[PLUG] network traffic shaping for servers
Loren M. Lang
lorenl at north-winds.org
Tue Feb 25 07:37:04 UTC 2014
On 2/22/2014 2:16 PM, Keith Lofstrom wrote:
> 2) I run a Personal Telco access point, and am glad to serve
> my community. However, sometimes my guests use up most of
> my bandwidth. Is there an easy way to thottle the bandwidth
> feeding the access point (it is by itself on a private DMZ)
> to a reasonable fraction of my FIOS feed, say to 3mbps?
There are a couple of ways to potentially shape incoming traffic, but
they are more advanced techniques and I've only read about them in
passing. One, is a tc filter called RED or Random Early Drop. When
traffic starts to approach a certain threshold, it will start to
randomly drop packets as if the connection is congested before it really
is. That will cause devices transmitting to fall-back and re-transmit at
a slower pace because those dropped packets won't be acknowledged and
indicate network congestion. That works for throttling legitimate TCP,
but not DoS attacks or UDP packets. The second approach could be to
setup IP Filter rules that do TCP Window Scaling. TCP packets contain a
field called window that tells the other end how many bytes are
available in the local buffer for receiving. A window of zero tells the
other end that my buffer is completely full and hold off sending any
data. That's a standard feature provided by TCP for flow control and
could be used for traffic shaping.
> Again, there are probably optimal strategies, but I'll take
> easy, good-enough and hard-to-screw-up for now.
>
> Keith
>
More information about the PLUG
mailing list