntu machine, so that my upload link doesn't get saturated. However, I don't want to limit traffic within my LAN, so I can FTP/Samba locally with full speed. In a sense it's like:
    Code:
    if destinationIP not in 192.168.2.* then limit 500kbit/s
    I've come across simple solutions like wondershaper (limits ALL traffic) and trickle (works for one program at a time). Reading about iproute2, tc, etc. just blew my mind.

    I'm sure there must be a great lot of people that want this.

    Cheers, spr

    The solution can be found here
    Last edited by spr-; October 14th, 2008 at 09:47 AM.

  2. #2
    Join Date
    Jun 2007
    Location
    Melbourne, AU
    Beans
    211
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Limiting upload speed for non-local connections

    the easiest place would be to rate limit at your router, but im assuming you cant do that?
    Ubuntu 8.04 Hardy Heron User

  3. #3
    Join Date
    Jun 2008
    Beans
    13

    Re: Limiting upload speed for non-local connections

    Quote Originally Posted by fwre01 View Post
    the easiest place would be to rate limit at your router, but im assuming you cant do that?
    Nope.

  4. #4
    Join Date
    Aug 2008
    Location
    Washington DC
    Beans
    2,186
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Limiting upload speed for non-local connections

    Code:
    tc qdisc add dev eth0 root handle 1: htb default 12
    tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
    tc class add dev eth0 parent 1:1 classid 1:10 htb rate 500kbit ceil 500kbit
    tc class add dev eth0 parent 1:1 classid 1:12 htb rate 50mbit ceil 100mbit
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0  flowid 1:10
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src  192.168.2.0/24 flowid 1:12
    tc qdisc add dev eth0 parent 1:10 handle 20: sfq perturb 10
    tc qdisc add dev eth0 parent 1:12 handle 30: sfq perturb 10
    or something like that..

  5. #5
    Join Date
    Jun 2008
    Beans
    13

    Re: Limiting upload speed for non-local connections

    Quote Originally Posted by iponeverything View Post
    Code:
    tc qdisc add dev eth0 root handle 1: htb default 12
    tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
    tc class add dev eth0 parent 1:1 classid 1:10 htb rate 500kbit ceil 500kbit
    tc class add dev eth0 parent 1:1 classid 1:12 htb rate 50mbit ceil 100mbit
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0  flowid 1:10
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src  192.168.2.0/24 flowid 1:12
    tc qdisc add dev eth0 parent 1:10 handle 20: sfq perturb 10
    tc qdisc add dev eth0 parent 1:12 handle 30: sfq perturb 10
    or something like that..
    Wow, you really put some work into that. Thanks! I'll see whether that does the job.

  6. #6
    Join Date
    Jun 2008
    Beans
    13

    Re: Limiting upload speed for non-local connections

    Hmm, it seems to limit some LAN traffic as well. I think that is due to the fact I approach it by its host name. The router still routes it through the LAN, but it seems as if I'm coming from the outside world.
    Would adding
    Code:
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src  my.ip.here/24 flowid 1:12
    help?

    My ethernet if is indeed eth0, so that's not the problem. Thanks a lot already!
    Last edited by spr-; October 13th, 2008 at 10:12 PM.

  7. #7
    Join Date
    Jun 2007
    Location
    Melbourne, AU
    Beans
    211
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Limiting upload speed for non-local connections

    I havent read up on how tc works exactly, but it seemed to me confusing how it can classify your local subnet AFTER it classifys the 0.0.0.0/0 subnet. seems to me astho it will ignore the "tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src 192.168.2.0/24 flowid 1:12" line....perhaps not? perhaps it works through these in a specific order.

    My thoughts were to use dest MAC address, therefore you could say anything with a dest MAC address of your router = rate limit at 500kbit, and ignore everything else.
    Ubuntu 8.04 Hardy Heron User

  8. #8
    Join Date
    Jun 2008
    Beans
    13

    Re: Limiting upload speed for non-local connections

    Quote Originally Posted by fwre01 View Post
    I havent read up on how tc works exactly, but it seemed to me confusing how it can classify your local subnet AFTER it classifys the 0.0.0.0/0 subnet. seems to me astho it will ignore the "tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src 192.168.2.0/24 flowid 1:12" line....perhaps not? perhaps it works through these in a specific order.

    My thoughts were to use dest MAC address, therefore you could say anything with a dest MAC address of your router = rate limit at 500kbit, and ignore everything else.
    I reversed the filter order and now there's no limit when I friend of mine downloads something from my webserver. So, somehow, it matches my.ip.address or 192.168.2.* and puts no limit? I'm pretty confused.
    But why check the MAC address of the router? It's never the destination? Not that I know that much about networking.. If what you say is right, how would I go about changing the commands?
    Thanks everybody for helping me out.

    If anyone else is reading this and wants to know how to remove ALL the rules:
    Code:
    sudo tc qdisc del root dev ethX
    Last edited by spr-; October 13th, 2008 at 10:14 PM.

  9. #9
    Join Date
    Jun 2007
    Location
    Melbourne, AU
    Beans
    211
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Limiting upload speed for non-local connections

    can you post the config you are now using?

    just as a quick and dirty explanation...

    when your server sends packets to your friends it will have their IP address as the destination, but it will also have your routers MAC address as the destination (i wont go into the details, but that is how it works)

    If you could specify the destination mac address it would help simplify things, becasue you would no longer need to specify two subnets. (one of which is just a supernet of the other, which is confusing things further) you would only need to specify the dest mac address and the limit figure, and im assuming the rest of the traffic will get treated normally.
    Last edited by fwre01; October 13th, 2008 at 10:33 PM. Reason: typo
    Ubuntu 8.04 Hardy Heron User

  10. #10
    Join Date
    Jun 2008
    Beans
    13

    Re: Limiting upload speed for non-local connections

    As for the tc config:
    Code:
    tc qdisc add dev eth0 root handle 1: htb default 12
    tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
    tc class add dev eth0 parent 1:1 classid 1:10 htb rate 500kbit ceil 500kbit
    tc class add dev eth0 parent 1:1 classid 1:12 htb rate 50mbit ceil 100mbit
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0  flowid 1:10
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src  192.168.2.0/24 flowid 1:12
    tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src  MY_IP/24 flowid 1:12
    tc qdisc add dev eth0 parent 1:10 handle 20: sfq perturb 10
    tc qdisc add dev eth0 parent 1:12 handle 30: sfq perturb 10
    As for network config:
    My network if is eth0. The local network is 192.168.2.*. The linux/server machine's ip is 192.168.2.100. My Windows machine is on 192.168.2.6. My external IP is MY_IP, which hostname is DYNAMIC_DNS. When I connect from my Windows machine to my server I connect to DYNAMIC_DNS, so it doesn't matter whether I connect from within the LAN or e.g. from school. The router presumably routes data through the LAN, but the server sees an external IP address, in this case, MY_IP or my friends IP. Every uplink should be limited to 500kbit/s, unless the server sees MY_IP or 192.168.2.* (because then it'll just be local, and the data won't sature my uplink).
    Okay, that was a long story and I doubt whether that has many anything any clearer.

    Edit: What about an image?
    Last edited by spr-; October 13th, 2008 at 10:56 PM.

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •