Slashdot Mirror
Prioritized Internet Sharing for Home Users?
precursor asks: "Like many of you, I share a house with a couple of other geeks. This is normally a hoot - until it comes time for bandwidth sharing on a single cable modem (it's hard to play games with a bunch of torrent junkies). What solutions have other Slashdot readers implemented for sharing or limiting certain types of bandwidth on a home network? We are especially interested in solutions that we could implement on an aging PC or on hardware that can be purchased on a budget."
Didn't we just see the solution to this problem here two days ago?
____
~ |rip/\/\aster /\/\onkey
For home it's easy. All you need is a baseball bat. It's when you can't get access to the other users that it starts to get tricky.
Stuff at lartc.org, notable the wondershaper may serve as a basis for what you want.
link, http://qos.ittc.ku.edu/howto/index.html linux qos howto.
:). also some adsl modems have traffic shaping...
theres also several linux/bsd based easy to setup firewall/router distros.. some of them have to have qos support
world was created 5 seconds before this post as it is.
You can use Linux and QoS fair queueing to restrict bandwidth to the three (or however many) computers to 1/3 of the available bandwidth. easy.
:)
I just googled a bit and the latest stuff i can find is from 2001, but i know it can be done.
but i know its possible, so google it yourself.
http://www.m0n0.ch/wall/
Put IPCop on the aging machine and the set up priorities for different traffic.
What, me worry?
While the question isn't a dupe of this, it's close enough. Follow the link to Monday's story for a thorough discussion.
Some people have a way with words, and some people, um, thingy.
Take a look at pf, native to OpenBSD, but recently also ported to FreeBSD. (I use it on FreeBSD and it works like a charm.)
It's a great firewall and has traffic shaping options, too. Fairly thorough documentation, as well.
I had bad results trying to enable traffic control (/sbin/tc) on a linux firewall (NAT). The most effective solution that I found was to limit the bandwidth usage from the client side.. find a torrent client that lets you cap it's bandwidth.
Of course, maybe tc didn't work well for me because my firewall is a P90 with 32MB memory.
-metric
Yeah, I know, it's weird, but it can be achieved.
At home we are 3 intensive users sharing a 6.5mbps (~800k/sec) download and 880kbps (~120k/sec) upload.
What we do ? Well we RESPECT each other. Meaning ? We all 3 have Azureus for Bittorrent downloads, and the max upload speed we each set is 30k/sec. That means that even if all 3 of us upload at 30k/sec, there's still a 20-30k/sec available for gaming, browsing, etc. As for the download speed, we really rarely cap out the 800 barrier, so it's not much of a problem. But if it is for you, take the whole bandwidth, substract 10% of it, then split evenly between all of you by setting a maximum download speed in Azureus (I'm sure other BT clients can do this as well, but I love Azureus). TADAM !
Total time of implementation : 5 minutes. Total cost : 0$.
"Didn't we just see the solution to this problem here two days ago?"
What, you've never seen the same advertisement 2 days in a row.
Call it "slashtroturf"
When I had this problem, what I told my torrent junkie roomates was, "If I ever want to play a game and I have a bad ping I will unplug your connection, no questions asked. You need to take some responsibility for your bandwidth." He promptly went out and found Net Limiter to run on his desktop (god forbid anything stops his downloads) and we agreed that any time after 1:30 am or so was wide open for bandwidth whoring. Net Limiter allowed him to schedule the changes in bandwidth so he didn't have to stay up late to up his bandwidth manually.
-Steve
Learn more about queueing at the pf FAQ.
:) - Linux distro. The simplicity, if you've never experienced it before, can feel both constraining and liberating at the same time. Give it a try if you've got a spare box. It's hard to experiment without learning SOMETHING - and if you're here I'm sure you're into learning, right? So give it a whirl. If you're not sure what BSD to try, give this a read. If you just want to buy a router, learn from the recent Ask Slashdot - Home Routers w/ Decent QoS Performance?. Best of luck!
:)
See my previous post here for a pf.conf recipe to implement traffic shaping based on packet type. You could also prioritize via IP, require a ssh session to gain higher priorities for a specific IP (authpf), based on time of day, or any other number of factors.
THE guide to pf (packet filter) can be found here. pf will run on FreeBSD as well as, I believe, a few other open OSs. I think it's really the best. Almost any reader here could surely benefit from at least a partial working knowledge of packet filters ("firewalls") in general.
=======
EXTRA CREDIT
=======
Got a few connections you'd like to tie together into one? Read more about Address Pools and Load Balancing with pf.
Another Bandwidth management HOWTO for Linux systems (last revised in '03 - may be better for concepts than router config recipes)
bittorrent traffic shaping
A nice K5 article about packet filtering with OpenBSD firewalls
Prioritizing empty TCP ACKs with pf and ALTQ
Making the most out of a busy connection
Turn that old P5 and two network cards into an OpenBSD firewall and learn to setup your own router. You will learn a TON about TCP/IP, how to protect your internal network, and BSDs in general (they're pretty neat in the way that they don't have as much "cruft" as usually found in your typical - yeah, that works
If you're going to use OpenBSD (which I'd recommend for a firewall/NAT box), be sure to support the OS which strives for portability, standardization, correctness, proactive security and integrated cryptography by ordering a CD, T-shirt, book, or hacker bunker enhancing poster. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. Development is active and it won't let you down as a gatekeeper or internal server.
Puffy says "Stay off my computer!" and means it. I sleep well at night knowing "puffy" (the name of my box) is standing guard just behind my cable modem and in front of the 5+ computers my roommates and I are running inside. Has never let me down and doesn't get in my way. Keeps Freenet and torrents from introducing lag into my ssh sessions as well..... Good luck finding a solution to keeping your pipes clean
http://www.zelow.no/floppyfw/
This is just about the cheapest solution you could use. It only requires only a 386sx with two NICs, a 1.44MB floppy drive, and 12MByte of RAM, but scales quite well. I actually have it running on an Athlon 1800+ 256mb RAM box serving a medium sized computer lab. It's really easy to set up, but is missing a lot of important utilities since it's floppy based. A cd based distribution or full debian setup with trafic shapeing/prioritisation packages installed (tc/tcng or others) is probably a better idea if you have the hardware for it.
------ Take away the right to say fuck and you take away the right to say fuck the government.
A lot of the LiveCD router/firewall distros work on very modest hardware, have traffic shaping features, are easy to setup, and are free. Here are a few.
it is worthwhile to install http://www.adsl-optimizer.dk/ as well. We have it here at our dorm where 300 people share a 8196/768 standard ADSL. It works, and with less users it should work with VoIP and Games as well.
This router has QoS built in. Its great for making my VoIP calls while my friggen roommate torrents the world. I just give my computer priority over his and walla... you can also give priority via application, ports, etc.
I share a link with my brother-in-law. 5k/s moden dialup since here in South-Africa the government officials won't do anything unless they're bribed to do something, so we're still stuck on such a slow link since the telecommunications are basically run by the state. Some progress has been made but not much really. DSL should be available here but nobody has bribed the local authorities yet to do their job.. Because the link is so slow sharing bandwidth doesnt work so he unplugs the lan when I'm on IRC or MUDing. Try that with your friends? ok enough of that. tc should do the job fine tho' it aint very easy to understand @ first. route everything through a box with rc configured as the other ppl said.
it's all about centralization.
we have a pIII 500 box with a 120 gig drive set up as our media server (it has samba set up for access from our xboxes/xbmc and from our room computers too). We have VNC running and use qtorrent so whenever anyone has downloads running, they are accessible by everyone to pause, etc. We play a lot of halo 2 so it's important for anyone to be able to turn off all the downloads without having to have access to all the computers in the house.
twitter.com/gravitronic
Try m0n0wall. It's a free BSD-variant (FreeBSD I believe) with an easy web-based interface and a good manual. You can use the iso on an old machine or put it on a soekris machine or the like for a silent firewall/router solution.
http://www.astaro.com
Astaro is a solid implementation, I almost prefer it, but if you dont like it.....then....see below.
http://www.bandwidtharbitrator.com/
"God of Rock, thank you for this chance to kick ass. "
I've been trying to solve the similar problem of sharing limited bandwidth between different processes on the same box. In particular I have a cron job that does a backup using rsync, and I'd like its packets to have lower priority than interactive (HTTP) traffic.
There seem to be tools that can apply bandwidth caps, but this isn't really what I want: I don't want to slow the rsync when there is nothing else going on. And I don't want to use port numbers / packet types for filtering since an rsync run from the command line should have a high priority.
I think that what I really want is something that applies per-process network priorities in the way that "nice" applies CPU priorities. Then I would run my backup job as "netnice -15 rsyncbackup" and maybe also "netnice -10 exim".
Can anyone suggest how this can be achieved?
Your best bet, for both simplicity, functionality, and price, is a Linksys wireless router running the Sveasoft firmware. The extremely popular Linksys WRT54G 802.11g wireless router runs Linux, allowing easy customization with enhanced features. For basic functionality, a Linksys WRT54G can be had for under $50. The best you can get is a Linksys WRT54GS v1.0, which has more memory as well as Speedbooster technology.
You then flash the firmware of the router using freely available, open-source firmware such as that made by Sveasoft. I enjoy the Sveasoft firmware, as it contains a wealth of features, is easy to setup, and has good documentation. I would suggest that you download the firmware from a free mirror rather than subscribe, as Sveasoft has been known to engage in predatory business practices that it is best not to support.
Once you install the Sveasoft firmware, you will gain a new "QoS" tab in the router's configuration that allows you to prioritize certain types of traffic, certain MAC addresses, the wireless connection, and based on Ethernet ports.
I setup the Sveasoft Alchemy pre-7a firmware on my Linksys WRT54GS on a 6600/768 cable connection I share with two geeky, gamer, bittorrent-loving roommates. Even when we're all fighting to achieve maximum upload and download speeds with bittorrent, web-browsing is fast and games have no lag. This solution dramatically outperformed my expectations, it cost less than $100, and took less than 15 minutes to setup.
Set up one machine with some sort of filesharing & VNC & big HDDs and make that everyone's central torrent location. Have it set with reasonable bandwith limitations & go from there.
Ideally, you could have a BT proxy that everyone would share but I know of no such projects.
my sig's at the bottom of the page.
L7 may work well for you.
It matches traffic by analyzing the packets, and you can then run various iptables rules against those matches.
All connections should share like this automatically. I see it as essential. And so did the TCP/IP people when they drafted v6.
,
Yes, you can play with htb.init or various scripts or even buy a ready made front end in your hardware router like my Asus WL500-G, or Linksys WRT range, or even checkout bandwidtharbitrator.com
but all these thing require your invervention, named to specify your up & down speeds accurately and in the right units. Not everyone can answer that.
Really it should be automatic - if we ping a site and it's way beyond what it should be then we have a problem. It's rare that we want latency in any event.
Worse still ports or IPs have to be prioritised so you have to find out what ports are involved - all should be balanced as required.
I feel there is a common setup that can catered for - the home user, one internet NAT box with various boxes behind it. Most people on here could benefit from something to help that setup.
Finally there's useability. I personally haven't found anything quite as good as Netlimiter on Windows ( netlimiter.com ) on that front.
A blog I run for the wealth
Thanks to everyone for the replies and advice. It was the article about the gaming router that caused me to post this question (there wasn't a huge discussion on other options besides that yet). Last night I stumbled across m0n0wall, it seems pretty full featured and clean to setup. I am a big FreeBSD and PHP fan, so I really appreciate the work that has went into it. I am going to be converting a Toshiba Magnia SG10 into the m0n0wall box, and use the bandwidth shaping tool in it (which uses dummynet). As far as those suggesting limits on the bittorrent traffic client side, we already do that. The problem is that we have some friends moving in upstairs from us, and we are giving them network access. Its much harder for me to run up there and throttle them if their working hard to increase their share ratios. Its hard enough with 3-4 computers sharing the connection, but 4-6 is going to be really difficult. Again, thanks a lot everyone.
Check out trickle. I've had mixed success with it, but it does sound like it is the sort of thing you're looking for.
http://monkey.org/~marius/pages/?page=trickle
The super-cheap wireless router from Linksys, the WRT54G (802.11g, 4 port switch, I've seen them for under $35 US) can do exactly this.
Throw on some custom firmware like Sveasoft's (There are opensource solutions too), and you can do real QoS on both the ethernet port, and TCP/IP port levels.
The linksys router is simply a super-cheap MIPS based Linux box running Busybox, with a wireless radio of course. So the routering/firewalling, and I assume QoS, is all done with iptables. You can configure iptables yourself of course, but by default you would want to configure the QoS via the web interface.
You could always move to Japan and get a hikari (FTTH) 100Mbps line....7 months free campaign with Tepco no less =).
Just, wow.
I hate sigs.
Thanks for the suggestions. The way that it is invoked before the application, e.g.
.conf file but not in the other man pages - perhaps it is in there but not documented. I'll check it out.
trickle -d xxx -u yyy command...
is exactly what I want, but on first look it seems that it can only do fixed bandwidth caps. There is some mention of priorities in the
If I was on the market now I'd probably buy an Asus WL-500g. Its basically the same hardware as a Linksys WRT54G, also running Linux which you are also able to add a custom firmware if you are so inclined. The Asus has a couple big advantages, namely:
- its expandable through a USB port. You can plug in disks, usb speakers, a printer
- the factory firmware is very smart. It includes support for the above mentioned expandability, ftp, samba, traffic shaping
Trickle gives alot of mixed results, sometimes I find it doesn't work at all, other times it works brilliantly. It's fairly clever how it works but will no work with statically linked files (doesn't think mean prelink is thrown out the door?)
1. Move your computer out of the house for a while.
2. ??? (dob all your housemates into the RIAA)
3. Profit
an RIAA raid might be a good way to get rid of the useless computer junk from your room too. I'm sure they'll take anything that looks like it might be part of a computer.