[ previous ] [ next ] [ threads ]
 From:  "Bob Young" <bob at lavamail dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Virtual Pipes for bandwidth limits
 Date:  Sat, 19 Aug 2006 17:47:53 -0400
I have been trying to figure out how to use M0n0wall virtual pipes to do BW
limits on a per IP basis for a while. I think I finally got it
working...yipee.  But I would love to get confirmation that I have it right.

I did what I thought were virtual pipes for BW limiting on a per IP basis
and I was able to change the up and download BWs and the BWs changed as it
should...so I think I may have it working. I used Speakeasy speed test to
test the up and down BWs.

You will notice that I also have additional traffic shaper rules such as the
VoIP, ACK, DNS, etc rules that go through pipe 1 and pipe 2. Some of those
rules were set up by default. I didn't keep the p2p default rules, since I
figured the catch all rules would catch the p2p there...and also since p2p
is a "moving target" anyway. I put my BW limit rules last. I set the rules
up outgoing and incoming. I realize that I may not have much control on
prioritizing the incoming data, but I thought I'd try it.

For the Traffic Shaper Rules, I don't know if I should start out first with
the BW limits on a per IP basis and then go into the queue rules that are
associated with pipe 1 & pipe 2. Or put the BW limit rules last, like I'm
showing them here.

Maybe you all can tell me if they look right. I sure hope they are correct,
cause I can't figure any other way to do virtual pipes and have BW limits on
a per IP basis.

I'm presenting them in the order of pipes, queues, and then traffic shaper
rules, because I needed to set them up in that order to get them working.

I finally figured out that the BW limits on an IP basis has the BW limits to
IP association done in the Traffic Shaper Rule section.

So, for you all that also use virtual pipes to set BW limits on a per IP
basis, I'd love to see if you think I have it done correctly.

For the BW limit queue rules, I had no idea at all of what weight to use for
the BW limits in the queue section, so I put in 100...at least for now. Was
that right? Eventually I should have several people for each of the speeds.
So would each still be 100 or 50, or 25? I have no idea.

I will be offering speeds such as: 384/128, 768/256, and 1100/256. That's
how I came up with the bandwidths I have shown in the pipe section. (I"m
going to give myself a little higher speed of 1280/330...that's why I have
that slightly higher speed).

VoIP has its own static pipe.  I guess I could have given it a queue within
pipes 1 & 2, but I thought having its own satic pipe might work even better,
although it takes away a small amount of BW from the other pipes.


I used the following "Traffic shaper: Pipes" configuration:

No. | Bandwidth | Delay | PLR | Queue | Mask | Description


1 | 330 Kbit/s |-----|-----|-----|------------| m_Total Upload

2 |1280 Kbit/s-|-----|-----|-----|------------| m_Total Download

3 | 100 Kbit/s |-----|-----|-----|------------| VoIP Upload

4 | 100 Kbit/s |-----|-----|-----|------------| VoIP Download

5 | 384 Kbit/s |-----|-----|-----|destination-| 384 Kb download

6 | 128 Kbit/s |-----|-----|-----|source------| 128 Kb upload

7 | 768 Kbit/s |-----|-----|-----|destination-| 768 Kb download

8 | 256 Kbit/s |-----|-----|-----|source------| 256 Kb upload

9 |1100 Kbit/s-|-----|-----|-----|destination-| 11 Kb download

10|1280 Kbit/s-|-----|-----|-----|destination-| 1280 Kb download

11| 330 Kbit/s |-----|-----|-----|source------| 330 Kb upload


I used the following "Traffic shaper: Queues" configuration:

No. | Pipe | Weight | Mask | Description


1 | m_Total Upload---| 50 |---------| m_High Priority #1 Upload

2 | m_Total Upload---| 30 |---------| m_High Priority #2 Upload

3 | m_Total Upload---| 15 |---------| m_High Priority #3 Upload

4 | m_Total Upload---| 4  |---------| m_Bulk Upload

5 | m_Total Upload---| 1  |---------| m_Hated Download

6 | m_Total Download-| 30 |---------| m_Bulk Download

7 | m_Total Download-| 1  |---------| m_Hated Download

8 | m_Total Download-| 60-|---------| m_High Priority Download

9 | m_Total Download-| 9 -|---------| m-slightly less hated download

10|1280Kb download -|100|destination| Bob download

11| 330 Kb upload----|100|source----| Bob upload

12| 768 Kb download-|100|destination| Justin download

13| 256 Kb upload----|100|source----| Justin upload

14|1280 Kb download-|100|destination| wireless laptop download

15| 330 Kb upload----|100|source----| Wireless laptop upload

(I'm not sure about assigning the weights of 100 from No. 10 through 15).



I used the following "Traffic shaper: Rules" configurations:

   If     | Proto|  Source  |    Destination    |      Target     |


<-WAN |  *  | |---------------| VoIP Upload--------------| VoIP

->WAN |  *  |-----*------|| VoIP Download-----------| VoIP

<-WAN |UDP- |-----*------|* Port 53 (DNS)| m_High Priority #1 Upload |
m_Outbound DNS Query

<-WAN |TCP- |-----*------|------*--------| m_High Priority #3 Upload | m_TCP
ACK Upload

<-WAN |  * |-----*------|------*--------| m_High Priority #1 Upload |
m_Small Pkt Upload

<-WAN | AH |-----*------|------*--------| m_High Priority #1 Upload | m_AH

<-WAN |ESP |-----*------|------*--------| m_High Priority #1 Upload | m_ESP

<-WAN |GRE |-----*------|------*--------| m_High Priority #1 Upload | m_GRE

<-WAN |ICMP|----*------|------*--------| m_High Priority #2 Upload  | m_ICMP

<-WAN |  *  |-----*------|------*--------| m_Hated Upload----------|
m_Catch-All Upload

->WAN |ICMP|-----*-----|------*--------| m_High Prioroty Download--| m_ICMP

->WAN | AH |------*-----|------*--------| m_High Priority Download--| m_AH

->WAN |ESP |-----*------|------*--------| m_High Priority Download--| m_ESP

->WAN |GRE |------*-----|------*--------| m_High Priority Download--| m_GRE

->WAN |  *  |------*-----|------*--------| m_High Priority Download--|
m_Small Pkt Download

->WAN|  *  |------*------|------*-------| m_Hated Download----------|
m_Catch-All Download

->WAN |  *  |-----*------|| Bob download-------------| Bob's
download BW limit

<-WAN |  *  ||-----*---------| Bob Upload----------------| Bob's
upload BW limit

->WAN |  *  |------*-----|| Justin download-----------|
Justin's download BW limit

<-WAN |  *  ||-----*---------| Justin upload--------------|
Justin's upload BW limit

->WAN |  *  |------*-----|| Wireless laptop download--|
Laptop download BW limit

<-WAN |  *  ||------*--------| Wireless laptop upload-----|
Laptop upload BW limit


I apologize for not being able to get the columns in this text to line up
very well.


Thank you in advance.  I hope I did it right.


Bob Young