QoS and Traffic Shapping by IP adress

[rajeshMember]

First of all, I would like thank the zeroshell team for providing an excellent and feature rich software platform. Great job!!! keep it up.

My question is: Is it possible to configure an interface (ETHnn) to limit the bandwidth by IP address or username? If not, can you please support this in the upcoming release.

Thanks

[rochajoelMember]

Possible it is, unfortunately, you must do 3 or 4 steps to configurate it… which for a person that has a class C network can be very :boring: …

Any way, you asked if it was possible…
Maybe Fulvio knows some way to edit the config file and speed things up by copy-paste 😀

[rajeshMember]

Thanks for a quick reply. Please provide me detailed procedure to enable bandwidth control by IP address/username.

[rochajoelMember]

It’s realy easy from the GUI, you just go to the QoS Menu Click on class manager, you have to create a new class for each IP, set the bandwith for each of them(don’t forguet to save the changes), and then you have to go to the classifier, set a rule for each IP that you want to catch in each rule, you can catch more than one IP for each rule but then they will just share the class bandwidth(but that’s is not what you want), then you go to the Interface Manager, and ad all the classes that you’ve created and enable QoS in the interface witch is connected to the network IP’s that you want to control:

let’s say that ETH00 has conection to the outside world, and you have a NAT/Bridge with ETH01, you would want to control every IP in ETH01 so they could equaly share your ETH00 connection to the outside world… you must enable QoS in ETH01 and add classes also in ETH01.

i’m using it to control download bandwidth and it works just fine, if you also want to control upload, you must enable QoS on ETH00, and go through all that stuff again…(create classes, set classifiers, add classes to network interfaces…)

I hope this helps!

[rochajoelMember]

Would it be possible to make some kind of script or program that given an IP address range, like 192.168.0.0/24 and the maximum available bandwidth like 8000000, would calculate the minimum available bandwidth for each IP, in this example would be 8000000/255 and automaticaly creates the necessary amount of rules to adjust the QoS tables, which in this case would be 255, that’s slavery work 🙂
And of course, make them active on the given interface, like eth01 🙂

Fulvio, if you are not willing to think about this, i can do it, if you would be thankful to add this to a future version, just tell me in which tecnology would you prefer, i’m thinking about C, it seems very simple… your php would just have to call the routine with the desired parameters 🙂

What do you think about that?

[imported_fulvioParticipant]

I think you could use the bash script language.

Regards
Fulvio

[samyraimyMember]

@rajesh wrote:

First of all, I would like thank the zeroshell team for providing an excellent and feature rich software platform. Great job!!! keep it up.

My question is: Is it possible to configure an interface (ETHnn) to limit the bandwidth by IP address or username? If not, can you please support this in the upcoming release.

Thanks

Bueno, por mi parte ya lo hice, supuse que había que hacer lo que todos ya escribieron aqui, pero tengo un problema, puedo hacer grupos de direcciones ip sin problemas, de hecho definí 8, pero mas del 80% del trafico global se sigue yendo por la clase default lo cual desbalancea a todos los demas, ya que me doy cuenta usando el iptraf que hay usuarios de ip que estan en los grupos que descargan mas de lo que puse como límite
esta es mi configuracion

Seq Input Output Description QoS Class Log Active
1 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 LAYER7 l7proto msnmessenger MARK set 0x3f MSN no
2 * ETH00 MARK all opt — in * out ETH00 0.0.0.0/0 -> 10.10.7.228 MARK set 0x40 BLOCK1 no
3 * * MARK all opt — in * out * 0.0.0.0/0 -> 10.10.7.226 MARK set 0x3c USUARIOS04 no
4 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.3-10.10.7.10 MARK set 0x40 BLOCK1 no
5 * * MARK all opt — in * out * 0.0.0.0/0 -> 10.10.7.11 MARK set 0x42 USUARIOS01 no
6 * * MARK all opt — in * out * 0.0.0.0/0 -> 10.10.7.12 MARK set 0x41 PLANES01 no
7 * * MARK all opt — in * out * 0.0.0.0/0 -> 10.10.7.13 MARK set 0x40 BLOCK1 no
8 * * MARK all opt — in * out * 0.0.0.0/0 -> 10.10.7.14 MARK set 0x41 PLANES01 no
9 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.15-10.10.7.28 MARK set 0x42 USUARIOS01 no
10 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.29-10.10.7.30 MARK set 0x40 BLOCK1 no
11 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.31-10.10.7.38 MARK set 0x43 USUARIOS02 no
12 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.39-10.10.7.49 MARK set 0x43 USUARIOS02 no
13 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.50-10.10.7.64 MARK set 0x44 USUARIOS03 no
14 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.65-10.10.7.86 MARK set 0x3c USUARIOS04 no
15 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.87-10.10.7.227 MARK set 0x46 ADMIN2 no
16 * * MARK all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 10.10.7.230-10.10.7.235 MARK set 0x45 ADMIN no

y estas son las estadisticas que me arroja
Interface/Class Priority Maximum Guaranteed Traffic Sent (bytes) Rate

ETH00 — 1.6Mbit/s 1500Kbit/s 2964187228 1432Kbit

ADMIN Medium 1.5Mbit/s 16Kbit/s 38628920 0bit
BLOCK1 High 1000Kbit/s 350Kbit/s 18630635 768bit

DEFAULT Low 1500Kbit/s 64Kbit/s 2875620713 1417Kbit

PLANES01 High 500Kbit/s 200Kbit/s 3206554 576bit
USUARIOS01 High 800Kbit/s 200Kbit/s 1852348 288bit
USUARIOS02 High 800Kbit/s 200Kbit/s 842729 16bit
USUARIOS03 High 800Kbit/s 200Kbit/s 9043808 3296bit
USUARIOS04 High 800Kbit/s 200Kbit/s 16573616 768bit

ETH01 — 1.5Mbit/s 1.5Mbit/s 246742817 124600bit
DEFAULT High 1.7Mbit/s 1Mbit/s 245833036 124144bit
MSN High 500Kbit/s 256Kbit/s 910419 456bit

Agradecería alguna idea. Gracias

[veowooferMember]

bueno yo configure algo parecido a tu regla, pero haciendo pruebas solo se le hace caso a la primera secuencia. osea a la primera regla, a las demas ni bola le para. al parecer hay q hacer una clase por regla aunque parezca extraño. hasta ahorita solo se eso:

ETH00 — — 100Mbit/s 100Mbit/s 1002396895 448672bit
DEFAULT Medium — — 88732753 1696bit
LIMITADOR1 Medium 250Kbit/s — 0 0bit
LIMITADOR2 Medium 450Kbit/s — 914759734 461272bit

Class Description Priority DSCP Max Bandwidth Guaranteed On
DEFAULT Default class for unclassified traffic Medium
LIMITADOR1 Maquinas a 250kbit/s Medium 250Kbit/s
LIMITADOR2 Maquinas a 450kbit/s Medium 450Kbit/s
QoS Rules
Seq Input Output Description QoS Class Log Active
1 * ETH00 MARK all opt — in * out ETH00 0.0.0.0/0 -> 0.0.0.0/0 destination IP range 200.200.200.120-200.200.200.158 TIME from 00:00:00 to 23:59:00 MARK set 0xd LIMITADOR2 no

solo puedo colocar una regla por clase, si coloco mas reglas las demas no tienen efecto alguno.
😛 😛 😛

[Author]

Posts