upstream bandwidth limiting with tc & iptables

Discussion in 'Linux Networking' started by Glenn Sherman, Dec 13, 2004.

  1. I cannot seem to limit upstream bandwidth.
    I have set up tc & iptables to limit downloading, but I am trying to
    get them to limit uploading as well.
    Is there any way to do this?

    I currently have the following (without extra class info)
    # tc qdisc add dev eth1 root handle 1: htb default 10
    # tc class add dev eth1 parent 1: classid 1:1 htb rate 9Mbit ceil 9Mbit
    # tc class add dev eth1 parent 1:1 classid 1:10 htb rate 5Mbit ceil 5Mbit
    # tc class add dev eth1 parent 1:1 classid 1:30 htb rate 768kbit ceil
    # tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
    # tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
    # tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 6 fw flowid

    # iptables -A FORWARD -t mangle -i eth0 -d -j MARK --set-mark 6

    eth0 is WAN adapter with IP 216.x.y.z
    eth1 is LAN adapter with IP

    If I download a file using ftp - I get about 768Kbits.
    If I upload a file using ftp - I get the full speed of the line ( 20Mbit )

    I can't seem to generate the correct iptables entry that would allow me to
    limit the upstream bandwidth.
    I am currently nat'ing the LAN ip with # iptables -t nat -A POSTROUTING -o
    this is for testing, later I will be putting a public ClassC address on the
    LAN side.(if that matters)

    -Glenn Sherman
    (bogus email)
    Glenn Sherman, Dec 13, 2004
    1. Advertisements

  2. Glenn Sherman

    Andy Furniss Guest

    You should be using eth0.
    It should be -o eth0 and the dst addresses will be WAN adresses.
    NAT can make things different, though I don't think it will affect you.

    Have a look at generally and in particular the KPTD.

    Andy Furniss, Dec 15, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.