How to limit speed for every device per MAC address in the gateway via Linux command "tc"?

3

I have a gateway whose OS is Linux.Assume my downlink bandwidth is 100 Mbps. I want to limit the max download speed to 1Mbps for every device which uses this gateway.In other words, if there are 100 devices, every device can get 1 Mbps bandwidth in theory.I tried doing traffic shaping via Linux command "tc". Below are my commands.My interface name is "eth0".But the problem is these commands only can limit speed for specific device(here, its MAC address is M0M1M2M3M4M5) .The commands what I want are to limit the speed for every device.The commands should be general because I don't know the MAC address of device which will send the packets the to gateway.Are there any simple commands/ways to do this? Do we need to add TC rules dynamically? Thanks in advance.

tc qdisc add dev eth0 root handle 1: htb default 20
tc class add dev eth0 parent 1: classid 1:1 htb rate 1mbit ceil 1mbit
#dst MAC=M0M1M2M3M4M5
tc filter add dev eth0 parent 1: protocol ip prio 5 u32 match u32 0xM2M3M4M5 0xffffffff at -12 match u16 0xM0M1 0xffff at -14 flowid 1:1
tc
asked on Server Fault Feb 21, 2017 by Shuangfeng He • edited Feb 22, 2017 by Shuangfeng He

2 Answers

3

Use this example:

 tc qdisc del dev eth1 root 
 tc qdisc add dev eth1 root handle 1: htb default 10
 tc class add dev eth1 parent 1: classid 1:10 htb rate 1mbit ceil 1mbit
 tc class add dev eth1 parent 1: classid 1:11 htb rate 1mbit ceil 1mbit
 tc class add dev eth1 parent 1: classid 1:12 htb rate 1mbit ceil 1mbit

Add more if needed

 tc filter add dev eth1 parent 1: protocol ip prio 5 u32 match u16 0x0800 0xFFFF at -2 match u32 0x23AD5518 0xFFFFFFFF at -12 match u16 0x0800 0xFFFF at -14 flowid 1:11
 tc filter add dev eth1 parent 1: protocol ip prio 5 u32 match u16 0x0800 0xFFFF at -2 match u32 0x23AD5520 0xFFFFFFFF at -12 match u16 0x0800 0xFFFF at -14 flowid 1:12

add more mac's if needed

or use the more simplier ip version:

tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip dst 192.168.10.101 flowid 1:11
tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip dst 192.168.10.102 flowid 1:12

add more ip's if needed

answered on Server Fault Apr 7, 2018 by norman alpuiz • edited Apr 7, 2018 by Luca Gibelli
2

Here is an example based on https://amd.co.at/adminwiki/Linux_Trafficshaping:

#!/bin/bash

#Cleaning up
tc qdisc del dev eth0 root handle 1: > /dev/null 2>&1

#Add the root handle, setting the default leaf
tc qdisc add dev eth0 root handle 1: htb default 5

#Set the basic speed of the device
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 100mbit

# add a leaf for every IP in the 10.0.1.0/24 class, with mimimum guaranteed bandwidth of 1mbit and max available bandwidth of 1mbit, as per OP request
for i in $(seq 2 255); do 
   tc class add dev eth0 parent 1:1 classid 1:$i htb rate 1mbit ceil 1mbit
   #Add SFQ queueing disciplines
   tc qdisc add dev eth0 parent 1:$i handle $i: sfq perturb 10

   #prioritize traffic
   tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dst 10.0.1.$i flowid 1:$i
done

If you want to let each IP use more than 1Mbps as long as there is at least 1Mbps of guaranteed bandwidth for each IP currently generating traffic, you should change ceil 1mbit to ceil 100mbit.

If your objective is to not let clients go faster than 1Mbps in any condition, use the script as is.

answered on Server Fault Apr 7, 2018 by Luca Gibelli • edited Oct 20, 2019 by Luca Gibelli

User contributions licensed under CC BY-SA 3.0