个人简介
专注系统运维、网络架构,研究技术凯发app官方网站的解决方案,记录我的思想轨迹、工作学习、生活和关注的领域
文章分类
相关博文
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
分类: 系统运维
2013-08-08 18:18:59
需要对网关做流量控制,针对ip和网段做控制,也有结合iptables实现方式,可能也有针对内外网的服务器,规则明白了,都很容易。
可以查看这篇参考文章,讲的很详细,下面是我改写的shell脚本,非iptables方式:
-
#!/bin/bash
-
# set the following values to somewhat less than your actual download
-
# and uplink speed. in kilobits. also set the device that is to be shaped.
-
#ingoing traffic (gateway)
-
in=eth0
-
#what ip do you want to limit
-
inet="192.168.138."
-
ips="100"
-
ipe="254"
-
#total downlink
-
down="100mbit"
-
#ensure rate speed of downlink
-
downloadrate="100kbit"
-
#allow max rate speed of downlink
-
downloadceil="250kbit"
-
start(){
-
#clean eth1 eth0 existing down- and uplink qdiscs, hide errors
-
/sbin/tc qdisc del dev $in root 2>/dev/null
-
# install root htb of downlink and uplink
-
# main class
-
/sbin/tc qdisc add dev $in root handle 1: htb
-
/sbin/tc class add dev $in parent 1: classid 1:1 htb rate $down ceil $down
-
#simgle ip limit
-
/sbin/tc class add dev $in parent 1:1 classid 1:2 htb rate $downloadrate ceil $downloadrate
-
/sbin/tc qdisc add dev $in parent 1:2 sfq perturb 2
-
/sbin/tc filter add dev $in protocol ip parent 1: prio 49 u32 match ip dst 192.168.138.10 flowid 1:2
-
/sbin/tc filter add dev $in protocol ip parent 1: prio 49 u32 match ip dst 192.168.2.0/32 flowid 1:2
-
#net1 limit
-
for (( i=$ips; i<=$ipe; i=i1 ))
-
do
-
#####control downlink
-
/sbin/tc class add dev $in parent 1:1 classid 1:1$i htb rate $downloadrate ceil $downloadceil
-
/sbin/tc qdisc add dev $in parent 1:1$i sfq perturb 1$i
-
/sbin/tc filter add dev $in protocol ip parent 1: prio 50 u32 match ip dst $inet$i flowid 1:1$i
-
done
-
#net2 limit
-
#for (( i=$ips; i<=$ipe; i=i1 ))
-
#do
-
# #####control downlink
-
# /sbin/tc class add dev $in parent 1:1 classid 1:2$i htb rate $downloadrate ceil $downloadceil
-
# /sbin/tc qdisc add dev $in parent 1:2$i sfq perturb 2$i
-
# /sbin/tc filter add dev $in protocol ip parent 1: prio 50 u32 match ip dst $inet$i flowid 1:2$i
-
#done
-
#other traffic
-
/sbin/tc filter add dev $in protocol ip parent 1: prio 2 u32 match ip dst 0.0.0.0/32 flowid 1:1
-
}
-
stop(){
-
echo -n "(delete all qdisc......)"
-
(/sbin/tc qdisc del dev $in root 2>/dev/null && echo "ok.delete sucessfully!") || echo "error."
-
}
-
#show status
-
status() {
-
echo "1.show qdisc $in:----------------------------------------------"
-
/sbin/tc -s qdisc show dev $in
-
echo "2.show class $in:----------------------------------------------"
-
n1=`/sbin/tc class show dev $in | wc -l`
-
if [ $n1 == 0 ];then
-
echo "null, off limiting "
-
else
-
/sbin/tc -s class show dev $in
-
echo "it work"
-
fi
-
}
-
#show help
-
usage() {
-
echo "(usage): `basename $0` [start | stop | restart | status ]"
-
echo "help:"
-
echo "start -- tc flow control start"
-
echo "stop -- tc flow control stop"
-
echo "restart -- tc flow control restart"
-
echo "status -- tc show all tc qdisc and class"
-
}
-
case "$1" in
-
start)
-
( start && echo "flow control! tc started!" ) || echo "error."
-
exit 0
-
;;
-
-
stop)
-
( stop && echo "flow control tc stopped!" ) || echo "error."
-
exit 0
-
;;
-
restart)
-
stop
-
start
-
echo "flow control restart"
-
;;
-
status)
-
status
-
;;
-
-
*) usage
-
exit 1
-
;;
- esac
测试:
开启流量控制tc:
- # ./tc_last.sh start
-
# ifconfig eth0
-
eth0 link encap:ethernet hwaddr 00:0c:29:da:56:1c
-
inet addr:192.168.138.131 bcast:192.168.138.255 mask:255.255.255.0
-
up broadcast running multicast mtu:1500 metric:1
-
rx packets:1811422 errors:0 dropped:0 overruns:0 frame:0
-
tx packets:1083449 errors:0 dropped:0 overruns:0 carrier:0
-
collisions:0 txqueuelen:1000
-
rx bytes:943250761 (899.5 mib) tx bytes:87045802 (83.0 mib)
-
-
# wget http://ftp13.enet.com.cn:88/pub/multimedia/video/uvs9_trial_e_rtm.rar
-
--2013-08-08 17:44:01-- http://ftp13.enet.com.cn:88/pub/multimedia/video/uvs9_trial_e_rtm.rar
-
resolving ftp13.enet.com.cn... 122.224.6.16
-
connecting to ftp13.enet.com.cn|122.224.6.16|:88... connected.
-
http request sent, awaiting response... 200 ok
-
length: 180175741 (172m) [application/octet-stream]
- saving to: `uvs9_trial_e_rtm.rar.17
无限制ip:192.168.138.99
-
# ifconfig eth0
-
eth0 link encap:ethernet hwaddr 00:0c:29:88:ec:85
-
inet addr:192.168.138.99 bcast:192.168.138.255 mask:255.255.255.0
-
up broadcast running multicast mtu:1500 metric:1
-
rx packets:88578 errors:0 dropped:0 overruns:0 frame:0
-
tx packets:43771 errors:0 dropped:0 overruns:0 carrier:0
-
collisions:0 txqueuelen:1000
-
rx bytes:19401052 (18.5 mib) tx bytes:6876868 (6.5 mib)
-
-
# wget http://ftp13.enet.com.cn:88/pub/multimedia/video/uvs9_trial_e_rtm.rar
-
--2013-07-16 22:57:10-- http://ftp13.enet.com.cn:88/pub/multimedia/video/uvs9_trial_e_rtm.rar
-
resolving ftp13.enet.com.cn... 122.224.6.16
-
connecting to ftp13.enet.com.cn|122.224.6.16|:88... connected.
-
http request sent, awaiting response... 200 ok
-
length: 180175741 (172m) [application/octet-stream]
- saving to: `uvs9_trial_e_rtm.rar.2
效果还是很显著的,就是和设置的流量范围有偏差,有待继续研究!
给主人留下些什么吧!~~
2014-09-01 22:57:18
不能再多感谢!
|
2014-07-28 17:09:03
学习了
|