Setup guide
Point-to-Point Traffic Control Examples
Summary
This section will give you two examples of tupical peer-to-peer traffic control configurations.
Cumulative Bandwith Limiting
Consider the following example:
Suppose we need to drop all the P2P traffic coming from the Internet, but allow the use of WinMX
client between two offices limiting it to 284 Kbps in both directions. You need to do the following:
• Allow WinMX client to be used between two offices
[admin@Wandy] ip firewall rule forward> add p2p=winmx action=accept
src-address=10.0.0.0/24 dst-address=10.0.1.0/24
[admin@Wandy] ip firewall rule forward> add p2p=winmx action=accept
dst-address=10.0.0.0/24 src-address=10.0.1.0/24
• Drop all other P2P traffic
[admin@Wandy] ip firewall rule forward> add p2p=all-p2p action=drop
• Limit the traffic to 284 Kbps
[admin@Wandy] queue simple> add dst-address=10.0.1.0/24 max-limit=290816/290816
Per Address Queuing
Suppose we want to limit each P2P user to a given amount of Kbps. This can be done on a
per-address basis.
We should define custom queue type kind=pcq to accomplish the task. Each user upload and
download rates would be limited to the pcq-rate value in the relevant queue.
• First we need to mark the P2P traffic:
[admin@Wandy] ip firewall mangle> add src-address=10.0.0.0/24 flow=p2p-out \
\... p2p=all-p2p action=passthrough
[admin@Wandy] ip firewall mangle> add dst-address=10.0.0.0/24 flow=p2p-in \
\... p2p=all-p2p action=passthrough
[admin@Wandy] ip firewall mangle>
• Then create custom queue type with kind=pcq:
[admin@Wandy] queue type> add name="p2p-out" kind=pcq \
\... pcq-rate=65536 pcq-classifier=src-address
[admin@Wandy] queue type> add name="p2p-in" kind=pcq pcq-rate=65536 \
\... pcq-classifier=dst-address
[admin@Wandy] queue type>
• Finally, add two queues to the queue tree:
[admin@Wandy] queue tree> add name="p2p-in" \
\... parent=global-in flow=p2p-in queue=p2p-in
[admin@Wandy] queue tree> add name="p2p-out" \
\... parent=global-out flow=p2p-out queue=p2p-out
[admin@Wandy] queue tree>
VRRP