Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Lightman on August 11, 2002, 05:55:48 PM
-
Hello List.
I was trying to configure CBQ based on the info in the files and threads in this list.
Finally last night I get it, and now it's working great (almost), I limited
bandwidth per machine IP on all ports, however i found a problem:
eDonkey2000 doesn't seems to be affected for the Upstream, it is still at maximum capacity, and filling all my outgoing capacity, the weird part is
that downstream limitation works excellent, here is what I did:
file 1: cbq-25.clients
DEVICE=eth0,100Mbit,10Mbit
RATE=40Kbit
WEIGHT=4Kbit
PRIO=5
RULE=192.168.1.40
RULE=192.168.1.41
# and so on with the other computers
This seems to work perfectly (incoming traffic)
then i create the other: file 2: cbq-26.clients
DEVICE=ppp0,256Kbit,25Kbit
RATE=33Kbit
WEIGHT=4Kbit
PRIO=5
RULE=192.168.1.40
RULE=192.168.1.41
# and so on as the other file
did cbq stop and then restart so it take changes
but still is not limiting outgoing traffic of eDonkey
eth0 is my LAN NIC, ppp0 is the DSL router.
am I doing something wrong?.
both files are almost identical that's why i don't understand
why outgoing traffic is not being controlled but incoming traffic is.
any ideas?
oh!, some other thing, is there something rule about the
filenames for CBQ in /etc/sysadmin/cbq ?, since i tryed to
rename it for example to: cbq-ppp.clients and give me an error,
why should it contain numbers?, is some kind of hierarchy
order, so the lower numbers represent the most significative
parameters or something like that?, i coulnd't found nothing
on the web about it.
Thanks a lot!!
Lightman
-
i am new to linux. i am running esmith 5.0 and want to do the same. .ie. i want to limit bandwidth to the computers on my local network of ip 192.168.1.X . can you plz help me in how should i proceed or is there any how to that i can refer to ?
help would be appritiated
zus
-
Hi zus
I am sending now a small howto that I did to help me remember how to do it, by private email, however i'm still unable to control the outgoing
(upstream) bandwidth, i was thinking that maybe the problem is that the second file made reference to a logical interfase (ppp0) instead of a hardware interfase eth1 (eth1 is connected to the DSL router with a crossover cable,so eth1 is the phisical transport for ppp0)
I'm going to change ppp0 for eth1 and see what's up.
let you know if i make it work and in the mean time, let's wait to see if someone in this list knows what's wrong and help us out :-)
see you
Lightman
-
lightman wrote :
>however i'm still unable to control the outgoing
>(upstream) bandwidth
Hi !
don't forget that cbq is only available in one way : ingoing bandwidth, as far as i can remember, and it works well when you've done your rules that way. Anyway, all that you need is in the cbq.init script. BTW, the version 0.7 is available, with much more interesting features ; read the threads for the adress...
Julien
-
thankx a ton lightman... will post my experience with ur how to soon :d
zus
-
hi
i must say an extremely well written howto ... i have a few basica question , can u please tell me what is the significance of the following keywords in the configuration files
1. DEVICE=ppp0,256Kbit,12kbit [does this order mean the following: ppp0 ur connection, 256Kbit downstream, 12kbit i guess up stream]
2. RATE=28Kbit what does it mean?
WEIGHT=3Kbit what does it mean?
PRIO=5 what does it mean?
thankx for all ur efforts its worth appritiation
zus
-
Hi Zus.
At 17:02 12/08/02, you wrote:
>This message was sent from: General discussion.
>
>hi
>
>i must say an extremely well written howto ... i have a few basica question
>, can u please tell me what is the significance of the following keywords in
>the configuration files
Thanks!, It's my first one!, i think it need still some fine tunning, and more
clarity, I will add this info to it too.
>1. DEVICE=ppp0,256Kbit,12kbit [does this order mean the following: ppp0 ur
>connection, 256Kbit downstream, 12kbit i guess up stream]
DEVICE=,,
interface is ppp0 in this case, the second parameter is the maximum
bandwidth capable for the device, 12Kbit is the weight (I have no idea of
what it is), the docs says that the value is allways 10% of the
bandwidth max capacity, however i set only 5% of it because I'm
controlling upstream, and my upstream is half of the downstream
capacity, so upstream is 128K /10 = 12K :-)
(not sure if i'm doing something wrong with this parameter but I think
that this will be the best setting for this case).
>2. RATE=28Kbit what does it mean?
The baudrate that you want to set as maximum to this interfase
for the RULE setting, 28Kbit it's about 3.5K/s or less.
>WEIGHT=3Kbit what does it mean?
same as before, Weight is 10% of the RATE setting, but I don't know why.
>PRIO=5 what does it mean?
Priority of this kind of traffic priority, lower number means
high priority, so you may define for example that voice packets
have a higher priority (a lower prio number) than regular data
to avoid voice interruptions.
So if you have down here a RULE=x.x.x.x the x.x.x.x IP will limit
it's bandwidth to 28Kbit theoretically :-), it doesn't in my case
for upstream :(( (yet) .
>thankx for all ur efforts its worth appritiation
>
>zus
URwelcome :)
Sorry if I'm not very clear but I didn't understand the whole
thing (yet), I'm still experimenting and only can explain
what I learned playing with it 8)
see you
Lightman
OOOPS!: I found it!, the doc from the one I read about CBQ
here it is (VERY LOOOONG :-)
---------------------------------------------------
# HOW DOES IT WORK?
# -----------------
#
# Every traffic class must be described by a file in the $CBQ_PATH directory
# (/etc/sysconfig/cbq by default) - one file per class.
#
# The config file names must obey mandatory format: cbq-. where
# is two-byte hexadecimal number in range <0002-FFFF> (which in fact
# is a CBQ class ID) and is the name of the class -- anything to help
# you distinguish the configuration files. For small amount of classes it is
# often possible (and convenient) to let resemble bandwidth of the
# class.
#
# Example of valid config name:
# cbq-1280.My_first_shaper
#
#
# The configuration file may contain the following parameters:
#
### Device parameters
#
# DEVICE=,[,] mandatory
# DEVICE=eth0,10Mbit,1Mbit
#
# is the name of the interface you want to control
# traffic on, e.g. eth0
# is the physical bandwidth of the device, e.g. for
# ethernet 10Mbit or 100Mbit, for arcnet 2Mbit
# is tuning parameter that should be proportional to
# . As a rule of thumb: = / 10
#
# When you have more classes on one interface, it is enough to specify
# [and ] only once, therefore in other files you only
# need to set DEVICE=.
#
### Class parameters
#
# RATE= mandatory
# RATE=5Mbit
#
# Bandwidth allocated to class. Traffic going through the class is
# shaped to conform to the given rate. You can use Kbit, Mbit or
# bps, Kbps and Mbps as suffices.miting speed of the shaper.
# You can use Kbit, Mbit or bps, Kbps, Mbps as suffixes.
#
# WEIGHT= mandatory
# WEIGHT=500Kbit
#
# Tuning parameter that should be proportional to RATE. As a rule
# of thumb, use WEIGHT ~= RATE / 10.
#
# PRIO=<1-8> optional, default 5
# PRIO=5
#
# Priority of class traffic. The higher the number, the lesser
# the priority. Priority of 5 is just fine.
#
# PARENT= optional, default not set
# PARENT=1280
#
# Specifies ID of the parent class to which you want this class be
# attached. You might want to use LEAF=none for the parent class as
# mentioned below. By using this parameter and carefully ordering the
# configuration files, it is possible to create simple hierarchical
# structures of CBQ classes. The ordering is important so that parent
# classes are constructed prior to their children.
#
# LEAF=none|tbf|sfq optional, default "tbf"
#
# Tells the script to attach specified leaf queueing discipline to CBQ
# class. By default, TBF is used. Note that attaching TBF to CBQ class
# shapes the traffic to conform to TBF parameters and prevents the class
# from borrowing bandwidth from its parent even if you have BOUNDED set
# to "no". To allow the class to borrow bandwith (provided it is not
# bounded), you must set LEAF to "none" or "sfq".
#
# If you want to ensure (approximately) fair sharing of bandwidth among
# several hosts in the same class, you might want to specify LEAF=sfq to
# attach SFQ as leaf queueing discipline to that class.
#
# BOUNDED=yes|no optional, default "yes"
#
# If set to "yes", the class is not allowed to borrow bandwidth from
# its parent class in overlimit situation. If set to "no", the class
# will be allowed to borrow bandwidth from its parent.
#
# Note: Don't forget to set LEAF to "none" or "sfq", otherwise the class will
# have TBF attached to itself and will not be able to borrow unused
# bandwith from its parent.
#
# ISOLATED=yes|no optional, default "no"
#
# If set to "yes", the class will not lend unused bandwidth to
# its children.
#
### TBF qdisc parameters
#
# BUFFER=[/] optional, default "10Kb/8"
#
# This parameter controls the depth of the token bucket. In other
# words it represents the maximal burst size the class can send.
# The optional part of parameter is used to determine the length
# of intervals in packet sizes, for which the transmission times
# are kept.
#
# LIMIT= optional, default "15Kb"
#
# This parameter determines the maximal length of backlog. If
# the queue contains more data than specified by LIMIT, the
# newly arriving packets are dropped. The length of backlog
# determines queue latency in case of congestion.
#
# PEAK= optional, default not set
#
# Maximal peak rate for short-term burst traffic. This allows you
# to control the absolute peak rate the class can send at, because
# single TBF that allows 256Kbit/s would of course allow rate of
# 512Kbit for half a second or 1Mbit for a quarter of second.
#
# MTU= optional, default "1500"
#
# Maximum number of bytes that can be sent at once over the
# physical medium. This parameter is required when you specify
# PEAK parameter. It defaults to MTU of ethernet - for other
# media types you might want to change it.
#
# Note: Setting TBF as leaf qdisc will effectively prevent the class from
# borrowing bandwidth from the ancestor class, because even if the
# class allows more traffic to pass through, it is then shaped to
# conform to TBF.
#
### SFQ qdisc parameters
#
# The SFQ queueing discipline is a cheap way for sharing class bandwidth
# among several hosts. As it is stochastic, the fairness is approximate but
# it will do the job in most cases. If you want real fairness, you should
# probably use WRR (weighted round robin) or WFQ queueing disciplines. Note
# that SFQ does not do any traffic shaping - the shaping is done by the CBQ
# class the SFQ is attached to.
#
# QUANTUM= optional, default not set
#
# This parameter should not be set lower than link MTU, for ethernet
# it is 1500b, or (with MAC header) 1514b which is the value used
# in Alexey Kuznetsov's examples.
#
# PERTURB= optional, default not set
#
# Period of hash function perturbation. In Alexey Kuznetsov's
# examples the value used was 15 seconds.
#
### Filter parameters
#
# RULE=[[saddr[/prefix]][:port[/mask]],][daddr[/prefix]][:port[/mask]]
#
# These parameters make up "u32" filter rules that select traffic for
# each of the classes. You can use multiple RULE fields per config.
#
# The optional port mask should only be used by advanced users who
# understand how the u32 filter works.
#
# Some examples:
#
# RULE=10.1.1.0/24:80
# selects traffic going to port 80 in network 10.1.1.0
#
# RULE=10.2.2.5
# selects traffic going to any port on single host 10.2.2.5
#
# RULE=10.2.2.5:20/0xfffe
# selects traffic going to ports 20 and 21 on host 10.2.2.5
#
# RULE=:25,10.2.2.128/26:5000
# selects traffic going from anywhere on port 50 to
# port 5000 in network 10.2.2.128
#
# RULE=10.5.5.5:80,
# selects traffic going from port 80 of single host 10.5.5.5
#
#
#
# REALM=[srealm,][drealm]
#
# These parameters make up "route" filter rules that classify traffic
# according to packet source/destination realms. For information about
# realms, see Alexey Kuznetsov's IP Command Reference. This script
# does not define any realms, it justs builds "tc filter" commands
# for you if you need to classify traffic this way.
#
# Realm is either a decimal number or a string referencing entry in
# /etc/iproute2/rt_realms (usually).
#
# Some examples:
#
# REALM=russia,internet
# selects traffic going from realm "russia" to realm "internet"
#
# REALM=freenet,
# selects traffic going from realm "freenet"
#
# REALM=10
# selects traffic going to realm 10
#
#
#
# MARK=
#
# These parameters make up "fw" filter rules that select traffic for
# each of the classes accoring to firewall "mark". Mark is a decimal
# number packets are tagged with if firewall rules say so. You can
# use multiple MARK fields per config.
#
#
# Note: Rules for different filter types can be combined. Attention must be
# paid to the priority of filter rules, which can be set below using
# PRIO_{RULE,MARK,REALM} variables.
#
### Time ranging parameters
#
# TIME=[,, ...,/]-;/[/]
# TIME=0,1,2,5/18:00-06:00;256Kbit/25Kbit
# TIME=60123/18:00-06:00;256Kbit/25Kbit
# TIME=18:00-06:00;256Kbit/25Kbit
#
# This parameter allows you to differentiate the class bandwidth
# throughout the day. You can specify multiple TIME parameters, if
# the times overlap, last match is taken. The fields ,
# and correspond to parameters RATE, WEIGHT and PEAK (which
# is optional and applies to TBF leaf qdisc only).
#
# You can also specify days of week when the TIME rule applies.
# is numeric, 0 corresponds to sunday, 1 corresponds to monday, etc.
#
###
#
# Sample configuration file: cbq-1280.My_first_shaper
#
# --------------------------------------------------------------------------
# DEVICE=eth0,10Mbit,1Mbit
# RATE=128Kbit
# WEIGHT=10Kbit
# PRIO=5
# RULE=192.128.1.0/24
# --------------------------------------------------------------------------
#
# The configuration says that we will control traffic on 10Mbit ethernet
# device eth0 and the traffic going to network 192.168.1.0 will be
# processed with priority 5 and shaped to rate of 128Kbit.
#
# Note that you can control outgoing traffic only. If you want to control
# traffic in both directions, you must set up CBQ for both interfaces.
#
# Consider the following example:
#
# +---------+ 192.168.1.1
# BACKBONE -----eth0-| linux |-eth1------*-[client]
# +---------+
#
# Imagine you want to shape traffic from backbone to the client to 28Kbit
# and traffic in the opposite direction to 128Kbit. You need to setup CBQ
# on both eth0 and eth1 interfaces, thus you need two config files:
#
# cbq-028.backbone-client
# --------------------------------------------------------------------------
# DEVICE=eth1,10Mbit,1Mbit
# RATE=28Kbit
# WEIGHT=2Kbit
# PRIO=5
# RULE=192.168.1.1
# --------------------------------------------------------------------------
#
# cbq-128.client-backbone
# --------------------------------------------------------------------------
# DEVICE=eth0,10Mbit,1Mbit
# RATE=128Kbit
# WEIGHT=10Kbit
# PRIO=5
# RULE=192.168.1.1,
# --------------------------------------------------------------------------
#
# Pay attention to comma "," in the RULE field - it denotes source address!
#
# Enjoy.
#
#############################################################################
-
Nice!!!
I'd really like to see your howto, this feature would be really great !!!
I have 1 question, do i have to use the proxy on my clients or does it work without it?
-
Hi Bas
The real good thing about CBQ is that does not require the use of proxy (which i hate!, they are too complicated :-), and explain to my users to set them correctly will lead me to some extra headache that i prefer to avoid hehe.
Yesterday I connect my 3rd neighbour to my intranet and, so far, everything works great, iptraf reports a good and balanced usage of bandwidth, I still can't believe
how good it works, the outgoing problem (not limiting BW for outgoing packets) was not serious since none of them tryed yet to instal any p2p software, but
i need to find out how to control outgoing data just before than anyone installs
some kazaa or similar :)
well here it is, please no flames :), I'm just a newbie that i'm learning how
to do it, and wrote this also to remember how I did it in the first place :-).
suggestions and corrections of my errors are very well welcome hehe.
Seeyou
Lightman
----------------------------------------
Title: Bandwidth Limiting in SME server V 5 for newbies (like me)
Creator: Lightman
applies to: SME Server V 5.0 - CBQ usage
Thanks to: All the guys of the SME Board that indirectly teach me
so much, the SME team for developing such great distro
and the Bandwidth-Limiting-HOWTO creators.
intro:
------
If you are reading this probably is because you wanna do it as I wanted to,
at first sight seems deadly difficult, however, SME guys did an excellent
job simplifying the whole thing.
There are others documents that explains how to do bandwidth limiting using
squid proxy and other method's, however what I wanted was a easy way to do
it, I will sacrifice features in order to keep as easy as possible.
After reading 4 months of postings related ot it and some HOWTOS I decide
to use CBQ, because I thought that this method was the more clear to
implement, and since SME comes with CBQ ready to use, the choice was clear.
my particular requirement:
--------------------------
First, a little of intro of why I'm doing this, due to the economical
difficult's in my country, and as consecuence of this, in the people, high
speed internet access is expensive, and very few people can afford it,
due to the nature of my job, i need 24 hs internet access, but it's not
mandatory to have all the bandwidth available, so after talking with my
condo's neighbours that they will love to be online 24hs, we decide to
share the internet access, since I was using SME server for my personal
local network, I will extend my local network to the others appartments.
as a result of this, i believe that my network will suffer the motorway
effect, pretty soon i will see how my neighbours eat all my bandwidth
with programs like KaZaA, audiogalaxy, Edonkey (without limitating
the bandwidth adecuately) and very quickly what once was a fast
access it may be turn slower than a dial up one, aaaaahhhhgggg!!!.
Something must be done NOW, before it happens.
So my network: 192.168.1.0/24 ,LAN interfase was eth0 (100Mbit)
WAN interfase is a DSL router Cisco 667 (ppp0) connected to eth1
my total bandwidth is 256K downstream and about 128Kbit upstream.
(i will upgrade the service to 512K when more than 4 neigbours decide
to connect to my lan).
my local computers won't be limited ;), only the neigbours.
neighbour computers are in the range of 192.168.1.50 to 192.168.1.60
the procedure:
--------------
go to: /etc/sysconfig/cbq
there is only one file there, for demo only, i moved these to my home dir
then copy and edit (to preserve the original).
two files are necessary since I need to limit the total bandwidth
(regardless the port used), and do it not just for download but for upload
as well, so programs like KaZaA don't eat it all :)
create 2 files the first one will limit the DOWNLOAD capability of my
loved bandwidth hungry neighbour's :)
named 'cbq-20.clients' contains:
DEVICE=eth0,100Mbit,10Mbit
RATE=35kbit
WEIGHT=4Kbit
PRIO=5
# 8.A.
RULE=192.168.1.50
# 7.A.
RULE=192.168.1.51
# 7.B.
RULE=192.168.1.52
# 6.A.
RULE=192.168.1.53
# and keep going, and going, just add the
# IP numbers you want to limit as the 4
# ones up here.
now the UPLOAD file 'cbq-21.clients'
DEVICE=ppp0,256Kbit,12kbit
RATE=28Kbit
WEIGHT=3Kbit
PRIO=5
# 8.A.
RULE=192.168.1.50
# 7.A.
RULE=192.168.1.51
# 7.B.
RULE=192.168.1.52
# 6.A.
RULE=192.168.1.53
# same as cbq-20.clients this will
# continue with the same data
now put them on /etc/sysconfig/cbq
and go to /sbin
type cbq start , this command will start the CBQ and inmediately
start's to limitate the bandwidth, if you want to stoppet just
type cbq stop
now this is some how, done by hand, we must to automatize it.
go to
/etc/rc.d/rc.local
add at the very end of the file
/sbin/cbq start
this will start cbq when all the loading process was completed.
(the last thing to load).
well that's it! , simple isn't it?.
now you can play a little more, since CBQ can do a lot more things
than just that, it can limit bandwidth by a specific port or even
in a programmed time.
look on the net for bandwidth-limiting-HOWTO and take a look
at the CBQ part of this file, there are several options discussed
there (except the one i explained here :-).
------------UPDATE------------
the setting: DEVICE=ppp0,256Kbit,12kbit
in file 'cbq-21.clients' don't work in my SME, don't know why
(that's why i post here in the first place :-), so try instead
the following settings for the file 'cbq-21.clients'
DEVICE=eth1,10Mbit,1Mbit
RATE=28Kbit
WEIGHT=3Kbit
not sure if it will work, but I let you know soon when I test it
see you
Lightman
-
Sorry, again (I know i'm getting heavy :-)
The last configuration that I post of the file cbq-21.clients won't work
for upstream as I said before, (the downstream works perfect).
well i found a method that works, you only have to change
the cbq-21.clients file setting (the one that has the ppp0)
here it goes:
--------------------------------------
For some reason that I don't understand,
CBQ doesn't support IP for outgoing traffic,
like i do for incoming, or, I didn't find yet how to
do it right.
The following configuration is working right now in
my SME 5.0, the only problem is that it limits ALL
the outgoing traffic related to these ports no matter
from who (IP) is coming from.
but at least works :)
Configuration for outbound traffic
This one is working right now in my SME:
filename 'cbq-21.clients'
-------------------------
DEVICE=ppp0,256Kbit,25Kbit
RATE=40Kbit
# This give me a 4.5K/s using eDonkey2000
WEIGHT=4Kbit
PRIO=8
# I setup 8 to keep it low priority
#
#eDonkey Ports
RULE=,:4661
RULE=,:4662
RULE=,:4665
#other p2p used ports (Kazaa,audiogalaxy,imesh,bearshare,etc.)
RULE=,:1214
RULE=,:41000
RULE=,:41001
RULE=,:41002
RULE=,:41003
RULE=,:41004
RULE=,:41005
RULE=,:41006
RULE=,:41007
RULE=,:41008
RULE=,:41009
RULE=,:41010
RULE=,:5190
RULE=,:5501
RULE=,:5502
RULE=,:5503
RULE=,:6346
RULE=,:6347
RULE=,:6699
RULE=,:6700
RULE=,:6701
RULE=,:8311
RULE=,:8888
RULE=,:8889
RULE=,:28865
RULE=,:28864
RULE=,:41170
RULE=,:4329
RULE=,:2340
that's it.
I hope it be useful to
someone :)
Lightman
-
dear lightman
plz help me with this:
i need to create
RULE 1 i can assign 192.168.1.1; 192.168.1.3 and 192.168.1.4 and upstream of 3kbps
RULE 2 i can assign 192.168.1.2 upstream of 1kbps
RULE 3 i can assign 192.168.1.5 upstream of 5kbps
RULE 4 i can assign 192.168.1.1; 192.168.1.5 a downstream of 1 kbps
RULE 5 i can assign 192.168.1.2; 192.168.1.4 a downstream of 1.4 kbps
RULE 6 i can assign 192.168.1.3 a downstream of 1.2 kbps
plz tell me how to create the following conf files
thankz
zus
-
..OK....it works but.... You forgot about the comma in section RULE in file with ppp..it must be like that:
_______________________________
now the UPLOAD file 'cbq-21.clients'
DEVICE=ppp0,256Kbit,12kbit
RATE=28Kbit
WEIGHT=3Kbit
PRIO=5
# 8.A.
RULE=192.168.1.50,
# 7.A.
RULE=192.168.1.51,
# 7.B.
RULE=192.168.1.52,
# 6.A.
RULE=192.168.1.53,
# same as cbq-20.clients this will
# continue with the same data
________________________________
do You agreed?
-
Hello W.Raj
mmmmmmmmm.
not sure......
Let me try it, and I'll go back to you & post my results.
thanks
Lightman
-
Lightman,
I do not have ppp0, only eth0 and eth1 and if I try and create a rule and start cbq nothing works, wether I use eth0 or eth1?
But if I put eth0 and eth1 then that will limit both incoming and outgoing right?
Cyrus Bharda
-
I have tried everything, I am trying to limit port 1412 outgoing only on all IP's this is what I have tried unsuccessfully:
eth0 = local LAN 10 Mbit
eth1 = 512/128Kbit ADSL modem bridged connection
192.168.0.1 = SME 5.5u6
192.168.0.2 = Client Windows 2000
DEVICE=eth0,10Kbit,1Kbit
RATE=1Kbit
WEIGHT=0.1Kbit
PRIO=8
RULE=:1412,
DEVICE=eth1,128Kbit,12Kbit
RATE=1Kbit
WEIGHT=0.1Kbit
PRIO=8
RULE=:1412,
I have stop cbq before changes and started after saved changes, still nothing happens to the up/down speed at all? So I tried setting my IP:
DEVICE=eth0,10Kbit,1Kbit
RATE=1Kbit
WEIGHT=0.1Kbit
PRIO=8
RULE=192.168.0.2,
DEVICE=eth1,128Kbit,12Kbit
RATE=1Kbit
WEIGHT=0.1Kbit
PRIO=8
RULE=192.168.0.2,
Still nothing, what am I doing wrong?
I even tried to install that spanish contrib to control cbq from server-manager and played around, but couldnot understand the google translation of it :-) Does anyone speak spanish, or know anyone spanish who could possibly translate these panels?
Thanks,
Cyrus Bharda
-
Hi All
Sorry for the delay, but I takes me a while to learn how to do it.
Here it is.
I finally got the UPSTREAM bandwidth control Working with CBQ.
First, I will refresh my current setup so you know why it is done this way.
ADSL line 512 down/128 up, all my users are behind the sme.
almost 60 % of them do bulk downloads with kazaa and other progs.
no problem with the downstream, since control downstream bandwidth
with cbq is easy as shown before here.
The problem is to block outgoing traffic, I only have 128K for 8 users!,
and It takes only 1 kazaa to use the full 128K of outgoing traffic.
Also another problem was the outgoing Email.
When you send an e-mail with a large attachment, almost all the incoming
traffic stops, this will help that also.
I have 3 interfaces: eth0 (lan) eth1 bonded to the ppp0 (Cisco 677 DSL router)
my connection is PPPoE type.
SMTP and POP OUTGOING traffic, file:
_________________________________
cbq-22.mail
DEVICE=ppp0,128Kbit,12Kbit
RATE=56Kbit
WEIGHT=5Kbit
PEAK=5Kbit
PRIO=5
RULE=:110
RULE=:25
RULE=:,25
FTP OUTGOING traffic, file:
_______________________
cbq-25.ftp
DEVICE=ppp0,128Kbit,12Kbit
RATE=56Kbit
WEIGHT=5Kbit
PEAK=5Kbit
PRIO=5
RULE=:20
RULE=:21
KAZAA OUTGOING traffic, file:
_________________________
cbq-26.kazaa
DEVICE=ppp0,128Kbit,12Kbit
RATE=33Kbit #HEHEHEHEHE
WEIGHT=3Kbit
PEAK=3Kbit
PRIO=7
RULE=:1214
RULE=:4662
RULE=:4663
RULE=:4665
RULE=:4672
That's all.
It's working now in my SME 5.5, I Hope that it could be of help ;)
I will write a complete CBQ-SME-HOWTO this weekend and post it here.
this work couldn't be done if it wasn't for the fantastic IPTRAF tool,
great program!
see you
Lightman
-
Hi Cyrus Bharda
First keep in mind that Outgoing traffic must be filtered in the external interfase, and because of this, it's not possible to do a per-user filtering, since only your
external IP is visible from the outside.
But you can limit by port number as I show in the previous post.
to figure it out I used iptraf, i recommend you to install it and check if you
can see the traffic in "Clear" in eth1.
Monitoring my SME with iptraf in eth1 result in a bunch of non TCP packets, only that, so it's not possible control bandwidth there (that was because i use PPPoE and probably eth1 is doing some tunneling i think).
monitoring ppp0 with the option "ip traffic monitor"=> ppp0 i was able to find out that the destination port of outgoing packet was the 1214 and 4662 (for e2k networks) so I did the configuration to limit this, It is shown in the previous post.
(RULE=:4662 and RULE=:1214) that worked great.
now I was able to do it because i had the ppp0 and I can see the traffic in clear, if you can see the traffic clear with iptraf in eth1 you will be able to do it as well.
remember to use in the interfase eth1 the speed values of your outgoing true capacity (not the lan capacity), or it will not work good (don't know why but
was what i experienced).
I hope that it helps you, let me know if it works :)
see you
Lightman
-
Is there anyway to get ut to work with dhcp??
and restrict the bandwith to users
like:
if im alone i get all...
if we are 2 we split it brotherly..
if we are 10 we devide it in 10 cake-slices...
not just restrict kaza(other) trafic to limited
OFFTOPIC:
I got adsl 512 (telia sweden) so i get a diffrent ip each time i logon.
Is there any easyway to install a dns forward like: KRS.dns2go.com -> diffrent ip
-
gee Im glad to read your long postings Lightman!
its hard enough to follow all of them BUT
without 'em who knows where i'd be !!
many thanks & a GREAT XMAS / NEW YEAR to you kind fellow!
Rob
-
Here was my solution for using CBQ on a per IP basis:
http://www.lightningconnect.net/bridge-howto/SME56withbridge.html
-
Hi Robert
thanks a lot for your words, but I prefer to thank to all of the people
that contribute with this thread, I only started it.
take a look at the last marco's post, his idea is excellent!.
happy xmas & new year to you too.
see you
Lightman
-
Hi Marco
WOOW your Idea es Excelent!!
Thanks a lot for sharing it with us, I will build a testbed this weekend and
if all goes well I will implement it on my server, all my users in the building
will be very happy for that hehehe ;)
now seriously that was a very clever idea, I will look also for a way to
simulate the 2 loopback cards instead of use hardware cards, just
to reduce cost and IRQ usage :) but even using the four cards, is a great
place to put a lan traffic monitor :))
thanks a lot
Lightman
-
Lightman,
If you find a way to make the bridge with a virtual device, PLEASE let me know. To my knowledge, there is no way, but who knows!
Thanks for your work and everyone else on this thread. Thanks for keeping your little how-to going, it has helped me in the past!
-
Hi, could I please get some help on creating a specific CBQ for my server?
I have an SME6.0beta3 server, set up to be a webserver on port 80. I have a web page on it that has a lot of downloadable files.
I am trying to limit the speed that those files get downloaded at, but no luck. Here's what I have:
cbq-80.server
-------------
DEVICE=eth1,100Mbit,10Mbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=192.168.2.35
cbq-81.server
-------------
DEVICE=ppp0,128Kbit,12Kbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=:80
I am not sure what I should use for this case; eth0, eth1, or ppp0. Right now I have eth1 and ppp0.
Can someone please make those scripts work for me?
Thanks!
- FireWire
-
Can I please get some help on this issue?
I made a mistake in the server version. I have SME 6.0.1 server. I need to limit the download/upload bandwidth on my server to external users.
Hi, could I please get some help on creating a specific CBQ for my server?
I have an SME6.0beta3 server, set up to be a webserver on port 80. I have a web page on it that has a lot of downloadable files.
I am trying to limit the speed that those files get downloaded at, but no luck. Here's what I have:
cbq-80.server
-------------
DEVICE=eth1,100Mbit,10Mbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=192.168.2.35
cbq-81.server
-------------
DEVICE=ppp0,128Kbit,12Kbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=:80
I am not sure what I should use for this case; eth0, eth1, or ppp0. Right now I have eth1 and ppp0.
Can someone please make those scripts work for me?
Thanks!
- FireWire
-
Cyrus
The english language rpm is available
eneo-qos_cbq-0.1-05en.noarch.rpm
from
ftp://ftp.ibiblio.org/pub/linux/distributions/e-smith/contrib/eneo/RPMS/noarch/
You might also like to try
sme-QoS-1.0-6.noarch.rpm
from
http://www.e-smith.dyndns.org/
Both add nice server manager panels
Seem OK for v5.6 and 6.0
Regs
Ray
-
IMPORTANT: Need help with the following issue. Can you guys please help?
Hi, could I please get some help on creating a specific CBQ for my server?
I have an SME6.0beta3 server, set up to be a webserver on port 80. I have a web page on it that has a lot of downloadable files.
I am trying to limit the speed that those files get downloaded at, but no luck. Here's what I have:
cbq-80.server
-------------
DEVICE=eth1,100Mbit,10Mbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=192.168.2.35
cbq-81.server
-------------
DEVICE=ppp0,128Kbit,12Kbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=:80
I am not sure what I should use for this case; eth0, eth1, or ppp0. Right now I have eth1 and ppp0.
Can someone please make those scripts work for me?
Thanks!
- FireWire
-
Firewire,
when you do an ifconfig, what interfaces do you see. That is what your devices should be. Now, for the interesting part:
Here is your file
cbq-81.server
-------------
DEVICE=ppp0,128Kbit,12Kbit
RATE=80Kbit
WEIGHT=8Kbit
PRIO=5
RULE=:80
What you have here says that on the ppp0 device (wan virtual device), you only want to allow 80Kbits/sec with a variance of 8Kbits out to the internet. You have it marked as standard priority, and are trying to control port 80 traffic (you are missing the comma before the colon (:) which specifies that this is the source device that you are controlling; or the wan IP). Mind you, if you are behind this server (using it as your gateway), you will only see this same speed as your upload speed. Any users that also use this server as a gateway will all see a total of 80Kbits/sec total upload for everyone combined on port 80.
Your file probably hasn't worked because of the missing comma. The line should look like this:
RULE=,:80
Remember, if you do an ifconfig and have eth0, and ppp0 then you would use ppp0 for the wan device. If you have eth0 and eth1 you would use which ever device that is your wan device.
HTH