[TriLUG] Rate-limiting TCP - using "tc"

Sun May 29 09:18:47 EDT 2005

Jon,

I've seen a couple of your emails regarding the linux tc command. I've 
copied the script you thrown out here, and I'm still having some trouble. 
The issue that I face is that my linux box is also connected by samba to my 
two windows machines. If I try to copy a file from the linux box via samba 
internally, it crawls. I'm not trying to do VoIP or anything like that. I 
just want a way to throttle Apache as well as a couple of other web servers 
that I run.... Here's the script that I am using:

# Commands to add rate limiting for TCP in Linux
# These commands must be run as root
#
# Create a Class based queue
# Set normal interface speed (10Mb) for use in calculations
# Note: use "100mbit" if your eth0 connection is 100Mb
tc qdisc add dev eth0 root handle 1: cbq avpkt 1000 bandwidth 10mbit

# Create a 300Kb class - Beware the line wrap
tc class add dev eth0 parent 1: classid 1:1 cbq rate 300kbit allot 1500 prio 
5 bounded isolated

# Tell which traffic should use the shaped class
# Protocol 6 = TCP - Beware the line wrap
tc filter add dev eth0 parent 1: protocol ip prio 16 u32 match ip protocol 6 
0xff flowid 1:1

# ... to match a single ip address
# ... match ip dst 192.196.12.9 <http://192.196.12.9> flowid 1:1

# If it breaks everything, back out by using:
# tc qdisc del dev eth0 root

Like I said, very much the same thing that you sent out in two different 
emails (one in October and one in March). I am on Roadrunner residential 
class. Do I need to increase the "10mbit" limit in the first uncommented 
line of the script to speed up internal data transfers?

I have tried Googling tc on the web, but it seems difficult to find 
easy-to-understand information. Any help you can provide would be greatly 
appreciated.

Thank you,
Kipp Spanbauer

On 05 Oct 2004 21:36:34 -0400, Jon Carnes <jonc at nc.rr.com> wrote:
> 
> "tc" is a very powerful Linux tool! I'm using it to setup some simple
> rate limits (and to setup some priority queuing based on destination
> IPs).
> 
> We need to have a seminar on using tc!
> 
> One of the interesting things about VoIP is that it uses UDP for Voice.
> This means that you can rate-limit TCP traffic on a firewall and reserve
> some of the precious upload Bandwidth for Voice.
> 
> As an example, my cable connection gives me a 2.5Mb download but only
> 347Kb upload. If I want to send large emails and talk on the phone at
> the same time, I need to rate-limit my workstations upload speeds.
> 
> This three line script works on the RedHat servers/workstations that
> I've tested. It limits the TCP upload to 300kb, reserving over 40kb for
> my voice use (and since I use the G7.29 codec I only use 8kb of that
> bandwidth)
> 
> ===
> # Commands to add rate limiting for TCP in Linux
> # These commands must be run as root
> #
> # Create a Class based queue
> # Set normal interface speed (10Mb) for use in calculations
> # Note: use "100mbit" if your eth0 connection is 100Mb
> tc qdisc add dev eth0 root handle 1: cbq avpkt 1000 bandwidth 10mbit
> 
> # Create a 300Kb class - Beware the line wrap
> tc class add dev eth0 parent 1: classid 1:1 cbq rate 300kbit
> allot 1500 prio 5 bounded isolated
> 
> # Tell which traffic should use the shaped class
> # Protocol 6 = TCP - Beware the line wrap
> tc filter add dev eth0 parent 1: protocol ip prio 16 u32
> match ip protocol 6 0xff flowid 1:1
> 
> # ... to match a single ip address
> # ... match ip dst 192.196.12.9 <http://192.196.12.9> flowid 1:1
> 
> # If it breaks everything, back out by using:
> # tc qdisc del dev eth0 root
> 
> ======
> References:
> 
> http://www.linuxforum.com/linux-advanced-routing/lartc.ratelimit.single.html
> 
> http://www.linuxforum.com/linux-advanced-routing/lartc.qdisc.filters.html#LARTC.FILTERING.SIMPLE
> 
> ===
> 
> For clients at Soho sites I go through some bandwidth testing to find
> the Choke Point -- the point at which packets begin to queue-up on the
> outbound routers. I run flood pings while slowly increasing the outbound
> bandwidth. The pings report a steady latency until the out-bound
> bandwidth reaches a certain point, and then the latencies begin to rise.
> 
> The rise is caused by packets being queued up on one of the network
> routers. If outbound bandwidth exceeds this Choke Point then traffic
> will be queued up on the router (and I'm talking about your ISP's router
> - not yours). It makes no sense to send data faster than this out of
> your facilities, as it will only be queued-up on your ISP's network.
> This will slow down *all* packets, including your time sensitive VoIP
> packets.
> 
> The best course of action is to manually throttle your connection so
> that it stays below this choke point.
> 
> Linksys WRT45G-S routers running the latest 2.09.1 firmware can do this
> for you as well. However, some of my clients have Linux firewalls, so I
> was forced to figure out how to do this simple bandwidth shaping on
> Linux too.
> 
> As always, I thought I would share.
> 
> Jon
> http://www.featuretel.com
> 
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>