[TriLUG] Throttling SFTP bandwidth

Jon Carnes jonc at nc.rr.com
Mon Mar 7 11:41:39 EST 2005 

Christopher,

The "tc" commands are a bit intimidating when you first look at them,
but they are very handy to know. 

<perhaps this would make a good mini-clinic?>

You can easily limit the bandwidth using "tc" commands. Here is an
example for rate-limiting one host:
http://www.linuxforum.com/linux-advanced-routing/lartc.ratelimit.single.html

In your case I would try running something like this three line script
(directly on the RHEL server):
===

tc qdisc add dev eth0 root handle 1: cbq avpkt 1000 bandwidth 100mbit

tc class add dev eth0 parent 1: classid 1:1 cbq rate 300kbit allot 1500
prio 5 bounded isolated 

tc filter add dev eth0 parent 1: protocol ip prio 16 u32 match ip dst
195.96.96.97 flowid 1:1

===
In this example:
 eth0 is the primary network interface, connected to your local network
     (and it runs at 100mbit/sec)
 the rate-limit is set to 300kbit/sec
 the rate-limit only applies to any ip traffic with 195.96.96.97 as
     the destination (that is going out the eth0 NIC)

So change the IP address in the last line to the IP of your server that
you upload to, and modify the 300kb to whatever limit you want.

Run the script directly on the RHEL server and it will only affect that
server (or any machine that routes through it... :-)

Jon Carnes

On Mon, 2005-03-07 at 10:26, Christopher L Merrill wrote:
> When we upload a release (>150M) to our server, the machine from which
> the upload is initiated (RHEL clone) seems to hog all the bandwidth in
> the office and prevents other machines from accessing the internet.
> 
> Is there a relatively easy way to throttle the SFTP process to limit
> it's bandwidth consumption?  I know it's been discussed here before,
> but all the solutions I recall required some fairly involved IP tables
> work (and also had more complex requirements - such as throttling all
> internet protocols, etc).
> 
> Any ideas?
> 
> 
> 
> FYI, the computer in question is on a Netgear switch behind two Linksys
> routers - one provides our VPN and the other provides QOS for our IP
> phones (seems to be working since phones worked ok).
> 
> 
> -- 
> -------------------------------------------------------------------------
> Chris Merrill                  |  http://www.webperformanceinc.com
> Web Performance Inc.
> 
> Website Load Testing and Stress Testing Software
> -------------------------------------------------------------------------

More information about the TriLUG mailing list