Slashdot Mirror
Ask Slashdot: Low Cost IP-based Traffic Shaping?
Deuteron
asks: "Hi! I work for an ISP and we're about to
deploy wireless net access and need a way to limit people
to the bandwidth they pay for. We're planning on starting
out with offering 128k, 256k, and 1M links. The wireless
hardware itself
(Breezecom if you're
interested) will handle the 1M part for us. The tricky
part is the lower speeds. I've done some extensive checking
and haven't found any IP or MAC address based shapers as
of yet. Can anyone point me to some free or extremely low
cost solutions? Any leads would be greatly appreciated!"
See the traffic shaper pseudo device support in Linux-2.2.x. According to it's documentation it can shape from about 9600 to 256kb per pseudo-device. Documentation lives at:t xt
/usr/src/linux/Documentation/networking/shaper.
You might also want to look into the Linux Firewalling code if you're going to use it for traffic shaping as well. See:
filter and ipmasq.txt in the same directory.
Cheers!
J. Maynard Gelinas
Check out the IPChains HOWTO. You can implement TOS scheduling in your chain.
The previous poster suggests that you only throttle when bandwidth contention is an issue, suggesting that it will build goodwill.
I would suggest the opposite. You will certainly have a surplus of bandwidth when you roll out your service. If you open things up wide to everyone then you will probably have some very happy customers for a few months, and they will doubtless tell their friends. Soon you will have a growing customer base of people who are coming to expect more than they pay for. Then you have to start throttling down bandwidth. People are now getting less than they were getting before. Even if they are getting what they paid for, a lot of people are going to feel like they are getting shortchanged and they will start complaining vocally.
Maybe this isn't such a bad thing though. If you build a subscriber base quickly on word of mouth because you are giving away spare bandwith then you might be better off than if you build the subscriber base more slowly, or you have to advertise to build it quickly. It depends on how much the malcontents cost you once you have to start throttling connections, vs the costs of slower growth, or the costs of advertising. Unfortunately, the cost of the former is hard to predict.
As for dealing with the daily peaks of bandwidth utilization, again, I think people will tend to react better to consistant performance throughout the day or week, rather than wide fluctuations. On the other hand, if it is possible to allow maximal thruput on short (10-40k) spurts and throttle it down on longer downloas, then it becomes more difficult for people to quantify and less likely to engender ill will.
This sounds like an exploratory question for someone who hasn't yet come up with a business plan. Are you truly expecting to provide a huge amount of bandwidth to thousands of customers and then try to use a free linux program to enforce your ToS? I'd love to see you succeed with this, because the latest Linux kernels have some traffic shaping in them, and you could help out the coders with a real world test bed.
:-(
Why then aren't you taking advantage of Breezecom's built in Maximum Information Rate Class of Service? Do they charge too much for the management software? Have you even talked with their account reps? Their whole business is aimed at ISPs trying to do exactly this same thing. Breezecom modems emulate a serial connection, but their cheaper LAN products emulate an ethernet link. Their modems have a built in rate limiter, their LAN replacement is only aimed at office environments and not ISPs. It sounds like you have chosen the cheapest products, and are now trying to add something for nothing.
To properly implement a per user CoS, you must assign a static IP address to each end station, and possibly lock it down to a MAC address. Then you can set up a traffic shaper for each customer with little hassle. Easiest way to do is have different customers in different subnets, so all the 128k people are on one subnet, 512k on another. Rule writing is easiest that way. If you try to do CoS on systems dynamically grabbing an IP address (DHCP or equiv), you will spend all your time writing custom code to match addresses to customers to ToS to shaper rules and so on. Avoid it.
The best solution for packet shaping is Packeteer, who make a great box with a fairly good interface. The cost isn't that high compared with how much you will spend trying to implement the same thing with free software. Just buy one of their boxes and throw it in line with your ISP, then configure it a little and you can mostly forget it.
The next solution is Cisco, who have a bunch of different options built into their IOS for crude packet shaping. Presumably at some point you will have to buy a big Cisco router, probably when you get more than 50-100 customers. Since you are an ISP, what routers are you using now?
The cheap but limited solution is the latest linux kernel with IP Chains and Class Based Queueing. It should scale to handle a few subnets, each having its own CoS, but may not do 512k or higher. Crude, but should keep your bean counters happy until you have enough paying customers to afford something to cover a bigger user base.
Also check out NetBSD shaping, since I haven't yet.
No matter what you do, always enforce your bandwidth policy from the beginning, because you will lose all of your original customers later when you start to enfore the policy. Never give customers free bandwidth even if it is available, you are asking for a customer relations headache down the road if you do. Poor customer relations is the main reason small ISPs go out of business. This is the voice of experience learned the hard way
Remember, packet shaping is a one way process, if you want to limit the connection from the user back towards the internet, you have to install something at the customer end, either a small box or software on their machines. A nightmare you probably shouldn't touch.
Good luck, and tell us what solution you end up with and how it works. We geeks are a curious bunch.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
Check out NistNet. It should do everything you are looking for.
http://osi.ncsl.nist.gov/itg/nistnet/
Wayne Walker Unix/Linux Advocate, SysAdmin, MUD addict in remission