[clug] Set TCP window size for specific incoming protocols?
Damien Elmes
clug at repose.cx
Tue Sep 16 19:40:57 EST 2003
Michael Still <mikal at stillhq.com> writes:
> Hey folk,
>
> I have a firewall with a slow connection. I would like to limit the rate
> at which incoming packets for FTP hit the ISP side of my firewall. Because
> these packets are coming from the ISP, it strikes me that what I really
> want to do is set a relatively small size for the TCP window for these
> connections.
>
> Does anyone have pointers on how to do this? I've had a look with google,
> and can see anything relevant, and the iptables man page (which is
> probably the wrong tool) doesn't seem to have anything either.
>
> Any pointers greatly appreciated.
I've no experience with varying the window size directly to achieve
throttling, but have used the linux QoS tools before:
tc qdisc add dev $DEV handle ffff: ingress
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :2
you can use 'sport' to match on the ftp data port.
As far as I know, this just throws away packets when the incoming rate
is too high, resulting in your ISP having to resend packets, which
slows down the stream in the process.
Cheers,
--
Damien Elmes
More information about the linux
mailing list