[CentOS] Traffic shaping on CentOS

Fri Sep 10 21:42:11 UTC 2010
Flaherty, Patrick <pflaherty at wsi.com>

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Emmanuel Noobadmin
> Sent: Friday, September 10, 2010 11:16 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] Traffic shaping on CentOS
> On 9/10/10, Giles Coochey <giles at coochey.net> wrote:
> >
> > Note that you will only be able to control the flow of outgoing
> traffic to
> > your system if you place the bandwidth control on the server
> endpoint.
> > Incoming traffic needs an in-line box to so that you can access the
> other
> > interface and control it's outgoing traffic (your servers incoming
> > traffic).
> I understand that problem from the reading done so far. Fortunately in
> this particular situation, all I really need is the outgoing traffic
> shaping since the ISP would be limiting what's incoming anyway. The
> client just want to make sure certain key interactive services doesn't
> get drowned out when somebody is pulling a huge document from the
> server.

You may still be hosed since the bottleneck is in front of your server.

 New client requests -> InternetConnection -> Router/FW -> Server

 If your new client requests are coming into an internet connection
that's saturated, I'm pretty sure they won't even make it to the server
to get rate limited. Your client would start seeing error
rates/retransmits and you'd be effectively DOS'd. If you were running
with an ISP that let you burst, then used a Router/FW that let you start
throttling traffic you may do better, but I don't think you're going to
get good results out of that system. 

 Any reason you don't buy a hosted solution and put your static content
(manuals, long downloads, etc) up there for people to pull? You could
also get pay as you go caching thru a few limelight/level3/akami/etc for
your domain.

In the past I've used tc to do testing for crappy network links. Here
are the two links that I found helpful
* http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
* http://lartc.org/howto/lartc.ratelimit.single.html

Good luck,