[ILUG] bandwidth limiting

Fri Jun 8 16:21:03 IST 2007

On 6/7/07, Pete McEvoy <pete at yerma.org> wrote:
> so far, it seems squids delay pools or cbq seem to be the preferred
> methods, I especially like the look of the webcbq project.

Hello Pete,

Never used webcbq but been using tc for some control over SSH
especially, here's an example (which was found some time ago on the
web using your favorite search engine) :

-------------------------- BEGIN SCRIPT
#!/bin/bash
#
# All Rates are in Kbits, so in order to gets Bytes divide by 8
# e.g. 25Kbps == 3.125KB/s
#
TC=/sbin/tc
IPTABLES=/sbin/iptables
PORT=22
DNLD=1000Kbit           # DOWNLOAD Limit
DWEIGHT=100Kbit         # DOWNLOAD Weight Factor ~ 1/10 of DOWNLOAD Limit
UPLD=1000KBit           # UPLOAD Limit
UWEIGHT=100Kbit         # UPLOAD Weight Factor

# CHAIN=("POSTROUTING" "PREROUTING" "INPUT" "OUTPUT")
CHAIN=("POSTROUTING" "PREROUTING" "INPUT" "OUTPUT")

# PROTOCOL=("tcp" "udp")
PROTOCOL=("tcp")

# DIRECTION=("--sport" "--dport")
DIRECTION=("--sport" "--dport")

# PORT=("22")
PORT=("22")

tc_start() {

        $TC qdisc add dev eth0 root handle 11: cbq bandwidth 100Mbit
avpkt 1000 mpu 64
        $TC class add dev eth0 parent 11:0 classid 11:1 cbq rate $DNLD
weight $DWEIGHT allot 1514 prio 1 avpkt 1000 bounded
        $TC filter add dev eth0 parent 11:0 protocol ip handle 4 fw flowid 11:1

        for chain in ${CHAIN[@]}
        do
          for protocol in ${PROTOCOL[@]}
          do
            for direction in ${DIRECTION[@]}
            do
               for port in ${PORT[@]}
               do
                 ${IPTABLES} -t mangle -A ${chain} -p ${protocol}
${direction} ${port} -j MARK --set-mark 4
               done
            done
          done
        done

#       $TC qdisc add dev eth1 root handle 10: cbq bandwidth 10Mbit
avpkt 1000 mpu 64
#       $TC class add dev eth1 parent 10:0 classid 10:1 cbq rate $UPLD
weight $UWEIGHT allot 1514 prio 1 avpkt 1000 bounded
#       $TC filter add dev eth1 parent 10:0 protocol ip handle 3 fw flowid 10:1

}

tc_stop() {

        $TC qdisc del dev eth0 root

        for chain in ${CHAIN[@]}
        do
          for protocol in ${PROTOCOL[@]}
          do
            for direction in ${DIRECTION[@]}
            do
               for port in ${PORT[@]}
               do
                 ${IPTABLES} -t mangle -D ${chain} -p ${protocol}
${direction} ${port} -j MARK --set-mark 4
               done
            done
          done
        done

#       $TC qdisc del dev eth1 root

}

tc_restart() {

        tc_stop
        sleep 1
        tc_start
}

tc_show() {

        echo ""
        echo "eth0:"
        $TC qdisc show dev eth0
        $TC class show dev eth0
        $TC filter show dev eth0
        echo ""
        $IPTABLES -t mangle --list

#       echo "eth1:"
#       $TC qdisc show dev eth1
#       $TC class show dev eth1
#       $TC filter show dev eth1
#       echo ""

}

case "$1" in

 start)

        echo -n "Starting bandwidth shaping: "
        tc_start
        echo "done"
        ;;

 stop)

        echo -n "Stopping bandwidth shaping: "
        tc_stop
        echo "done"
        ;;

 restart)

        echo -n "Restarting bandwidth shaping: "
        tc_restart
        echo "done"
        ;;

 show)

        tc_show
        ;;

 *)

        echo "Usage: /etc/init.d/tc.sh {start|stop|restart|show}"
        ;;

esac

exit 0
-------------------------- BEGIN SCRIPT

Hope this helps,
Steph