Linux Traffic Accounting and Shaping Howto M. S. Muradoglu [email protected] November 8, 2009 Abstract Recently, I have been asked by numerous people if it is possible to implement a traffic quota and shaping system at home. It seems we all know of or have had direct experiences with bandwidth hogs who use up all the monthly bandwidth downloading their favourite Anime, leaving the rest of us with shaped internet. This howto aims to provide a set of instructions and tools to deploy a standalone Linux based Traffic accounting and Shaping system. Overview In this howto a regulating network device is devised, which we shall call a Shaping Bridge (SB), that transparently interconnects two physical networks. An example network is given in Fig. 1, which reflects a typical home network setup using the SB. To clarify, we define the Local Area Network (LAN) as any device that is not directly connected to the broadband router. The example network shown in Fig. 1 is relatively simple and will be used throughout the howto. The SB connects the LAN and GN by means of layer 2 bridging. Since the inter-connectivity of the LAN and GN occurs at the second layer of the OSI model, it is not necessary to make any modifications to the IP addressing scheme in use. The SB will record the amounts of data being transmitted from its local Figure 1: Typical home network with the Shaping Bridge 1 interface (eth0) to individual users in the LAN. The recorded data will reflect the downloaded amount for each user. If the user exceeds his download quota for the month, the SB will implement a QoS filter to limit the transmission rate on the local interface (eth0) to that user. Step 1: Install and Setup Base Linux The first step is to get a basic Linux system running that is preferably not bloated with services that are not needed (a GUI is not necessary). I recommend using Ubuntu Server Edition. At this point it is also worth identifying your network interface connections, jot down which interfaces are connected where, e.g. eth0=LAN and eth1=GN. If you are concerned with power consumption you might want to consider purchasing an Intel Atom or similar platform. I have found the Intel Atom works really well for this purpose and consumes very little power. Once you have installed a base Linux, you will need to ensure you have Python, the Bridging tools, sendmail, ebtables and lighttpd (or your choice of webserver). Python comes standard with Ubuntu Server, so you only need to install the bridging tools, sendmail, ebtables and lighttpd: apt-get install bridge-utils ebtables lighttpd sendmail Once you have installed the bridging tools you will need to setup your network interfaces so that they automatically bridge when you start Ubuntu. This is done by editing /etc/network/interfaces : auto br0 iface br0 inet static address 192.168.1.100 network 192.168.1.0 netmask 255.255.255.0 broadcast 192.168.1.255 gateway 192.168.1.1 bridge_ports eth0 eth1 You need to restart networking to enable the bridge interface: sudo /etc/init.d/networking restart You should now test to see if the bridge is working. Try pinging the broadband router from one of the user computers. 2 Step 2: Install ZOIDtraf The installation of ZOIDtraf involves the following automated steps: (i) Copy files to appropriate places in /usr/local; (ii) Add startzoid.py script to /etc/rc.local; (iii) Make the appropriate crontab entries for checktraf.py. Download ZOIDtraf from http://www.sece.rmit.edu.au/~s3079181/zoidtraf-latest.tar.gz Untar and execute install.sh. Once this is complete you may reboot and confirm that ZOID has been installed by checking the QoS classes: tc class show dev eth0 : class htb 2:100 parent 2:6 leaf 8001: prio 0 rate 6500Kbit ceil 700... class htb 2:200 parent 2:6 leaf 8002: prio 0 rate 250000bit ceil 30 ... class htb 2:6 root rate 7000Kbit ceil 7000Kbit burst 1598b cburst 15... Don’t worry if these do not reflect your settings, these are the default settings that come in the ZOIDtraf configuration file. Step 3: Configure ZOIDtraf The ZOIDtraf configuration file (/usr/local/etc/zoid.conf) contains the following global configuration parameters located under [Global]: • shapedrate: This is the rate that shaped users will get. For example, 250Kbit. • shapedceil: This parameter defines the bandwidth ceiling of a shaped user. For example, 300Kbit. The ceiling only applies if there is broadband bandwidth ’left over’. If the broadband connection is busy at 100%, the rate defined in shapedrate will be used. You can think of shapedceil as the maximum speed a shaped user will get when the internet connection is not busy. • unshapedrate: This is the speed that non-shaped users will get. It is a good idea to set this limit to a value slightly lower than your internet connection speed to guarantee some bandwidth for shaped users. For example, 6.5Mbit. • unshapedceil: This parameter is similar to shapedceil, except it applies to non-shaped users. Set this to your maximum internet connection speed. For example, 7Mbit. • mainrate: Internet connection speed, e.g. 7Mbit. 3 • shapedinterface: Set to the interface connecting to the LAN, in our example it is eth0. Now you are ready to setup the user accounts. Here is an example configuration for a user with two MAC addresses: [user] no_macs = 2 mac2 = 00:25:00:39:3F:FF mac2desc = HP Laptop Wireless mac1desc = My Desktop mac1 = 00:1D:7D:0B:33:18 shaped = no used-quota =0 max-quota = 30000000 email = [email protected] name = User Name goes here • no macs: The number of MAC addresses attached to this account. Integer value. • mac$: MAC address $ • mac$desc: MAC address $ description • shaped: Boolean value (yes or no). For new accounts set this to no, obviously. • max-quota: Download limit for this entire account, 30000000 = 30Gbytes. Note that this is the cumulative limit across all MACs for this user. • email: Users email address. ZOIDtraf will send an email when he is at 80% of his limit and when he has been shaped. • name: Users name. Once you have adjusted your configuration appropriately, you can simply restart the PC or run startzoid.py to refresh the configuration. Step 4: Checking usage ZOIDtraf will automatically shape and generate traffic reports every 10 minutes (you can change this from /etc/crontab). Users can check their usage by pointing their browser to: http://192.168.1.100/ 4
© Copyright 2025 Paperzz