[87068] in North American Network Operators' Group
Re: QoS for ADSL customers
daemon@ATHENA.MIT.EDU (Kim Onnel)
Thu Dec 1 08:12:40 2005
Date: Thu, 1 Dec 2005 15:12:10 +0200
From: Kim Onnel <karim.adel@gmail.com>
To: Ejay Hire <ejay.hire@isdn.net>
Cc: NANGO <nanog@merit.edu>
In-Reply-To: <auto-000034163243@rex2.isdn.net>
Errors-To: owner-nanog@merit.edu
------=_Part_14908_10828137.1133442730928
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Our ADSL customers traffic is 3 OC3 worth of traffic, I dont think our
management would buy the idea.
thanks
On 12/1/05, Ejay Hire <ejay.hire@isdn.net> wrote:
>
> Hello.
>
> Going back to your original question, how to keep from
> saturating the network with residential users using
> bittorrent/edonkey et al, while suffocating business
> customers. Here goes.
>
> Netfilter/IpTables (and a slew of commercial products I'm
> sure) has a Layer 7 traffic classifier, meaning it can
> identify specific file transfer applications and set a
> DiffServ bit. This means it can tell between a real http
> request and a edonkey transfer, even if they are both using
> http. It also has rate-limiting capability. So... If you
> pass all of the traffic destined for your DSL customers
> through an iptables box (single point of failure) then you
> can classify and rate-limit the downstream rate on a
> per-application basis.
>
> Fwiw, if you are using diffserv bits, you could push the
> rate-limits down to the router with a qos policy in it
> instead of doing it all in the iptables box.
>
> References on this.. The netfilter website (for
> classification info) and the Linux advanced router tools
> (LART) (qos info/rate limiting)
>
> -e
>
>
> > -----Original Message-----
> > From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]
> On
> > Behalf Of Kim Onnel
> > Sent: Thursday, December 01, 2005 3:26 AM
> > To: NANGO
> > Subject: Re: QoS for ADSL customers
> >
> > Can any one please suggest to me any commercial or none
> > solution to cap the download stream traffic, our upstream
> > will not recieve marked traffic from us, so what can be
> done ?
> >
> >
> > On 11/29/05, Kim Onnel <karim.adel@gmail.com> wrote:
> >
> > Hello everyone,
> >
> > We have Juniper ERX as BRAS for ADSL, its GigE
> > interface is on an old Cisco 3508 switch with an old IOS,
> its
> > gateway to the internet is a 7609, our transit internet
> links
> > terminate on GigaE, Flexwan on the 7600
> >
> > The links are now almost always fully utilized, we
> want
> > to do some QoS to cap our ADSL downstream, to give room
> for
> > the Corp. customers traffic to flow without pain.
> >
> > I'm here to collect ideas, comments, advises and
> > experiences for such situations.
> >
> > Our humble approach was to collect some p2p ports
> and
> > police traffic to these ports, but the traffic wasnt much,
>
> > one other thing is rate-limiting per ADSL customers IPs,
> but
> > that wasnt supported by management, so we thought of
> matching
> > ADSL www traffic and doing exceed action is transmit, and
> > police other IP traffic.
> >
> > Doing so on the ERX wasnt a nice experience, so
> we're
> > trying to do it on the cisco.
> >
> > Thanks
> >
> >
> >
>
>
------=_Part_14908_10828137.1133442730928
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Our ADSL customers traffic is 3 OC3 worth of traffic, I dont think our mana=
gement would buy the idea.<br>
<br>
thanks<br><br><div><span class=3D"gmail_quote">On 12/1/05, <b class=3D"gmai=
l_sendername">Ejay Hire</b> <<a href=3D"mailto:ejay.hire@isdn.net">ejay.=
hire@isdn.net</a>> wrote:</span><blockquote class=3D"gmail_quote" style=
=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; p=
adding-left: 1ex;">
Hello.<br><br>Going back to your original question, how to keep from<br>sat=
urating the network with residential users using<br>bittorrent/edonkey et a=
l, while suffocating business<br>customers. Here goes.<br><br>Ne=
tfilter/IpTables (and a slew of commercial products I'm
<br>sure) has a Layer 7 traffic classifier, meaning it can<br>identify spec=
ific file transfer applications and set a<br>DiffServ bit. This =
means it can tell between a real http<br>request and a edonkey transfer, ev=
en if they are both using
<br>http. It also has rate-limiting capability. So...=
If you<br>pass all of the traffic destined for your DSL customers<br>throu=
gh an iptables box (single point of failure) then you<br>can classify and r=
ate-limit the downstream rate on a
<br>per-application basis.<br><br>Fwiw, if you are using diffserv bits, you=
could push the<br>rate-limits down to the router with a qos policy in it<b=
r>instead of doing it all in the iptables box.<br><br>References on this..&=
nbsp; The netfilter website (for
<br>classification info) and the Linux advanced router tools<br>(LART) (qos=
info/rate limiting)<br><br>-e<br><br><br>> -----Original Message-----<b=
r>> From: <a href=3D"mailto:owner-nanog@merit.edu">owner-nanog@merit.edu
</a> [mailto:<a href=3D"mailto:owner-nanog@merit.edu">owner-nanog@merit.edu=
</a>]<br>On<br>> Behalf Of Kim Onnel<br>> Sent: Thursday, December 01=
, 2005 3:26 AM<br>> To: NANGO<br>> Subject: Re: QoS for ADSL customer=
s
<br>><br>> Can any one please suggest to me any commercial or none<br=
>> solution to cap the download stream traffic, our upstream<br>> wil=
l not recieve marked traffic from us, so what can be<br>done ?<br>><br>
><br>> On 11/29/05, Kim Onnel <<a href=3D"mailto:karim.adel@gmail.=
com">karim.adel@gmail.com</a>> wrote:<br>><br>> &=
nbsp; Hello everyone,<br>><br>> &n=
bsp; We have Juniper ERX as BRAS for ADSL, its GigE<br>
> interface is on an old Cisco 3508 switch with an old IOS,<br>its<br>&g=
t; gateway to the internet is a 7609, our transit internet<br>links<br>>=
terminate on GigaE, Flexwan on the 7600<br>><br>> &=
nbsp; The links are now almost always fully utilized, we
<br>want<br>> to do some QoS to cap our ADSL downstream, to give room<br=
>for<br>> the Corp. customers traffic to flow without pain.<br>><br>&=
gt; I'm here to collect ideas, comments=
, advises and<br>> experiences for such situations.
<br>><br>> Our humble approach wa=
s to collect some p2p ports<br>and<br>> police traffic to these ports, b=
ut the traffic wasnt much,<br><br>> one other thing is rate-limiting per=
ADSL customers IPs,<br>but
<br>> that wasnt supported by management, so we thought of<br>matching<b=
r>> ADSL www traffic and doing exceed action is transmit, and<br>> po=
lice other IP traffic.<br>><br>> =
Doing so on the ERX wasnt a nice experience, so
<br>we're<br>> trying to do it on the cisco.<br>><br>> =
Thanks<br>><br>><br>><br><br></blockquote=
></div><br>
------=_Part_14908_10828137.1133442730928--
