PPP, Poptop and tc (Traffic Shaping)

Hi!

I have to shape up- and down-stream traffic on my Linux
Router for the subnet which is behind the router.

Six different combinations of up/download bandwiths should
be applied. The speed should be assigned by the clients ip address.

Example:
10.1.1.0 Subnet gets 128/128 KBit/Sec.
10.1.2.0 Subnet gets 512/512 KBit/Sec.
10.1.3.0 Subnet gets 1024/512 KBit/Sec. and so on...

This are the interfaces on the linux router box:

eth1 Connect to the Internet
eth0 Listens for incoming pptp connections
ppp0 to pppN Are the Endpoints for the PPTP Tunnels
For each new PPTP Tunnel a new pppN interface
is created ppp0, ppp1, ppp2 ... for example

It is possible to shape download speed for the clients by applying
tc/tcng rules a the pppN interface.

I didn't found a way to apply the clients upload rate, because
on the eth1 interface (where the packets leave the system on their
way into the internet) i can not see the clients ip anymore (because of
nat)

I know this can be done using an imq device, but imq need patching
and recompiling the kernel as well as the iptables command.

Is there any other way to do a kind of bandwith limitation without
the need of recompiling the kernel and iptables?

I use the following software-projects on my system (fedora core 3):

ppp-2.4.3
poptop-1.2.1 (the pptpd)
freeradius-1.0.2 (the radius-server)
iptables-1.2.11

Thanks in advice for your help!


chris

Christian Reiter wrote:
> Hi!
>
> I have to shape up- and down-stream traffic on my Linux
> Router for the subnet which is behind the router.
>
> Six different combinations of up/download bandwiths should
> be applied. The speed should be assigned by the clients ip address.
>
> Example:
> 10.1.1.0 Subnet gets 128/128 KBit/Sec.
> 10.1.2.0 Subnet gets 512/512 KBit/Sec.
> 10.1.3.0 Subnet gets 1024/512 KBit/Sec. and so on...
>
> This are the interfaces on the linux router box:
>
> eth1 Connect to the Internet
> eth0 Listens for incoming pptp connections
> ppp0 to pppN Are the Endpoints for the PPTP Tunnels
> For each new PPTP Tunnel a new pppN interface
> is created ppp0, ppp1, ppp2 ... for example
>
> It is possible to shape download speed for the clients by applying
> tc/tcng rules a the pppN interface.
>
> I didn't found a way to apply the clients upload rate, because
> on the eth1 interface (where the packets leave the system on their
> way into the internet) i can not see the clients ip anymore (because of
> nat)

So you are doing NAT without iptables ?

>
> I know this can be done using an imq device, but imq need patching
> and recompiling the kernel as well as the iptables command.
>
> Is there any other way to do a kind of bandwith limitation without
> the need of recompiling the kernel and iptables?

You could attach policers to the pppX interfaces - not quite shaping as
they measure rate and drop rather than queue.

If you didn't mind just iptables you could just use it to mark the
packets in forward and then shape on eth1 using the marks.

Soon you will be able to use the dummy device to shape so you won't need
IMQ or iptables - you'll need to patch if you want it now, though.

Andy.

>
> I use the following software-projects on my system (fedora core 3):
>
> ppp-2.4.3
> poptop-1.2.1 (the pptpd)
> freeradius-1.0.2 (the radius-server)
> iptables-1.2.11
>
> Thanks in advice for your help!
>
>
> chris
>
>
>

Hello Andy!

Am Sat, 26 Mar 2005 15:51:48 +0000 schrieb Andy Furniss:

> If you didn't mind just iptables you could just use it to mark the
> packets in forward and then shape on eth1 using the marks.

Thank you for this suggestion! I will do so (marking at ppp0 and shaping
with tc at eth1).

Thank you!

Kind Regards,
chris

--
Christian Reiter
(E-Mail Removed)