[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comments on Setup

I've got a T1 connection to the Internet, and I'm trying to limit one of 
our customers from sucking up all our bandwidth.  I've come up with the 
following script which seems to work fine in a test area of 4 or 5 
machines, but I'm wondering if there is anything I should be looking out 
for when I put it on the full network, with thousands of IP connections 
going through it instead of just the 10-20 I have going in my tests.  Any 
comments would be appreciated.

BTW: eth1 is the interface that leads to a CISCO 2500 router with the T1, 
there is a similar script running on eth0 to limit outgoing bandwidth.  All 
that is changed is that the dst's in the filters are changed to src's and 


ESTIMATOR="est 500msec 2s"

DEV="dev $IFACE"

$TC qdisc add $DEV handle 10:0 root cbq bandwidth 10Mbit avpkt $AVPKT

# Add in base class that contains all our bandwidth

$TC class add $DEV parent 10:0 classid 10:1 cbq \
         bandwidth 10Mbit rate $BANDWIDTH allot 1514 avpkt $AVPKT \
         bounded isolated

$TC qdisc add $DEV parent 10:1 pfifo limit 20

# Add in throttled network
$TC class add $DEV parent 10:1 classid 10:20 $ESTIMATOR cbq \
         bandwidth 10Mbit rate $THR_BW avpkt $AVPKT allot 1514 borrow

$TC qdisc add $DEV parent 10:20 pfifo limit 20

# Anything coming out of the network is throttled
$TC filter add $DEV parent 10:0 proto ip prio 1 u32 \
         match ip dst classid 10:20

# Add in default  We use borrow, even though there should be no remaining
# bandwidth, just in case we messed up the REST_RATE calc
$TC class add $DEV parent 10:1 classid 10:10 $ESTIMATOR cbq \
         bandwidth 10Mbit rate $REST_RATE avpkt $AVPKT allot 1514 \
         borrow defmap 1

$TC qdisc add $DEV parent 10:10 pfifo limit 50

$TC filter add $DEV parent 10:0 proto ip prio 5 u32 \
         match ip dst any classid 10:10