Step by step teach you how to use linux as a speed-limiting router

Source: Internet
Author: User
Thanks to the open-source and free linux, more and more manufacturers are using it for firewalls and routers, such as sea spider and flying fish Star. In fact, we can also use linux to build a high-performance router. the following uses redhat as an example to teach you how to create a speed-limiting route. install li...

 

Thanks to the open-source and free linux, more and more manufacturers are using it for firewalls and routers, such as sea spider and flying fish Star. In fact, we can also use linux to build a high-performance router. the following uses red hat as an example to teach you how to implement a speed-limiting route.

 

If you are a newbie, install the graphic desktop during installation.

 

Step 1: Establish an adsl connection, which is available in system settings-network settings. It is easy to handle in the graphic interface.

Step 2: enable IP forwarding and disguise (that is, routing and NAT)

1. open the/etc/sysconfig/network file as the root user and add the following line to the file:

GATEWAYDEV = PPP0 is used to set the default route.

2. enable IP forwarding: Open the/etc/sysctl. conf file, modify net. ipv4.ip _ forward = 0, and change 0 to 1.

3. restart the system

Step 3: Set the iptables firewall to determine which IP addresses can access the Internet through the linux host.

The following code allows 192. 168. 0. 0 CIDR block:

1. open the terminal and enter the following command at the # prompt:

Iptables-t nat-I POSTROUTING-o ppp0-j MASQUERADE #

Iptables-a forward-s 192.168.0.0/24-j ACCEPT # indicates that the forwarding is from 192. 168. 0. 0-segment communication

Iptables-a forward-d 192.168.0.0/24-j ACCEPT # This statement means that the forwarding is 192. 168. 0. 0-segment communication

Iptables-a forward-s! 192.168.0.0/24-j DROP # This statement indicates that communication without the IP address range 192.168.0.0 is denied.

2. Save the above firewall rules to ensure they are valid after restart

Enter the following command

Iptables-save>/etc/sysconfig/iptables

 

In this way, your linux router should be able to run.

PS: all commands must be case sensitive.

 

Speed limit implementation: In linux, there is a special speed limit software-tc, but it is difficult for new users to grasp the TC syntax, on the firewall, we can limit the speed by limiting the number of packets that a certain IP address or segment of IP addresses pass in one second.

The following is a limit of 192. 168. 0. 2. the IP address's network speed is used as an example.

Open/etc/syscofngi/iptables in the desktop environment and check whether all the settings are recorded in this file. now you can add rules in this file.

1. first find the filter

2. add the following two rows under the filter row:

-A forward-m limit-d 192.168.0.2 -- limit 30/sec-j ACCEPT # This statement indicates that only 30 forwarding entries per second reach 192. 168. 0. 2 data packets (about 45KB a data packet is 1.5KB)

-A forward-d 192.168.0.2-j DROP # This statement is used to indicate that packets that have reached 192.168.0.2 fail)

 

3. restart the system to achieve the speed limit.

4. restrict the upload speed. change d in the above two items to s.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.