Recently have a colleague with BT and electric donkey crazy download, we hit CS on the internet has been greatly affected, so the NAT Internet to do a flow control, will be a bit of experience to introduce to netizens, I hope to help the CS fans.
Our Internet environment is as follows:
eth0 External Network Ip:a.b.c.d
Eth1 intranet IP1:192.168.0.0/24 to Boss and BT
Eth2 intranet ip2:192.168.1.0/24 to me and Csfans
Use Linux to do the NAT command as follows:
Echo 1 >; /proc/sys/net/ipv4/ip_forward
Iptables-f
Iptables-t nat-f----Clear old rules
Iptables-t nat-a postrouting-s 192.168.0.0/24-o eth0-j SNAT--to a.b.c.d---To do NAT for intranet IP1
Iptables-t nat-a postrouting-s 192.168.1.0/24-o eth0-j SNAT--to A.B.C.D---NAT for intranet IP2
------------a FW filter-based marker for flow control
Iptables-i prerouting-t mangle-p tcp-s 192.168.0.0/24-j MARK--set-mark 1
Iptables-i prerouting-t mangle-p tcp-s 192.168.1.0/24-j MARK--set-mark 2
------------flow control for upload rate
TC requires kernel 2.4.18 above, so not enough to upgrade
TC can only control the rate of the network card sending packets, so the upload rate limit to be done on the eth0
----Delete an old queue
TC Qdisc del Dev eth0 root
----Add a root queue, the rate of network card with the rate of 10Mbit, also available upload rate
TC Qdisc Add dev eth0 root handle 100:cbq bandwidth 10Mbit AVPKT 1000
----Add a root class
TC class Add dev eth0 parent 100:0 classid 100:1 CBQ bandwidth 10Mbit rate 10Mbit Allot 1514 weight 1Mbit Prio 8 Maxburst 8 Avpkt bounded
----plus a subclass for intranet 1 rate limit of 300Kbit
TC class Add dev eth0 parent 100:1 classid 100:2 CBQ bandwidth 10Mbit rate 300Kbit Allot 1513 weight 30Kbit Prio 5 maxburs T 8 avpkt bounded
----plus a subclass for intranet 2 rate limit of 320Kbit
TC class Add dev eth0 parent 100:1 classid 100:3 CBQ bandwidth 10Mbit rate 320Kbit Allot 1513 weight 32Kbit Prio 6 maxburs T 8 avpkt bounded
----Set up queue rules
TC Qdisc Add dev eth0 parent 100:2 sfq Quantum 1514b perturb 15
TC Qdisc Add dev eth0 parent 100:3 sfq Quantum 1514b perturb 15
------Map the queue and the FW filter where 1 of hand 1 is the mark that started with Iptables, Hand 2 2 is also the mark that started with iptables.
TC Filter Add dev eth0 parent 100:0 protocol IP prio 1 handle 1 FW classid 100:2
TC Filter Add dev eth0 parent 100:0 protocol IP prio 2 handle 2 FW classid 100:3
-----------------------to do the download limit I only limit the boss and BT download rate, filter is used U32
TC Qdisc del Dev eth1 root
TC Qdisc Add dev eth1 root handle 200:cbq bandwidth 10Mbit AVPKT 1000
TC class Add dev eth1 parent 200:0 classid 200:1 CBQ bandwidth 10Mbit rate 10Mbit Allot 1514 weight 2Kbit Prio 8 Maxburst 8 Avpkt bounded
TC class Add dev eth1 parent 200:1 classid 200:2 CBQ bandwidth 10Mbit rate 1000Kbit Allot 1513 weight 1Mbit Prio 5 maxburs T 8 avpkt bounded
TC Qdisc Add dev eth1 parent 200:2 sfq Quantum 1514b perturb 15
TC Filter Add dev eth1 parent 200:0 protocol IP prio u32 match IP DST 192.168.0.0/24 flowid 200:2
----------------------
can now use tc-s qdisc ls dev eth0
Tc-s qdisc ls Dev eth1
Tc-s class LS Dev eth0
Tc-s class LS Dev eth1 monitor traffic
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
