LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Bandwidth-Limiting-HOWTO/faq.html

661 lines
13 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Frequently Asked Questions</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
"><LINK
REL="HOME"
TITLE="Bandwidth Limiting HOWTO"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Dealing with Other Bandwidth-consuming Protocols Using CBQ"
HREF="cbq.html"><LINK
REL="NEXT"
TITLE="Miscellaneous"
HREF="misc.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Bandwidth Limiting HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="cbq.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="misc.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="FAQ"
>5. Frequently Asked Questions</A
></H1
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN287"
>5.1. Is it possible to limit bandwidth on a per-user basis with delay pools?</A
></H2
><P
>Yes. Look inside the original <TT
CLASS="FILENAME"
>squid.conf</TT
> file and
check the Squid documentation on <A
HREF="http://www.squid-cache.org"
TARGET="_top"
>http://www.squid-cache.org</A
></P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN292"
>5.2. How do I make <B
CLASS="COMMAND"
>wget</B
> work with Squid?</A
></H2
><P
>It's simple. Create a file called <TT
CLASS="FILENAME"
>.wgetrc</TT
> and put it in your home directory.
Insert the following lines in it and that's it!</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>HTTP_PROXY=192.168.1.1:8080
FTP_PROXY=192.168.1.1:8080</PRE
></FONT
></TD
></TR
></TABLE
><P
>You can make it work globally for all users, type <TT
CLASS="FILENAME"
>man wget</TT
>
to learn how.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN300"
>5.3. I set up my own SOCKS server listening on port 1080, and now I'm not able to connect to
any irc server.</A
></H2
><P
>There can be two issues here.</P
><P
>One is when your SOCKS proxy is open relay, that means everyone can use it from any place in the world.
It is a security issue and you should check your SOCKS proxy configuration again - generally irc servers don't
allow open relay SOCKS servers to connect to them.</P
><P
>If you are sure your SOCKS server isn't open relay, you may be still disallowed to connect to
some of the irc servers - it's because mostly they just check if SOCKS server is running on port 1080 of a client
that is connecting. In that case just reconfigure your SOCKS to work on a different port. You will also have to
reconfigure your LAN software to use a proper SOCKS server and port.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN305"
>5.4. I don't like when Kazaa or Audiogalaxy is filling up all my upload bandwidth.</A
></H2
><P
>Indeed that can be painful, but it's simple to be solved.</P
><P
>Create a file called for example <TT
CLASS="FILENAME"
>/etc/sysconfig/cbq/cbq-15.ppp</TT
>.</P
><P
>Insert the following lines into it, and Kazaa or Audiogalaxy will upload not faster than
about 15 kbits/s. I assume that your outgoing internet interface is ppp0.</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>DEVICE=ppp0,115Kbit,11Kbit
RATE=15Kbit
WEIGHT=2Kbit
PRIO=5
TIME=01:00-07:59;110Kbit/11Kbit
RULE=,:21
RULE=,213.25.25.101
RULE=,:1214
RULE=,:41000
RULE=,:41001
#And so on till :41030
RULE=,:41030</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN312"
>5.5. My outgoing mail server is eating up all my bandwidth.</A
></H2
><P
>You can limit your SMTP, Postfix, Sendmail, or whatever, in a way similar to the question above.
Just change or add one rule:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>RULE=,:25</PRE
></FONT
></TD
></TR
></TABLE
><P
>Moreover, if you have an SMTP server, you can force your local LAN users to use it,
even though they have set up their own SMTP servers to smtp.some.server! We'll do it in a
transparent way we did before with Squid.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN317"
>5.6. Can I limit my own FTP or WWW server in a manner similar it is shown in the question above?</A
></H2
><P
>Generally you can, but usually these servers have got their own bandwidth limiting
configurations, so you will probably want to look into their documentation.</P
><P
>2.2.x Kernels</P
><P
><B
CLASS="COMMAND"
>/sbin/ipchains -A input -s 192.168.1.1/24 -d ! 192.168.1.1 25 -p TCP -j REDIRECT 25</B
></P
><P
>2.4.x Kernels</P
><P
><B
CLASS="COMMAND"
>/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25
-j REDIRECT --to-port 25</B
></P
><P
>Don't forget to add a proper line to your initializing scripts.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN327"
>5.7. Is it possible to limit bandwidth on a per-user basis with <B
CLASS="COMMAND"
>cbq.init</B
> script?</A
></H2
><P
>Yes. Look inside this script; there are some examples.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN331"
>5.8. Whenever I start <TT
CLASS="FILENAME"
>cbq.init</TT
>, it says <TT
CLASS="FILENAME"
>sch_cbq</TT
> is missing.</A
></H2
><P
>Probably you don't have CBQ as modules in your system. If you have compiled CBQ into your kernel, comment out the
following lines in your <TT
CLASS="FILENAME"
>cbq.init-v0.6.2</TT
> script.</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>### If you have cbq, tbf and u32 compiled into kernel, comment it out
#for module in sch_cbq sch_tbf sch_sfq sch_prio cls_u32; do
# if ! modprobe $module; then
# echo "**CBQ: could not load module $module"
# exit
# fi
#done</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN338"
>5.9. CBQ sometimes doesn't work for no reason.</A
></H2
><P
>Generally it shouldn't occur. Sometimes, you can observe mass downloads, though you
think you have blocked all ports Napster or Audiogalaxy uses. Well, there is always one more
port open for mass downloads. To find it, you can use IPTraf. As there can be possibly
thousands of such ports, it can be really hard task for you.
To make it easier, you can consider running your own SOCKS proxy - Napster, Audiogalaxy
and many programs can use SOCKS proxies, so it's much easier to deal with just one port,
than to do so with thousands of possibilites (standard SOCKS port is 1080, if you run your
own SOCKS proxy server, you will be able
to set it up differently, or run multiple instances of SOCKS proxy listening on
different ports). Don't forget to close all ports for traffic,
and leave open ports like 25 and 110 (SMTP and POP3), and other you think might be useful. You will
find a link to awesome Nylon socks proxy server at the end of this HOWTO.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN341"
>5.10. Delay pools are stupid; why can't I download something at full speed
when the network is used only by me?</A
></H2
><P
>Unfortunately, you can't do much about it.</P
><P
>The only thing you can do is to use <B
CLASS="COMMAND"
>cron</B
> and reconfigure
it, for example, at 1.00 am, so that Squid won't use delay pools, then reconfigure
it again, let's say at 7.30 am, to use delay pools.</P
><P
>To do this, create two separate config files, called for example
<TT
CLASS="FILENAME"
>squid.conf-day</TT
> and <TT
CLASS="FILENAME"
>squid.conf-night</TT
>, and put them into
<TT
CLASS="FILENAME"
>/opt/squid/etc/</TT
>.</P
><P
><TT
CLASS="FILENAME"
>squid.conf-day</TT
> would be the exact copy of a config we created earlier</P
><P
><TT
CLASS="FILENAME"
>squid.conf-night</TT
>, on the contrary, would not have any delay pool lines, so
all you have to do is to comment them out.</P
><P
>Next thing you have to do is to set up <TT
CLASS="FILENAME"
>/etc/crontab</TT
> entries correctly.</P
><P
>Edit <TT
CLASS="FILENAME"
>/etc/crontab</TT
> and put the following lines there:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>#SQUID - night and day config change
01 9 * * * root /bin/cp -f /opt/squid/etc/squid.conf-day /opt/squid/etc/squid.conf; /opt/squid/bin/squid -k reconfigure
59 23 * * * root /bin/cp -f /opt/squid/etc/squid.conf-night /opt/squid/etc/squid.conf; /opt/squid/bin/squid -k reconfigure</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN359"
>5.11. My downloads break at 23:59 with "acl day time 09:00-23:59" in squid.conf. Can I do
something about it?</A
></H2
><P
>You can achieve by removing that acl from your squid.conf, and "delay_access 2 allow dzien
delay_access 2 deny !dzien" as well.</P
><P
>Then try to do it with <B
CLASS="COMMAND"
>cron</B
> as in the question above.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN364"
>5.12. Squid's logs grow and grow very fast, what can I do about it?</A
></H2
><P
>Indeed, the more users you have, the more - sometimes useful - information
will be logged.</P
><P
>The best way to eradicate it would be to use <B
CLASS="COMMAND"
>logrotate</B
>, but you'd have
to do a little trick to make it work with Squid: proper <B
CLASS="COMMAND"
>cron</B
> and
<B
CLASS="COMMAND"
>logrotate</B
> entries.</P
><P
><TT
CLASS="FILENAME"
>/etc/crontab</TT
> entries:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>#SQUID - logrotate
01 4 * * * root /opt/squid/bin/squid -k rotate; /usr/sbin/logrotate /etc/logrotate.conf; /bin/rm -f /var/log/squid/*.log.0</PRE
></FONT
></TD
></TR
></TABLE
><P
>Here we have caused <B
CLASS="COMMAND"
>logrotate</B
> to start daily at 04:01 am, so remove
any remaining <B
CLASS="COMMAND"
>logrotate</B
> starting points, for example from <TT
CLASS="FILENAME"
>/etc/cron.daily/</TT
>.</P
><P
><TT
CLASS="FILENAME"
>/etc/logrotate.d/syslog</TT
> entries:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>#SQUID logrotate - will keep logs for 40 days
/var/log/squid/*.log.0 {
rotate 40
compress
daily
postrotate
/usr/bin/killall -HUP syslogd
endscript
}</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN381"
>5.13. CBQ is stupid; why can't I download something at full speed when the
network is used only be me?</A
></H2
><P
>Lucky you, it's possible!</P
><P
>There are to ways to achieve it.</P
><P
>The first is the easy one, similar to the solution we've made with Squid. Insert a line
similar to the one below to your CBQ config files placed in
<TT
CLASS="FILENAME"
>/etc/sysconfig/cbq/</TT
>:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>TIME=00:00-07:59;110Kbit/11Kbit</PRE
></FONT
></TD
></TR
></TABLE
><P
>You can have multiple TIME parameters in your CBQ config files.</P
><P
>Be careful though, because there is a small bug in that <TT
CLASS="FILENAME"
>cbq.init-v0.6.2</TT
> script - it won't let you
set certain times, for example 00:00-08:00! To make sure if everything is working correctly,
start <TT
CLASS="FILENAME"
>cbq.init-v0.6.2</TT
>, and then within the time you set, type</P
><P
><B
CLASS="COMMAND"
>/etc/rc.d/cbq.init-v0.6.2 timecheck</B
></P
><P
>This is the example how the proper output should look like:</P
><P
><TT
CLASS="LITERAL"
>[root@mangoo rc.d]# ./cbq.init start; ./cbq.init timecheck</TT
>
<TT
CLASS="LITERAL"
>**CBQ: 3:44: class 10 on eth0 changed rate (20Kbit -&#62; 110Kbit)</TT
>
<TT
CLASS="LITERAL"
>**CBQ: 3:44: class 40 on ppp0 changed rate (15Kbit -&#62; 110Kbit)</TT
>
<TT
CLASS="LITERAL"
>**CBQ: 3:44: class 50 on eth0 changed rate (35Kbit -&#62; 110Kbit)</TT
></P
><P
>In this example something went wrong, probably in the second config file placed in
<TT
CLASS="FILENAME"
>/etc/sysconfig/cbq/</TT
>; second counting from the lowest number in its name:</P
><P
><TT
CLASS="LITERAL"
>[root@mangoo rc.d]# ./cbq.init start; ./cbq.init timecheck
**CBQ: 3:54: class 10 on eth0 changed rate (20Kbit -&#62; 110Kbit)</TT
>
<TT
CLASS="LITERAL"
>./cbq.init: 08: value too great for base (error token is "08")</TT
></P
><P
>The second way to make CBQ more intelligent is harder - it doesn't depend on time. You can read about it in the Linux
2.4 Advanced Routing HOWTO, and play with <TT
CLASS="FILENAME"
>tc</TT
> command.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="cbq.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="misc.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Dealing with Other Bandwidth-consuming Protocols Using CBQ</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Miscellaneous</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink