[SWLUG] firewall bandwith shaping

Matt Willsher matt at monki.org.uk
Wed May 2 20:21:27 UTC 2012


Traffic shaping only really works from you to the Internet, rather than
from the Internet to you - by the time the data hits your firewall it's
already gone down your connection. While there are ways of attempting to
slow down connections they may no be all that effective. I did have traffic
shaping on my line, forgot I had it and when BT upgraded my line, dispite
me having capped the speed at way below the new speed, speedtest still
showed me hitting my limits in both directions.  That said, I've not had
any problem with congesting on my link. If your house-mates are using
wireless that may up being enough throttling. If they're 'infringing
copyright' it's perhaps better to educate them on why the home line is not
the place for that. If they're seeding Linux distros, well, all power to
them!

Regarding firewall software (with shaping) a few suggestions to get you
started:

http://www.pfsense.org/  is a FreeBSD based solution with plenty of info on
traffic shaping http://doc.pfsense.org/index.php/Traffic_Shaping_Guide
http://www.shorewall.net/ is an abstraction of Linux iptables, is text file
based and flexible and will run on most Linux boxes
https://openwrt.org/ is provides firmware for a variety of routers, has a
nice web interface and has a traffic shaping option. I run this myself on a
Netgear WNR3700 and have been happy with it (75Mb/s down, 16Mb/s up :) ). I
don't traffic shape though.



On 2 May 2012 17:24, bascule <asura at theexcession.co.uk> wrote:

> with my ipcop firewall hardware apparently failing this isn't a bad time to
> address an idea i've been mulling for some time.
> later in the year virgin (censoring bastards) will be trebling my speed
> and i
> thought that since i'm happy with my current speed i'd let my house mates
> connect wirelessly through the firewall, however i'm keen to ensure that i
> still get the full 10mbs i currently get no matter what the others may be
> doing and also that no matter what i might do they get some minimum like 2
> mbs
> so that i don't get frequent complaints :)
>
> i believe that this is called bandwith shaping but i'm not sure what
> firewall/router software i should look at for this.
> i'm open to suggestions, as far as i can see ipcop only allows to throttle
> for
> certain activity not guarantee bandwith.
>
> bascule
> --
> "Far out in the uncharted backwaters of the unfashionable
> end of the western spiral arm of the Galaxy lies a small
> unregarded yellow sun. "
> _______________________________________________
> SWLUG Discussion List - Discuss at swlug.org
> http://swlug.org/mailman/listinfo/discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/swlug/attachments/20120502/a9feff7f/attachment.html>


More information about the Swlug mailing list