Topic: ADSL limit for surfing

[John]

HI,

I have an ADSL line 1M/256k to my V5 box - the 256 is for use for my webserver.

When someone inside the localnet is going to the internet, the server
access is slowed down !

Is it possible to limit the the outgoing 1M to 512K so that the webserver has
the max. 256k to the internet?

[Geoff Bennion]

The 1M/256k describes your upload/download speeds.
I.e. you can download from the internet at a max 1Mbit/Sec, but you can only upload at 256Kbit/Sec.  ( Common amongst ADSL )

With most ADSL modems, if one of the directions is maxed out ( i.e. you are uploading at the full 256Kbit/Sec, the other direction will 'grind to a halt'. )
- Don't know the technical reason why, something to do with the way they are capped I think.

I guess, what you are trying to do, is limit the amount of bandwidth that is used by your local network, to the internet.  So, just in case someone tries to reach your SME server from the internet there is still bandwidth available.

( There is a topic about this somewhere, try searching for Quality of Service, or Throttle Bandwidth )

Hope it sheds some light.

[Rene Nederhand]

Dear John,

What you want is called trafic shaping and this is indeed possible using squid, which is already installed on your e-smith server (see http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/).

However, you will have to make sure that your users will use the proxy. Best option to ensure this is using a transparent proxy. For this you will have to create some new ipchains to redirect port 80 requests to port 3128 (default squid port).

I did this (for testing, it won't staya after rebooting):

$ipchains -A input -p tcp -s 127.0.0.1/24 -d 127.0.0.1/24 www -j ACCEPT
$ipchains -A input -p tcp -s 192.168.0.1/24 -d 192.168.0.1/24 www -j ACCEPT
$ipchains -A input -p tcp -d any/0 www -j REDIRECT 3128

However, this didn't seem to work until now. Any help would be appreciated...

Rene

[Rene Nederhand]

In addition to my last message:

$ipchains -I input -p tcp -s -d 0.0.0.0/0 www -j REDIRECT 3128

will work for redirecting port 80 to port 3128. Get your isp address from ifconfig (including number of bits).

Don't forget to delete unwanted chains from previous attempts (ipchains -D input .

Good luck and keep me informed about the progress you make.

Rene

[John]

Great.

Thank you, I give it a try.

- John

[Greg Zartman]

Further to the topic of DSL speeds.  I had a nice dicusssion with a qwest technician on this very topic.  He told me that DSL communication occurs over two wires:  essentially a positive and a negative.  Both upload and download packets travel the same path..  When one direction is maxed, the wire is essentially maxed.  This  isn't true for framed relay and T-1 connections as they use four wires.  Two for upload packets and two for download packets.

Regards

Greg Zartman

[Lazo]

does the rpm transproxy do the same?? I mean, do I still need the ipchains commands?

thanks!!