[ previous ] [ next ] [ threads ]
 
 From:  Brian Ernst <brian at kirien dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] bandwidth limiting
 Date:  Mon, 10 May 2004 19:20:54 -0700
Note the handy help text next to the mask feature in the Firewall: 
Traffic shaper: Edit pipe screen. It says:

If 'source' or 'destination' is chosen, a dynamic pipe with the 
bandwidth and delay given above will be created for each 
source/destination IP address encountered, respectively. This makes it 
possible to easily specify bandwidth limits per host.

If you choose source or destination and specify a bandwidth limit of 
128 then each IP address will, dynamically, be assigned its own 128k 
pipe. See Eric's previous email for which of source of destination to 
use.

hope that helps

--
brian

On 10 May 2004, at 6:47 PM, Tony Pitman wrote:

> Eric,
>
> Thanks for the reply. As it turns out I want to limit the users 
> because it will encourage them to purchase more bandwidth. I will 
> charge my users more based on the bandwidth that they require. I don't 
> want them to get more than I give them unless they pay more for it.
>
> I am still a little unclear about the rule part....do I need to create 
> a rule for EACH IP address (i.e. user) or can I create a single rule 
> that includes all of the IP addresses (i.e. all my users) and each one 
> will still get their OWN 128k slice?
>
> Tony
>
>> From: "Eric Shorkey" <eshorkey at commonpointservices dot com>
>> To: <m0n0wall at lists dot m0n0 dot ch>, "Tony Pitman" <tony at shatalmic dot com>
>> Subject: Re: [m0n0wall] bandwidth limiting
>> Date: Mon, 10 May 2004 21:46:32 -0400
>> X-Mailer: Microsoft Outlook Express 6.00.2800.1409
>>
>> All you need to do is create one pipe with a 128k limit. Within the 
>> pipe
>> configuration, set the mask to source or destination. (If you're 
>> limiting
>> incoming bandwith, set it to destination. If you're limiting 
>> outgoing, set
>> it to source.)
>> Then create the rule(s) that use the appropriate pipe. m0n0wall will 
>> then
>> limit each user's bandwidth individually, based on the pipe mask. So 
>> 100
>> users each get their own 128k slice of bandwidth, and are never 
>> allowed to
>> use more.
>>
>> With T1's and a bunch of users, your best bet is probably not using 
>> pipes,
>> but using queues instead. A queue allows you to prioritize your 
>> available
>> bandwidth, rather than simply capping it. So if only a single user is 
>> using
>> the bandwidth at any time, they get the whole pipe to themselves. As 
>> users
>> start using up the available bandwidth, the queue will ensure that 
>> every
>> user gets their share of time based on the weights you give. If 
>> everyone
>> gets the same slice of time, then you only need 1 queue, and you just 
>> set
>> it's weight to 1, or whatever the default is. Queues let you 
>> prioritize the
>> traffic of particular users. In your case, you probably don't care 
>> about
>> that feature, but the benefit of letting each user have as much 
>> bandwidth as
>> is available is probably a good idea. Overall, your users will get 
>> more done
>> as files will transfer as fast as possible, but only when there is 
>> enough
>> bandwidth to go around.
>>
>> ----- Original Message -----
>> From: "Tony Pitman" <tony at shatalmic dot com>
>> To: <m0n0wall at lists dot m0n0 dot ch>
>> Sent: Monday, May 10, 2004 9:18 PM
>> Subject: [m0n0wall] bandwidth limiting
>>
>>
>> > I am not totally clear on the Traffic Shaper in m0n0wall. I 
>> searched the
>> > archive and didn't really get an answer to my question so here goes:
>> >
>> > I have a T1 that m0n0wall is managing.
>> >
>> > I have over 100 users on the ethernet sharing the T1.
>> >
>> > I would like to limit the MAX amount of bandwidth that a single 
>> user can
>> > use to be 128k FOR EACH USER.
>> >
>> > I don't want to have to create a pipe for EACH user (based on IP 
>> address).
>> >
>> > Can I simply set up one pipe and then make a rule for the sub class 
>> of IP
>> > addresses and point them all to the same pipe?
>> >
>> > My understanding of most bandwidth products is that if you point 
>> more than
>> > one IP address to a single pipe, they share the pipe (so 10 users 
>> all
>> using
>> > the same 128k pipe at the same time would each only get 12.8k)
>> >
>> > This is hard to explain. I hope I am making sense.
>> >
>> > Here is an example:
>> >
>> > If I assign all 100 user to be limited to 128k and only 2 of them 
>> are
>> using
>> > the T1 I want them BOTH to each get their own 128k.
>> >
>> > If I create a single pipe with a bandwidth of 128k do I:
>> >
>> > A) create a 2 pipe each with 128k and then create 2 rules, one for 
>> each IP
>> > address and pointing to its OWN pipe?
>> >
>> > B) create a single pipe with 128k and then create a single rule 
>> with a sub
>> > net that includes both IP address?
>> >
>> > C) create a single pipe with 128k and then create 2 rules BOTH 
>> pointing to
>> > the SAME pipe?
>> >
>> > D) some other configuration?
>> >
>> > Thanks,
>> >
>> >
>> >
>> > Tony Pitman
>> > Shatalmic Company
>> >
>> >
>> > 
>> ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>> >
>> >
>
> Tony Pitman
> Shatalmic Company
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>