Home > Cloud Computing > Cloud Applications

Linux gateway traffic control (Qos)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Linux gateway traffic control (Qos)-Linux Enterprise Application-Linux server application information. The following is a detailed description. Iptables + TC for traffic control the following is the Qos settings of a linux gateway in our subsidiary. Using iptables and TC, we feel that the effect is very good.

Instance 1:


Traffic control:


Eth0 is connected to the Intranet on the firewall, and eth1 is connected to the Internet line with a bandwidth of 2.5 M. Target:


1. Intranet users can download up to 1000 kbit/s, while 192.168.37.167 master 192.168.37.168 can download up to 1.5 Mbit/s.


2. the upload bandwidth of 192.168.37.124 and 192.168.37.140 in the Intranet is up to 1.5 MB, while that of other users is up to 150 Kbit/s.


(After such traffic control, even if someone in the Intranet uses software such as bt, It is not afraid. Because his upload can only take up to 150 Kbit/s, and download a maximum of 1000 kbit/s ^-^)


#! /Bin/sh



TC = "/sbin/tc"

LAN_IFACE = "eth0"

INET_IFACE = "eth1"

ERP1 = "192.168.37.167/32"

ERP2 = "192.168.37.168/32"

INTERNAL_LAN = "192.168.37.0/24"



Start (){



################### Qos rule on eth0 ################ ########



# $ TC qdisc add dev eth1 root tbf rate 512 kbit lantency 50 ms burst 1540

If ["$ LAN_IFACE "! = ""]; Then

$ TC qdisc add dev $ LAN_IFACE root handle 1:0 cbq bandwidth 100 Mbit avpkt 1000 cell 8

$ TC class add dev $ LAN_IFACE parent 1:0 classid 1:1 cbq bandwidth 100 Mbit rate 2.5 Mbit weight 3 Mbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded

$ TC class add dev $ LAN_IFACE parent classid cbq bandwidth 100 Mbit rate 1500 kbit weight 2 Mbit prio 6 allot 1514 cell 8 maxburst 20 avpkt 1000

$ TC class add dev $ LAN_IFACE parent classid cbq bandwidth 100 Mbit rate 1000 kbit weight 1 Mbit prio 7 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded

$ TC qdisc add dev $ LAN_IFACE parent handle 20: sfq

$ TC qdisc add dev $ LAN_IFACE parent handle 30: sfq

$ TC filter add dev $ LAN_IFACE parent 1:0 protocol ip prio 2 u32 match ip dst $ ERP1 flowid

$ TC filter add dev $ LAN_IFACE parent 1:0 protocol ip prio 2 u32 match ip dst $ ERP2 flowid

$ TC filter add dev $ LAN_IFACE parent 1:0 protocol ip prio 4 u32 match ip dst $ INTERNAL_LAN flowid

Echo ""

Echo ""

Echo "qos rule on eth0 start ...... OK! "

Echo ""

Echo ""

Fi



#################### Qos rule on eth1 ################ ########



If ["$ INET_IFACE "! = ""]; Then

Iptables-F-t mangle

Iptables-X-t mangle

Iptables-Z-t mangle

Iptables-a prerouting-t mangle-s $ ERP1-j MARK -- set-mark 1

Iptables-a prerouting-t mangle-s $ ERP2-j MARK -- set-mark 1

Iptables-a prerouting-t mangle-s 192.168.37.124/32-j MARK -- set-mark 1

Iptables-a prerouting-t mangle-s 192.168.37.140/32-j MARK -- set-mark 1

Iptables-I PREROUTING-t mangle-s $ INTERNAL_LAN-j MARK -- set-mark 2





$ TC qdisc add dev $ INET_IFACE root handle cbq bandwidth 100 Mbit avpkt 1000 cell 8

$ TC class add dev $ INET_IFACE parent classid 2:1 cbq bandwidth 100 Mbit rate 2 Mbit weight 1 Mbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded

$ TC class add dev $ INET_IFACE parent 2:1 classid cbq bandwidth 100 Mbit rate 1500 kbit weight 150 kbit prio 6 allot 1514 cell 8 maxburst 20 avpkt 1000

$ TC class add dev $ INET_IFACE parent 2:1 classid cbq bandwidth 100 Mbit rate 150 kbit weight 20 kbit prio 7 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded

$ TC qdisc add dev $ INET_IFACE parent 2: 2 handle 20: sfq

$ TC qdisc add dev $ INET_IFACE parent 2: 3 handle 30: sfq



$ TC filter add dev $ INET_IFACE parent 2: 0 protocol ip prio 1 handle 1 fw classid 2: 2

$ TC filter add dev $ INET_IFACE parent 2: 0 protocol ip prio 2 handle 2 fw classid 2: 3

Echo ""

Echo ""

Echo "qos rule on eth1 start ...... OK! "

Echo ""

Echo ""

Fi



}



Stop (){



If ["$ LAN_IFACE "! = ""]; Then

$ TC qdisc del dev $ LAN_IFACE root

Fi

If ["$ INET_IFACE "! = ""]; Then

$ TC qdisc del dev $ INET_IFACE root

Fi

Iptables-F-t mangle

Iptables-X-t mangle

Iptables-Z-t mangle



}



Status (){

Echo "show qdisc ............"

Echo ""

Echo ""

Echo ""

$ TC-d-s qdisc

Echo ""

Echo ""

Echo "show filter ............"

Echo ""

Echo ""

If ["$ LAN_IFACE "! = ""]; Then

$ TC-d-s filter ls dev $ LAN_IFACE

Fi

Echo ""

Echo ""

If ["$ INET_IFACE "! = ""]; Then

$ TC-d-s filter ls dev $ INET_IFACE

Fi

Echo ""

Echo ""

Echo "show class ............"

Echo ""

Echo ""

If ["$ LAN_IFACE "! = ""]; Then

$ TC-d-s class ls dev $ LAN_IFACE

Fi

Echo ""

Echo ""

If ["$ INET_IFACE "! = ""]; Then

$ TC-d-s class ls dev $ INET_IFACE

Fi

Echo ""

Echo ""



}



Case "$1" in

Start)

Start

;;

Stop)

Stop

;;

Restart)

Stop

Start

;;

Status)

Status

;;

*)

Echo $ "Usage: $0 {start | stop | restart | status }"

Exit 1

Esac




Instance 2: complex Qos settings are not disclosed due to confidentiality.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
network traffic analyzer linux linux sniff network traffic linux trace network traffic linux traffic generator linux sms gateway command to check network traffic in linux control linux from windows
Related Article
Ingenious, Webapi httpbasicauthorize the practice of building...
Agent simplifies integration between cloud applications and e...
Enable cross-Cloud applications-DNS-based load balancing
10 cloud applications recommended for web designers and devel...
The best practices for iOS network programming and cloud appl...
Enable dazzling 3D desktop effects (group chart) in Fedora8)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More