Hi
Hi
I have to set up traffic shapping for clients in LAN. Every client needs 256Kbit download speed and 128Kb upload speed. But I don't know how to do it. Clients use NAT for Internet access so I can't limit outgoing traffic on ext. interface for local IPs in LAN.
Can you help me?
I hope so. :) First of all, you have to establish the necessary queues (for example):
#create external queue tree
queue on $ExtIF bandwidth <external_upstream_bandwidth> cbq queue {client1_ext, client2_ext, client3_ext, ext}
# one subqueue-tree per client queue client1_ext bandwidth 128Kb cbq(red borrow) priority 2 queue client2_ext bandwidth 128Kb cbq(red borrow) priority 2 queue client3_ext bandwidth 128Kb cbq(red borrow) priority 2 #a default queue using the remaining bandwidth queue ext bandwidth 90% cbq(red borrow default) priority 1
# separate data traffic from empty ACKs and low-delay packets queue client1_ext_data bandwidth 75% cbq(red borrow) priority 2 queue client1_ext_ack bandwidth 25% cbq(red borrow) priority 3 queue client2_ext_data bandwidth 75% cbq(red borrow) priority 2 queue client2_ext_ack bandwidth 25% cbq(red borrow) priority 3 queue client3_ext_data bandwidth 75% cbq(red borrow) priority 2 queue client3_ext_ack bandwidth 25% cbq(red borrow) priority 3
#create internal queue tree
queue on $IntIF bandwidth <internal_upstream_bandwidth> cbq queue {client1_int, client2_int, client3_int, int}
queue int bandwidth 90% cbq(red borrow default) priority 1 queue client1_int bandwidth 256Kb cbq(red borrow) priority 2 queue client2_int bandwidth 256Kb cbq(red borrow) priority 2 queue client3_int bandwidth 256Kb cbq(red borrow) priority 2
queue client1_int_data bandwidth 75% cbq(red borrow) priority 2 queue client1_int_ack bandwidth 25% cbq(red borrow) priority 3 queue client2_int_data bandwidth 75% cbq(red borrow) priority 2 queue client2_int_ack bandwidth 25% cbq(red borrow) priority 3 queue client3_int_data bandwidth 75% cbq(red borrow) priority 2 queue client3_int_ack bandwidth 25% cbq(red borrow) priority 3
# nat and tag the different clients packets nat on $ExtIF inet from $Client1 to any tag client1 -> $ExtIP nat on $ExtIF inet from $Client2 to any tag client2 -> $ExtIP nat on $ExtIF inet from $Client3 to any tag client3 -> $ExtIP
# assign the differently tagged packets to the appropriate queues
pass out on $ExtIF inet all tagged client1 queue(client1_ext_data,client1_ext_ack) queue(client1_int_data,client1_int_ack) keep state
pass out on $ExtIF inet all tagged client2 queue(client2_ext_data,client2_ext_ack) queue(client2_int_data,client2_int_ack) keep state
pass out on $ExtIF inet all tagged client3 queue(client3_ext_data,client3_ext_ack) queue(client3_int_data,client3_int_ack) keep state
#end
This ruleset is not tested at all, but you should get the idea how it is supposed to work.
This ruleset assumes that all your internal clients are attached to a single NIC. Multiple internal NICs cannot be set to borrow another clients data rate when it does not exhaust it. Furthermore you cannot directly control the download data rate of any of the clients. By queueing the traffic on the internal NIC most servers will throttle their data rate, but you cannot guarantee anything.
HTH Stefan
