# Bandwidth Throttling

## Gushy

I've got a server on my lan, which sends a lot of outgoing traffic through my adsl line, and all the outgoing ftp traffic is slowing down other incoming and outgoing traffic.

my setup:

adsl router <--> switch <--> lan systems

Ideally what I want to be able to do is limit outgoing FTP traffic on the server, and if possible I only want to limit it if the traffic is going outside of my lan (would be nice but not a requirement).

Can I do this? if so how?  I've done a fair bit of googling, but a lot of the stuff I've found limit's a complete interface not specific traffic.  Also there's lots of pages on CBQ and on HTB - which is better(I am assuming I have to use one of these)?

Perhaps someone can suggest an ftpd that has totla bandwidth throttling (seems like an easier route if one exists), I currently use pure-ftpd which doesn't. 

I running a vanilla kernel with no patches if that makes a difference.

----------

## Krisserferson

afaik pure-ftpd can throttle...

Snippet from the index page of pure-ftpd:

 *Quote:*   

> 
> 
> - Bandwidth throttling is supported, with distinct settings for upload and download.
> 
> 

 

Other solution would be to use your firewall...

----------

## Gushy

it can only throttle per user on a per session basis, I need a global throttle.

----------

## psp

Try: http://www.lartc.org/ and read the docs. Also you can try modify the wondershaper script (which will do what you are after).

Edit: This script is on the site btw.

Hope this helps.

----------

## Gushy

thanx I'll take a look.

----------

## Krisserferson

Taken from the faq (http://pureftpd.sourceforge.net/FAQ):

* Global bandwidth limitation.

-> How do I limit the *total* bandwidth for FTP?

Pure-FTPd can limit bandwidth usage of every session. But limiting the total

bandwidth is intentionally not implemented, because most operating systems

already have very efficient algorithms to handle bandwidth throttling.

Here's an example with Linux.

1) Have a look at /proc/sys/net/ipv4/ip_local_port_range. You will see two

numbers: this is the interval of local ports your Linux kernel will use for

regular outgoing connections. The FTP ports you have to reserve for passive

FTP must *not* be in this range. So if:

"cat /proc/sys/net/ipv4/ip_local_port_range" returns "32768-61000", you can

reserve ports 10000 to 20000 for your FTP server, but not 30000 to 40000.

(alternatively, you can change the local port range) .

2) Change the first lines and save the following script:

  ---------------------------- Cut here ----------------------------

#! /bin/sh

# Simple bandwidth limiter - <j@4u.net>

# Change this to your link bandwidth

# (for cable modem, DSL links, etc. put the maximal bandwidth you can

# get, not the speed of a local Ethernet link)

REAL_BW='10Mbit'

# Change this to the bandwidth you want to allocate to FTP.

# We're talking about megabits, not megabytes, so 80Kbit is

# 10 Kilobytes/s

FTP_BW='80Kbit'

# Change this to your physical network device (or 'ppp0')

NIC='eth0'

# Change this to the ports you assigned for passive FTP

FTP_PORT_LOW="10000"

FTP_PORT_HIGH="20000"

tc qdisc add dev "$NIC" root handle 1: cbq \

bandwidth "$REAL_BW" avpkt 1000

tc class add dev "$NIC" parent 1: classid 1:1 cbq bandwidth "$REAL_BW" \

rate "$REAL_BW" maxburst 5 avpkt 1000

tc class add dev "$NIC" parent 1:1 classid 1:10 cbq \

bandwidth "$REAL_BW" rate "$FTP_BW" maxburst 5 avpkt 1000 bounded

tc qdisc add dev "$NIC" parent 1:10 sfq quantum 1514b

tc filter add dev "$NIC" parent 1: protocol ip handle 1 fw flowid 1:10

iptables -t mangle -A OUTPUT -p tcp --sport 20:21 -j MARK --set-mark 1

iptables -t mangle -A OUTPUT -p tcp \

--sport "$FTP_PORT_LOW":"$FTP_PORT_HIGH" -j MARK --set-mark 1

  ---------------------------- Cut here ----------------------------

3) Make sure that you have the 'tc' command installed. If your Linux distro

doesn't ship 'ip' and 'tc' commands, it really sucks, and you must install a

package called 'iproute2' to get them.

4) Start Pure-FTPd with the passive port range you assigned:

/usr/local/sbin/pure-ftpd -p 10000:20000 -HBA

5) Run the script you created in step 2. It it doesn't work, check that QOS

support was compiled in your Linux kernel.

6) Enjoy  :Smile: 

Hope it helps...

----------

## Gushy

now why didn't I spot that?! doh. thanx.  :Very Happy: 

----------

## Gushy

ok I tried it, but it didn't work.  :Sad: 

I've emerged iproute (is this the same as iproute2 mentioned in the faq), and installed and run the script, but I get this:

```

RTNETLINK answers: Invalid argument

RTNETLINK answers: No such file or directory

RTNETLINK answers: No such file or directory

RTNETLINK answers: No such file or directory

RTNETLINK answers: Invalid argument

```

now I assume they refer to the 5 tc statements, but I'm not sure what's wrong.

The only things I changed are: REAL_BW=256kbit, FTP_BW=200kbit, and the ftp ports.

----------

## mr-simon

Sounds like QOS is not compiled in the kernel. Check: "Networking Options" -> "QOS and/or fair queueing" -> Switch on everything that's not marked as experimental.

----------

## Gushy

I only had the first few options turned on - the ones mentioning cbq and htb.  I've turned the rest on, and I'm compiling the new kernel now.

----------

## AlterEgo

Ref. your error: note that version -r2 of the iproute package tends to fail on a lot of machines (see bugs.gentoo.org). 

Also, emerge iproute fails on a 2.5 kernel.

HTB traffic shaping needs a patched kernel before 2.4.20, or it will fail.

I found the HTB wondershaper very useful for upload  bandwith management, easier to configure then CBQ, and more effective.

----------

## Gushy

AHA adding the rest of the qos options in the kenrel did it!!!  :Very Happy:   :Very Happy:   :Very Happy:   although it does appear to be limitng by user not global bandwidth, but hey it's a start.  :Smile: 

I think I shall now have to take a look at that wondershaper so that I can customise things a bit.

----------

## Gushy

ok I got the script working, but it doesn't operate as planned - it is supposed to throttle total ftp bandwidth but it seems to be doing it per connection.

I've looked through the man pages and the how to's at lartc.org and tldp.org but all the script seems ok to my untrained eyes.

Can anyone else spot the error?

----------

## lysergicacid

i cant seem to get it to work either, only i dont want passive i need active im using this on dirrect connect to stop the cable latency problem, im thinking that gushy must have ntl or telewest broadband, as i have ntl and any form of upload with my client turns my 70-80 k/s d/ls into 10k/s d/l's this is obviosly quiet annoying as im sharing 164 gigs worth of stuff and never have free slots, im all for people having stuff from me (if no one shared who would have anything) yet there has to be a ballance.

i found this to be usefull : http://www.jarod.mpn.pl/htbgui.html

it hasnt solved my problem but it might be some help to someone else.

----------

## compuboy86

I found this while setting up my new Shorewall box....seems applicable, just subsititute your custom kernel with the binary one in the howto.

http://community.smoothwall.org/forum/viewtopic.php?t=1817&highlight=bandwidth

----------

## Gushy

I did solve this in the end using HTB, but I posted that all in another thread I started. 

Solution using HTB

HTH

----------

## lysergicacid

ty gushy - sorry it took me so long to say it too i'll  have a look at your solution soon as i get chance  :Wink: 

----------

## Gushy

np, hope it helps you.  :Smile: 

----------

