Throttle traffic for a single local IP on a Linux router?

pfunix pfunix at gmail.com
Fri Dec 24 08:03:01 CST 2010


take a read on this link

http://www.faqs.org/docs/Linux-HOWTO/Bandwidth-Limiting-HOWTO.html

-beavis

Sent from Space

On Dec 23, 2010, at 5:32 PM, johnc at hush.ai wrote:

> Hi,
>
> I know this might not be 100% on-topic and might be better suited
> for a Linux-distro mailinglist, but I hope to get more diverse
> methods from you networking experts.
>
> Basically, I have a small residential connection, 5 Mbit down, 0.5
> Mbit up. A user on my local network, who we will call
> 192.168.1.105, is using too much bandwidth. I have tried social
> engineering to get him to stop, he claims to, but iftop says
> otherwise.
>
> My network is setup like this: Cable modem goes to eth0 on router
> running Ubuntu server, eth1 on the Ubuntu box goes to a wrt54gl
> (behaving purely as a bridge), and all clients are connected
> wirelessly. The Ubuntu box handles everything.
>
> So I have tried this script, and it does not work -- download speed
> gets limited just fine, but upload remains unlimited for some
> reason:
>
> TC=/sbin/tc
> OUTIF=eth0             # Interface for WAN (internet)
> INIF=eth1            # Interface for LAN (internal network)
> DNLD=0.5mbit          # DOWNLOAD Limit
> UPLD=0.1mbit          # UPLOAD Limit
> IP=192.168.1.105
> U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"
> $TC qdisc del dev $INIF root
> $TC qdisc del dev $OUTIF root
> $TC qdisc add dev $INIF root handle 1: htb default 30
> $TC qdisc add dev $OUTIF root handle 1: htb default 30
> $TC class add dev $INIF parent 1: classid 1:1 htb rate $DNLD ceil
> $DNLD
> $TC class add dev $OUTIF parent 1: classid 1:1 htb rate $UPLD ceil
> $UPLD
> $TC filter add dev $INIF  parent 1:0 ip pref 1 u32 match ip src
> $IP/32 0xFFFFFFFF flowid 1:1
> $TC filter add dev $OUTIF parent 1:0 ip pref 1 u32 match ip dst
> $IP/32 0xFFFFFFFF flowid 1:1
>
> Anyone see any problems in my setup, this script, or have any idea
> how I can limit the speeds of Mr. 192.168.1.105 without social
> engineering?
>
> Thank you for your time.
>
>




More information about the NANOG mailing list