Wednesday, February 10, 2010

shaping: dividing bandwidth between router & NAT hosts

I am working on setting up a router/server running Debian Squeeze. I have had
a lot to learn and have managed to understand iptables and have mostly set up
filtering.

Now I would like to set up traffic control. I have been reading documentation
and have been looking for an eth0 ingress way to delay packets in order to
control download bandwidth, but maybe ingress shaping is not a viable solution.
Perhaps it is the ACKs that I need to shape instead: delay the outgoing ACKs to
control downloads and delay the outgoing data to control the uploads. Will
that work?

The router uses NAT and has the following interfaces:
- eth0 (WAN)
- eth1, eth2, eth3 (ethernet LAN)
- wlan0 (wireless LAN)
* br0 bridges eth1, eth2, eth3, wlan0

(I do not have the wireless hardware yet; I hope wlan0 will work in the bridge
without problems.)

The bandwidth will ideally be separated into 4 groups:
- local (router)
- ethernat LAN (eth1, eth2, eth3)
- wireless LAN, known MAC addresses
- wireless LAN, unknown MAC addresses
Each group gets a part of the bandwidth and a priority for borrowing.

Can I use iptables to mark/classify packets into these groups?

Thanks lots for your help.

No comments:

Post a Comment