205 lines
4.0 KiB
HTML
205 lines
4.0 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Rate limiting a single host or netmask</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux Advanced Routing & Traffic Control HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Cookbook"
|
|
HREF="lartc.cookbook.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="The Ultimate Traffic Conditioner: Low Latency, Fast Up & Downloads"
|
|
HREF="lartc.cookbook.ultimate-tc.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Building bridges, and pseudo-bridges with Proxy ARP"
|
|
HREF="lartc.bridging.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux Advanced Routing & Traffic Control HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="lartc.cookbook.ultimate-tc.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 15. Cookbook</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="lartc.bridging.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="LARTC.RATELIMIT.SINGLE"
|
|
></A
|
|
>15.9. Rate limiting a single host or netmask</H1
|
|
><P
|
|
> Although this is described in stupendous details elsewhere and in our manpages, this question gets asked a lot and
|
|
happily there is a simple answer that does not need full comprehension of traffic control.
|
|
</P
|
|
><P
|
|
> This three line script does the trick:
|
|
</P
|
|
><P
|
|
> <TABLE
|
|
BORDER="1"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
> tc qdisc add dev $DEV root handle 1: cbq avpkt 1000 bandwidth 10mbit
|
|
|
|
tc class add dev $DEV parent 1: classid 1:1 cbq rate 512kbit \
|
|
allot 1500 prio 5 bounded isolated
|
|
|
|
tc filter add dev $DEV parent 1: protocol ip prio 16 u32 \
|
|
match ip dst 195.96.96.97 flowid 1:1
|
|
</PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
</P
|
|
><P
|
|
> The first line installs a class based queue on your interface, and tells the kernel that for calculations,
|
|
it can be assumed to be a 10mbit interface. If you get this wrong, no real harm is done. But getting it right will
|
|
make everything more precise.
|
|
</P
|
|
><P
|
|
> The second line creates a 512kbit class with some reasonable defaults. For details, see the cbq manpages and
|
|
<A
|
|
HREF="lartc.qdisc.html"
|
|
>Chapter 9</A
|
|
>.
|
|
</P
|
|
><P
|
|
> The last line tells which traffic should go to the shaped class. Traffic not matched by this rule is NOT shaped. To make more
|
|
complicated matches (subnets, source ports, destination ports), see <A
|
|
HREF="lartc.qdisc.filters.html#LARTC.FILTERING.SIMPLE"
|
|
>Section 9.6.2</A
|
|
>.
|
|
</P
|
|
><P
|
|
> If you changed anything and want to reload the script, execute 'tc qdisc del dev $DEV root' to clean up your existing
|
|
configuration.
|
|
</P
|
|
><P
|
|
> The script can further be improved by adding a last optional line 'tc qdisc add dev $DEV parent 1:1 sfq perturb 10'. See
|
|
<A
|
|
HREF="lartc.qdisc.classless.html#LARTC.SFQ"
|
|
>Section 9.2.3</A
|
|
> for details on what this does.
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="lartc.cookbook.ultimate-tc.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="lartc.bridging.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>The Ultimate Traffic Conditioner: Low Latency, Fast Up & Downloads</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="lartc.cookbook.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Building bridges, and pseudo-bridges with Proxy ARP</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |