[PLUG] network traffic shaping for servers

Loren M. Lang lorenl at north-winds.org
Tue Feb 25 07:37:04 UTC 2014


On 2/22/2014 2:16 PM, Keith Lofstrom wrote:
> 2) I run a Personal Telco access point, and am glad to serve
> my community.  However, sometimes my guests use up most of
> my bandwidth.  Is there an easy way to thottle the bandwidth
> feeding the access point (it is by itself on a private DMZ)
> to a reasonable fraction of my FIOS feed, say to 3mbps?

There are a couple of ways to potentially shape incoming traffic, but 
they are more advanced techniques and I've only read about them in 
passing. One, is a tc filter called RED or Random Early Drop. When 
traffic starts to approach a certain threshold, it will start to 
randomly drop packets as if the connection is congested before it really 
is. That will cause devices transmitting to fall-back and re-transmit at 
a slower pace because those dropped packets won't be acknowledged and 
indicate network congestion. That works for throttling legitimate TCP, 
but not DoS attacks or UDP packets. The second approach could be to 
setup IP Filter rules that do TCP Window Scaling. TCP packets contain a 
field called window that tells the other end how many bytes are 
available in the local buffer for receiving. A window of zero tells the 
other end that my buffer is completely full and hold off sending any 
data. That's a standard feature provided by TCP for flow control and 
could be used for traffic shaping.

> Again, there are probably optimal strategies, but I'll take
> easy, good-enough and hard-to-screw-up for now.
>
> Keith
>




More information about the PLUG mailing list