"segmented" traffic shaping bridge
Hi all,
First I don't really know if this is the right list to send this
message. I've been trying to subscribe to the LARTC mailing list for
the past two months but it seems to be down.
I have a fairly great experience with iptables and networking concepts
in general. However I've never done traffic shaping on Linux and I'm
wondering if the following is possible, and what whould be your best
advice to make it work in a resources efficient way.
I have a medium sized network (~250 hosts) with around 10 physical
subnets, and a Linux router/firewall (running vyatta) between them and
my Internet link.
On top of this router/firewall I've setup a new machine running Debian
acting as a bridge. What I need to do on it is to manage the bandwith
use in a per host basis for my international bandwith, which is much
more reduced than my available national bandwith.
My current figure is as follows:
{ internet link } <---> [ (eth0) linux bridge (eth1) ] <---> [ linux
router ] <--> { LAN }
I have already managed to mark the outgoing packets to the Internet
link belonging to the international traffic, using a frequently
updated IP database and iptables.
Doing some preliminary tests with traffic shaping, I also managed to
reduce the overall outgoing international traffic; however this is not
what I desire: I need to put a bandwidth limit _on each_ source IP
address from inside my network to any package marked by iptables/
netfilter as an international destination, instead of an overall
limit. I would also need to set different classes of upstream
bandwidth limits, like 256, 512, 1024 and 2048 kbps.
Any help would be greatly appreciated.
Best regards and thanks.
--
Carlos Oliva G.
Igloo Sistemas Ltda.
carlos.oliva@igloo.cl - http://www.igloo.cl/
Reply to: