Limiting Bandwidth

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
tameanaka
DD-WRT Novice


Joined: 12 Mar 2011
Posts: 6

PostPosted: Mon Jan 23, 2012 22:14    Post subject: Limiting Bandwidth Reply with quote
How can I use QoS to limit the bandwidth of a device? My connection on average according to speedtest is roughly 22Mbps down and 3.5Mbps Up. What settings should I use if I constantly want to limit a device to say 10Mbps and 1Mbps? Is that possible. I tried reading the wiki and searching, but the way I interpret it is that it only prioritizes...
Sponsor
tameanaka
DD-WRT Novice


Joined: 12 Mar 2011
Posts: 6

PostPosted: Fri Jan 27, 2012 3:14    Post subject: Reply with quote
guess it's not possible then?
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Fri Jan 27, 2012 20:37    Post subject: Reply with quote
You can't do that with DD-WRT. You can set a max rate for a wired client, but not wireless. And you can only set the max port speed, not separate up & down speeds.

You might try Tomato, if it supports your router, and you don't need wireless repeater, which it can't do. It can limit up & down speeds for each client, and seems to do a better job of giving everyone some bandwidth under heavy load.
met_net
DD-WRT Novice


Joined: 18 Oct 2011
Posts: 12

PostPosted: Sat Jan 28, 2012 1:53    Post subject: Reply with quote
Your statement that the maximum rate for a wireless client cannot be set in DD-WRT is incorrect. Maybe it cannot be done using the GUI (I don't know either way), but it is definitely possible using iptables. In fact, client specific bandwidth limitation is part of my firewall script.

Here's a simple example pasted as a snippet from my firewall script. 80% of my download and upload are 18000/3200 respectively. The router handles two wireless networks 192.168.1.0/24 (br0) and 192.168.2.0/24 (br1).

One particular wireless client on br0 (192.168.1.5) is restricted to 150 kbit down/up, and the entire 192.168.2.0/24 network is restricted to 1536 kbit down and 256 kbit up. BTW, the limits 192.168.1.5 and 192.168.2.0/24 have been tested and work exactly as desired

Code:
# br0 and download limit on 192.168.1.5
tc qdisc del dev br0 root
tc qdisc add dev br0 root handle 1: htb
tc class add dev br0 parent 1: classid 1:1 htb rate 18000kbit
tc class add dev br0 parent 1:1 classid 1:10 htb rate 150kbit ceil 150kbit prio 0
tc qdisc add dev br0 parent 1:10 handle 10: sfq perturb 10
tc filter add dev br0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
iptables -t mangle -A POSTROUTING -d 192.168.1.5 -j MARK --set-mark 10
#
# br1 and download limit on 192.168.2.0/24
tc qdisc del dev br1 root
tc qdisc add dev br1 root handle 2: htb
tc class add dev br1 parent 2:1 classid 2:15 htb rate 1536kbit ceil 1536kbit prio 1
tc qdisc add dev br1 parent 2:15 handle 15: sfq perturb 10
tc filter add dev br1 parent 2:0 prio 1 protocol ip handle 15 fw flowid 2:15
iptables -t mangle -A POSTROUTING -d 192.168.2.0/24 -j MARK --set-mark 15
#
# upload limits
ip link set imq0 up
tc qdisc del dev imq0 root
tc qdisc add dev imq0 root handle 1: htb
tc class add dev imq0 parent 1: classid 1:1 htb rate 3200kbit
tc class add dev imq0 parent 1:1 classid 1:10 htb rate 150kbit ceil 150kbit prio 0
tc class add dev imq0 parent 1:1 classid 1:15 htb rate 256kbit ceil 256kbit prio 2
tc qdisc add dev imq0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev imq0 parent 1:15 handle 15: sfq perturb 10
tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev imq0 parent 1:0 prio 2 protocol ip handle 15 fw flowid 1:15
iptables -t mangle -A PREROUTING -s 192.168.1.5 -j MARK --set-mark 10
iptables -t mangle -A PREROUTING -s 192.168.2.0/24 -j MARK --set-mark 15
iptables -t mangle -A PREROUTING -j IMQ --todev 0


So while I have no idea whether this is possible via the GUI, I am 100% certain that client-specific limits can be configured via iptables.

Cheers,
Uncle Dan

P.S. Original poster - if you describe what you want in more detail, I'm sure someone here will be able to help you write a suitable fw script. Personally, I don't use the gui for QoS because I find iptables scripting to be more flexible/powerful ....

backwoodsman wrote:
You can't do that with DD-WRT. You can set a max rate for a wired client, but not wireless. And you can only set the max port speed, not separate up & down speeds.

You might try Tomato, if it supports your router, and you don't need wireless repeater, which it can't do. It can limit up & down speeds for each client, and seems to do a better job of giving everyone some bandwidth under heavy load.
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Sat Jan 28, 2012 4:21    Post subject: Reply with quote
met_net wrote:
Your statement that the maximum rate for a wireless client cannot be set in DD-WRT is incorrect. Maybe it cannot be done using the GUI

OK, it can be done, but not with the GUI. I don't think most users want to do iptables.
flounder
DD-WRT Novice


Joined: 08 Apr 2012
Posts: 2

PostPosted: Sun Apr 08, 2012 17:45    Post subject: Reply with quote
If I have clients that connect wirelessly to the router, and I want to limit everyone's download/upload, do I still use br0 and imq0 interface, or do I set both on imq0? What about ath0, since everyone is wireless? (I really have no idea how to use IP tables. I use the GUI and then beyond that I'm lost.)

I know this is a bit of a necro, but this is literally the only good post on this topic I have ever come across.
padams
DD-WRT Novice


Joined: 27 Aug 2008
Posts: 3

PostPosted: Thu Apr 19, 2012 16:21    Post subject: Reply with quote
met_net - thanks for posting this.

Are the descriptions backwards? For example - the FAQ on DD-WRT QoS says the imq0 interface is used to control downloads, and br0 (LAN&WLAN bridge) is used to control uploads, (if you use that interface for QoS instead of the WAN interface).

I'm learning and trying to understand what line of code is doing what...


UPDATE - I tried the script. It works exactly as stated. Cool


Thanks

Paul Adams
RobWheeler
DD-WRT Novice


Joined: 27 Apr 2012
Posts: 2

PostPosted: Fri Apr 27, 2012 22:49    Post subject: Reply with quote
Download worked great, but upload didn't do anything.

dd-wrt.v24-18946_NEWD-2_K2.6_mini_RT-N66U.trx

Can anyone point me in the direction of any info on imq0 and pre-routing that explains exactly how this works?

Also, can you limit using MAC address rather than ip?

Thanks.

(Used Linux a lot a few years ago but a bit rusty now!)

Rob.
slobodan
DD-WRT Guru


Joined: 03 Nov 2011
Posts: 1555
Location: Zwolle

PostPosted: Sat Apr 28, 2012 14:14    Post subject: Reply with quote
RobWheeler wrote:
Also, can you limit using MAC address rather than ip?

I don't know, but if you use static leases, an IP strictly corresponds to a MAC address.

_________________
2 times APU2 Opnsense 21.1 with Sensei

2 times RT-AC56U running DD-WRT 45493 (one as Gateway, the other as AP, both bridged with LAN cable)

3 times Asus RT-N16 shelved

E4200 V1 running freshtomato 2020.8 (bridged with LAN cable)

3 times Linksys WRT610N V2 converted to E3000 and 1 original E3000 running freshtomato 2020.8 (bridged with LAN cable)


met_net
DD-WRT Novice


Joined: 18 Oct 2011
Posts: 12

PostPosted: Sat Jun 09, 2012 21:48    Post subject: Reply with quote
The approach suggested by slobodan is what I use as well: IP based restrictions along with static leases.

My memory is rusty, but I think that MAC addresses can't be used with the MANGLE table.

There is off course the concern that someone connected to your router will circumvent bandwidth restrictions by changing their IP address. There is a way to handle this. I think you can drop packets from an IP address if it doesn't have a specific MAC address (something like "-m mac ! --mac-address").

At least, many years ago, when I used a Linux PC as a wireless router, I know I had done so .... that was with kernel 2.4.

slobodan wrote:
RobWheeler wrote:
Also, can you limit using MAC address rather than ip?

I don't know, but if you use static leases, an IP strictly corresponds to a MAC address.
DarkPrince
DD-WRT Novice


Joined: 30 Jul 2012
Posts: 1

PostPosted: Tue Jul 31, 2012 19:01    Post subject: Different Users Reply with quote
Just wondering if I would like to apply the download limit to more than one ip, how would I change the code so I won't overwrite it?

Many Thanks
ugi93
DD-WRT Novice


Joined: 29 Dec 2015
Posts: 8
Location: Serbia

PostPosted: Fri Apr 08, 2016 10:42    Post subject: Reply with quote
met_net wrote:

Code:
# br0 and download limit on 192.168.1.5
tc qdisc del dev br0 root
tc qdisc add dev br0 root handle 1: htb
tc class add dev br0 parent 1: classid 1:1 htb rate 18000kbit
tc class add dev br0 parent 1:1 classid 1:10 htb rate 150kbit ceil 150kbit prio 0
tc qdisc add dev br0 parent 1:10 handle 10: sfq perturb 10
tc filter add dev br0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
iptables -t mangle -A POSTROUTING -d 192.168.1.5 -j MARK --set-mark 10
#
# br1 and download limit on 192.168.2.0/24
tc qdisc del dev br1 root
tc qdisc add dev br1 root handle 2: htb
tc class add dev br1 parent 2:1 classid 2:15 htb rate 1536kbit ceil 1536kbit prio 1
tc qdisc add dev br1 parent 2:15 handle 15: sfq perturb 10
tc filter add dev br1 parent 2:0 prio 1 protocol ip handle 15 fw flowid 2:15
iptables -t mangle -A POSTROUTING -d 192.168.2.0/24 -j MARK --set-mark 15
#
# upload limits
ip link set imq0 up
tc qdisc del dev imq0 root
tc qdisc add dev imq0 root handle 1: htb
tc class add dev imq0 parent 1: classid 1:1 htb rate 3200kbit
tc class add dev imq0 parent 1:1 classid 1:10 htb rate 150kbit ceil 150kbit prio 0
tc class add dev imq0 parent 1:1 classid 1:15 htb rate 256kbit ceil 256kbit prio 2
tc qdisc add dev imq0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev imq0 parent 1:15 handle 15: sfq perturb 10
tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev imq0 parent 1:0 prio 2 protocol ip handle 15 fw flowid 1:15
iptables -t mangle -A PREROUTING -s 192.168.1.5 -j MARK --set-mark 10
iptables -t mangle -A PREROUTING -s 192.168.2.0/24 -j MARK --set-mark 15
iptables -t mangle -A PREROUTING -j IMQ --todev 0



Hello @met_net, thanks million times! The script works great, I've tried it on build 25648, but it only does the limit on the download bandwidth, but something seems to be wrong with the upload part, it doesn't do anything. Upload speed stays the same after applying the limit. Any ideas?
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum