Ubuntu Networking :: Traffic Shaping And QoS For Medium Sized Hostel?
Jan 6, 2010
I maintain a network in a hostel for university students. As we often have a relatively slow connection I tried to find a solution. A friend of mine used traffic shaping / QoS here before I got the job. But we seem to have not made the best rules for the shaping as the connection was way faster without the shaper than with. As he himself installed the system alone I have nearly no knowledge how to put up another, better system.
About the hostel:
- 90 people in this house
- 10 mbit SDSL dedicated line, full flatrate
- very mixed type of internet traffic (P2P, HTTP, EMails, Rapidshare, Torrents, Skype, ...)
I would like to install a linux router with traffic shaping, QoS and maybe even SQUID. Googling for the words brought so much older stuff, but nothing newer.
View 2 Replies
ADVERTISEMENT
Sep 24, 2010
I want to explicitly commit bandwidth to only 3 VOIP connections, where a connection is defined as a source IP address, destination IP address, and a traffic class. I would like the traffic controller to put the first 3 VOIP connections into 3 different queues that would have equal priorities that are higher than Best Effort. If a 4th VOIP connection were to start, its packets would be put into the Best Effort queue. When one of the VOIP connections ends, I would like the incoming packets of a VOIP connection that is in the Best Effort queue (assuming there is one) to now start going into the free VOIP queue. Is it possible to do this? Can traffic control keep track of connections being created and deleted like that? If so, how is it done? I would like to avoid having to be constantly updating my filters whenever a connection starts/ends. In actuality, I would want to do this for several different classes.
View 2 Replies
View Related
Apr 12, 2009
I am running Fedora 9 and KDE 4.2.1. I want to set up some traffic shaping on my machine to prevent my torrent client from hogging my entire bandwidth. I.e., I want KTorrent to download and upload to the best of its ability, but still be able to browse the net freely in spite of the torrents. I have done some reading about traffic shaping in Linux. There is lots of material about it, but most of it (such as the lartc.org "howto") is very complex and comprehensive and looks extremely intimidating. Furthermore, most of it addresses situations where you want to distribute traffic between multiple computers in a network. I just want to manage processes on a single machine. I am hoping for a piece of software that lets me assign each a "priority" to each application, or something like that. Like cFosSpeed for Windows.
View 6 Replies
View Related
Dec 27, 2010
We have a need to shape outgoing traffic EXCEPT to certain IP/subnets (sounds opposite to the title, but not really :P), using iptables if possible. We've had decent luck doing it with various things, but one of the big problems is the decrease in download speed (which DOES NOT need to be shaped at all) due to upload shaping. ie, we want the shaping not to apply to TCP/UDP overhead. Semi related but probably not important is the ability to shape virtualised systems as well (ie the guests), but as the guest traffic goes through the host any traffic shaping done on/to the host should affect the guests as well.
View 1 Replies
View Related
Sep 19, 2010
I have a question regarding Traffic Shaping in Linux, Suppose I have a server on the internet (web, email or ftp) and I want to shape outgoing traffic per IP, say 256k for each destination IP. I've seen examples on the internet on how to shape traffic per IP by adding a queue for each IP, and some examples by using u32 hash if I have e.g. a /24 network, but if I have a server and I want to shape the traffic by destination IP, and of course... since it is a server on the internet I can't manually define any IPs of subnets. An example using the tc command?
View 2 Replies
View Related
Jan 17, 2010
I've been searching the last days for a tool to limit the bandwidth per application. I found the perfect tool for it: trickle, but it doesn't work (I tested it with firefox and chrome but they didn't obey the limit and I think the problem is that they don't use dynamically linked libs and trickle doesn't work for statically linked apps). I found some other tools but they don't limit per application (only per user or network interface).Does someone knows any other tools like trickle (easy too use and able to limit bandwidth per application) but for all applications?
View 2 Replies
View Related
Oct 18, 2010
We are using squid deplay pools successfully in our lan and it is working very fine but now i want each computer bandwidth to be shaped for each port means that whenever the user make ftp connection with ftp software or whenever the user access outlook express for email each port like smtp,ftp,remote desktop connection will be shaped or otherwords each pc will get fixed bandwidth.
Our Broaband having 1Mbps connection and we have 16 user who access the internet so i want the 1Mbps will distribute in each user. Our Six Users of internet is our directors and managers of the company so i want to give them max speed and 10 users will get low speed.
Six Special users Ip address: 192.168.1.3 to 192.168.1.9. Other Regular users Ip Address: 192.168.1.10 to 192.168.1.20.
View 2 Replies
View Related
Jan 20, 2010
I'm trying to shape bandwidth using HTB method and filtering classes with destination mac address. for this I've found two codes but none of them seem to filter bandwidth as i want (test with iperf) can some one explain me the problem with theses codes
Code:
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:1 htb rate 1000kbit ceil 1000kbit
tc filter add dev eth0 parent 1: protocol ip prio 3 u32 match u16 0x0800 0xFFFF at -2 match u16 0xM4M5 0xFFFF at -4 match u32 0xM0M1M2M3 0xFFFFFFFF at -8
code2:
[Code]...
View 1 Replies
View Related
Nov 27, 2010
I want to implement bandwidth shaping policy in a virtual environment. So i have 2mbps link, which i want to distribute it among Email,http(s),ssh,... and some other traffic. I want to do this in a virtual environment, for testing purpose. I want to run this script on a virtualbox virtual machine, which has ubuntu installed on it. and then use that as the router.
(a) is there any software that could simulate email,http,... traffic so that i could test it?
(b) my second question is (though not related to networking) how do i set a (virtual) machine as a router? or is it even possible?
View 1 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Apr 27, 2010
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
View 3 Replies
View Related
Jan 5, 2010
I am new to Ubuntu (Karmic with GNOME). I have a Samsung LED UEB7020, with an Asrock ION 330 BD player feeding to a Onkyo TXSR607, AV rec. The other day I downloaded NVidia v180.25, which was very useful, because it immediately solved an earlier teething problem of no sound. However immediately upon re-booting and ever since, the screen size is too big for the TV, meaning that I can not see the top, bottom, side and left of the display by about 2 inches either way. I have checked the NVidia resolution settings and they are correct for the TV, ie 1920 by 1080.
My etc/X11/ xorg.conf file reads as follows:
Section "Screen"
Identifier "Default Screen"
DefaultDepth 24
EndSection
Section "Module"
Load "glx"
EndSection
Section "Device"
Identifier "Default Device"
Driver "nvidia"
Option "NoLogo" "True"
EndSection
View 9 Replies
View Related
Mar 25, 2010
I feel like a moron.I wasn't watching what I was doing while copying an image to a 1tb external yesterday. Clonezilla resized my external and all I can see on it is a 75gb partition with Windows on it and the 8xxgb partition that is unallocated.
View 1 Replies
View Related
Sep 18, 2010
This is not a huge deal but I have missing hard drive space, I re-sized an iso with k9copy I then used mv to move it to the other iso like so:
Code: mv this.iso that.iso which moved and renamed it, however I did not get any drive space back by effectively "deleting" the first iso. So my question is do I have an unnamed iso file floating around that cannot be deleted?
View 4 Replies
View Related
May 26, 2010
I am currently generating some EPS images for my thesis and run into a 'practical' problem regarding their size.My method to generate them goes through a program which gives JPG files, and then I use "convert" to pass from the JPGs to a EPS:Code:convert File.jpg File.epsThe problem is that resulting EPS files are obscenely large which makes their inclusion in my thesis impractical.I know GIMP offers the same functionality (JPG > EPS) but considering I am working with many files I want to automatize the process (hence why I used "convert").Is there any way I can make "convert" to output smaller EPS files? Alternatively, is there another utility to do what I am doing?
View 2 Replies
View Related
Dec 8, 2010
I am backing up parts of my computer with DD, and i was wondering if there was a quick way to split the files created into 4.4GB sized files that will fit onto a DVD. Anyone have any idea of how to do this?
View 6 Replies
View Related
Sep 1, 2010
Was wondering if there is a simple way to make the kickoff menu slightly larger than the panel similar to the way Windows 7 can have their (formerly-known-as) "Start" button larger?I have KDE on my laptop and am trying to make the best use of the small screen space. The Plasma Netbook Workspaces is alright, but I ended up returning to base KDE instead.
View 3 Replies
View Related
Mar 13, 2011
Just upgraded to 11.4 this afternoon. All went smoothly for me. I did a clean install.I started up bubblemon, and it has huge bubble floating up in it. Is there anyone else with this problem?
View 1 Replies
View Related
Jul 6, 2011
I'm trying to set up a customer who has two printers attached to their computer one is some sort of okidata color laser printer, which seems to work fine the other one is a brother HL-4040CDN, which prints fine from a Linux based application such as open office.
When i try to print from a program in wine, however, I can't for the life of me get it to print properly to legal sized paper, it doesn't complain about paper size or anything, it simply crops the print size to that of letter sized paper even though I tell it the paper size is Legal.
I have tried setting the default paper size on the printer's firmware settings, I have tried setting the paper size in cups both through the printer preferences applet and the web interface, i have tried telling the program to print to legal paper and the only thing i can affect is which end of the paper it prints to, i have even tried different drivers for CUPS, i'm not sure if the problem is wine, the program, the printer, or how wine talks to the specific printer via cups (the other printer prints fine) i am using ubuntu 10.04 or 10.10.
View 1 Replies
View Related
Apr 2, 2010
I have ubuntu server with PPTP on it. I need to limit single connection speed for ip 1 mbit/s, and mounthly traffic limit to 5 GB. How i can do this my task. I try to find somthing with ip tables, but can't find how to creat mounthly limits.PPTP do not have this option, maybe is some other, not hard for configure VPN server? Maybe someone make this task with iptables, and can give commands for limiting? Ofcorse VPN program with integrated accaunts and limits will be better.
View 1 Replies
View Related
Feb 2, 2011
I've got 4 or 5 of these TRENDnet USB network adapters ( TU-ET100c ) that I use frequently when I'm configuring firewalls or IPS devices for customers. I use them in combination with VirtualBox to test. They've always worked great until my new laptop I just got, and I put 10.04 on it. Previously I was on 9.x. Sometimes they will give a link light, other times not. And when they do the interface shows that it's up, but I can't get any traffic across the interface.
[code]...
View 3 Replies
View Related
Mar 1, 2011
I have access to a VPN I use when having confidential instant messaging sessions. For the purposes of my work, essentially.I'm a command line kind of guy, and like to use Finch (the shell version of Pidgin) for those.However, when I turn on my OpenVPN connection it routes all traffic through the VPN. Web-browsing, IMing, and I can no longer access other machines on my home network.Can I set OpenVPN to only route traffic I ask through that connection (either by port number or application, or some way I haven't thought of), while other traffic flows through my usual home network?Some kind of local proxy perhaps? Or a dd-wrt box set up as a proxy, connected to OpenVPN?I've played around with the GUI environment too (I have a basic GUI I sometimes use on my main machine) and have installed the full desktop 10.10 on a second machine just to see if I can work it out.
View 2 Replies
View Related
Jun 30, 2011
I have a VPN account and have been running it perfectly on windows without any problems but I deleted my windows OS because I wanted to force myself to learn a Linux OS. I have installed the configuration package through the terminal and have followed this guide exactly
[URL]
The VPN was giving me a no secrets error to start off but I managed to fix and now it connects for about 40seconds but whilst it is connected, the internet is completely useless and I can't get on anything... It then disconnects after 40 seconds saying it has failed.
I installed firestarter to see if I could tweak it there to work but it was beyond me and I could also see from the data being sent that none of it was going through tap0 whilst the VPN was connected..
View 3 Replies
View Related
Jul 25, 2010
I need to be able to do the following: Physical Router located at 192.168.40.1
On Ubuntu 10.04 Lucid machine:
eth0 with static ip 192.168.40.2
eth1 with static ip 192.168.40.3
eth2 with static ip 192.168.40.4
Associate a virtual address to eth1 with an entirely different network address such as 192.168.50.1 Do the same (virtual address) for eth2 -- e.g. 192.168.60.1 In the application:
register phone number A at 192.168.40.1 (The application will automatically use eth0 for this)
register phone number B at 192.168.50.1
register phone number C at 192.168.60.1
Somehow forward all traffic (including the register request) sent to 192.168.50.1 to 192.168.40.1 as if the register had been made directly to 192.168.40.1. In other words, the app "sends" registration and traffic to 192.168.50.1 but then Ubuntu forwards it to 192.168.40.1 (but the app does not know that). Similarly, forward all traffic sent to 192.168.60.1 to the router at 192.168.40.1.
Do the same for the reverse, forward all traffic that the router sends back to 192.168.40.3 (eth1) to 192.168.50.1 (within the Ubuntu machine) so that the app knows it is for phone B. Similarly forward all traffic that the router sends back to 192.168.40.4 (eth2) to 192.168.60.1 so that the app knows it is for phone C. Thus, the application believes that it is registering at 3 completely separate routers on 3 completely separate networks via 3 separate network interfaces but in fact is really registering all three to the same router (but does not know that). Similarly, the router believes that it is receiving 3 separate registrations because it receives each registration request and traffic from 3 separate interfaces and thus 3 separate mac addresses (i.e., of eth0, eth1, and eth2). Traffic sent to and from the router for each of the 3 phone numbers (via eth0, eth1, and eth2) are not mixed because the translation happens in both directions.
View 9 Replies
View Related
Aug 31, 2010
I'm facing a problem when I establish VPN connections using OpenVPN to Your Freedom Server. " you can see their documentation here ", I've installed OpenVPN from synaptic and I used the client to connect through VPN and it works !! but there is no traffic in FF or any application !!I tired to insert some HTTP proxy also belongs to the same server and it works. What really wonders me is that OpenVPN seems to work only when I'm connecting to streams sites "e.g. ustream, justin.tv" Is there anyway to force the whole traffic to use OpenVPN " I'm using Mobile modem and it works fine with OpenVPN in win7
View 7 Replies
View Related
Jan 16, 2011
I noticed a huge data transfer to my computer. I wasn't downloading anything big, I have just opened Firefox, Thunderbird etc. It stopped after a minute but I'd like to know, what that was - this wasn't the first time something like this happened. I promptly started Wireshark and captured a few packets, all of them look like this:
[code]...
I tried to look at [URL]... but that webpage does not work. what the traffic might be caused by? Couldn't anyone hacked my pc?
View 9 Replies
View Related
Jan 20, 2011
Is there an easy way to monitor network traffic? I want to make sure my kids are surfing safe...
View 5 Replies
View Related
Jan 24, 2011
first, here is our setup:
Linksys Router with firewall
1 Linux Server -- Running Dapper
Multiple Linux ThinClients running off the linux server
Multiple Freestanding Linux Machines -- Running ubuntu variants
Multiple Freestanding Windows Machines -- Running windows variants
The issue is that certain websites will not load on the freestanding linux machines, but they will load on our linux server and all the windows machines. examples: [URL].. These sites will start to load, but they never really finish and just seem to time out. I have tried changing the dns on the freestanding linux laptops to use 208.67.220.220 and this does not solve the problem.
I have checked the firewall rules and they seem pretty standard.when the linux machines are used on other networks, these websites work, so the problem seems to be related to this particular network.
When I do (freestanding linux):
Code:
traceroute acer.com -I
The trace times out at 30 hops
When I do (linux server):
Code:
traceroute acer.com -I
The trace reaches the destination at 19 hops
Both of the traceroute requests start by going through the router. So the big issue is that websites will load on our linux server and all our windows machines, but not on freestanding linux clients.
View 4 Replies
View Related
