[CentOS-mirror] Bandwidth questions

Wed Mar 23 20:36:22 UTC 2011
Jim Kusznir <jkusznir at gmail.com>

For the record, what I ended up deploying was linux network-stack
level traffic control with the HTB shaper.  I ran into some
strangeness with my filter rules, which were preventing my local
traffic from getting exempted.  I finally removed the default rule
from the root shaper and put a u32 catch-all rule in pointing to the
class with the restriction in it.

This way it will catch ALL outbound bandwidth, as the local ITS was
getting pretty ansy and they didn't care about what modes were in use,
just that the absolute total amount of packets leaving my machine was
at or below 50mbits/s.

Oh well....


On Wed, Mar 23, 2011 at 1:13 PM, Jonathan Thurman
<JThurman at nwresd.k12.or.us> wrote:
> On 03/22/2011 12:24 PM, Jonathan Thurman wrote:
>>> If you are using vsftp, then you could add something like this to your /etc/vsftp/vsftp.conf:
>>> # Max transfer rate 10 Mb
>>> anon_max_rate=10485760
>> We're running a ftp-only (so far) mirror that I'm about to announce to
>> the list. It's my understanding that you need to adjust anon_max_rate
>> *and* max_clients or else you could get, for example, 100 connections
>> using a max transfer rate of 10Mb. So far I'm limiting our ftp
>> connections/rate thusly:
> Good point.  All the man page says is "The maximum data transfer rate permitted, in bytes per second, for anonymous clients.", but does not specifically state that is for ALL anonymous clients.  The wording for local_max_rate leads me to believe that the rates are per-user, but I haven't reviewed the source.
>> anon_max_rate=5000000
>> max_clients=20
> You might want to add max_per_ip as well, otherwise a single system could use up all 20 of your client connections.  Don't make it too small though, as there are a lot of systems behind NAT.
>> so that we can't get hit by over 100Mb of traffic. Please let me know if
>> this doesn't sound right, or if 20 clients maximum is way too wimpy to
>> be a useful mirror. Also, I'm assuming that since we're talking about
>> network transfer rate, the rate doesn't need to be x(1024^2), just
>> x(1000^2)?
> anon_max_rate is a cap in bytes per second, so it does not have to be a multiple of anything.  If you like limiting the number of bytes to a prime number, it should work =)
> -Jonathan
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> http://lists.centos.org/mailman/listinfo/centos-mirror