Tag Archives: linux

Limit bandwidth for a service

Posted by on May 14, 2012 No comments

To test a performance of multiple parallel file downloads, I had to make sure that a download takes significant amount of time. I could use huge files but that’s not very helpful if you work on a local, 1Gb LAN. So I’ve decided to limit download speeds from my Apache server to my PC. Here we go.

1. Mark packages to be throttled, in my case those originating from port 80

$ iptables -A OUTPUT -p tcp --sport 80 -j MARK --set-mark 100

2. Use tc utility to limit traffic for the packages marked as above (handle 100):

$ tc qdisc add dev eth0 root handle 1:0 htb default 10
$ tc class add dev eth0 parent 1:0 classid 1:10 htb rate 1024kbps ceil 2048kbps prio 0
$ tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 100 fw flowid 1:10

3. That’s it, you can monitor/check your rules with:

$ tc filter show dev eth0
$ tc -s -d class show dev eth0

and finally remove the throttling with:

$ tc qdisc del dev eth0 root
$ iptables -D OUTPUT -p tcp --sport 80 -j MARK --set-mark 100

scubed howto

Posted by on September 4, 2010 2 comments

0. http://cube.dyndns.org/~rsnel/scubed/  (scubed_http)
1. svn checkout http://cube.dyndns.org/svn/scubed/trunk scubed; # get scubed
2. make, su, make install, scubed -V
3. there’s a README file, in the scubed/ directory and on the web-site. basically all is written there  (scubed_readme)
4. it will be a file used, for demonstration purpose. but a real life target is a block device, representing a disk partition. swap this doc’s /dev/loop0 with the name of the real block dev, e.g. /dev/sda9
5. dd if=/dev/urandom of=store bs=1M count=250; # this will create the file “./store” with the size of 250MB
6. losetup /dev/loop0 store;
7. cryptsetup -y create scubed1 /dev/loop0; # this only “creates a mapping with <name> backed by device <device> [man cryptsetup]“. this *does *not encrypt anything, neither resize, it’s no destruction
8. cryptsetup -y create scubed2 /dev/loop0; # the 2nd mapping and the partition (in future) to show how to handle multiple scubed partition
9. scubed /dev/mapper/scubed?; #or: scubed /dev/mapper/scubed1 /dev/mapper/scubed1; #this will show:

root@darkstar:/home/iv# scubed /dev/mapper/scubed1 /dev/mapper/scubed2;
blocksize is 2097664 bytes, overhead is 512 bytes
0000 blocks in /dev/mapper/scubed1 (index 0)
0000 blocks in /dev/mapper/scubed2 (index 1)
0124 blocks unclaimed
0124 blocks total

#notice 0000 blocks, and (index 0)
10. scubed -r 0,25 /dev/mapper/scubed? #this will allocate space, in other words, create the 25MB scubed partition. ABSOLUTELY required to list ALL scubed partitions here (see that ‘?’)

11. scubed /dev/mapper/scubed1 /dev/mapper/scubed2;
root@darkstar:/home/iv# scubed /dev/mapper/scubed1 /dev/mapper/scubed2;
blocksize is 2097664 bytes, overhead is 512 bytes
0025 blocks in /dev/mapper/scubed1 (index 0)
0000 blocks in /dev/mapper/scubed2 (index 1)
0099 blocks unclaimed
0124 blocks total

12. scubed -r 1,25 /dev/mapper/scubed?  #the same for scubed2. 1,25 means “partition with index 1, allocate 25 blocks”
13. scubed /dev/mapper/scubed1 /dev/mapper/scubed2;

root@darkstar:/home/iv# scubed /dev/mapper/scubed1 /dev/mapper/scubed2;
blocksize is 2097664 bytes, overhead is 512 bytes
0025 blocks in /dev/mapper/scubed1 (index 0)
0025 blocks in /dev/mapper/scubed2 (index 1)
0074 blocks unclaimed
0124 blocks total

# there are 0074 blocks free, if it’s a real world, huge waste of disk space
14. scubed -M scubed1.linear /dev/mapper/scubed1  # this “sets up a device mapper table though which the kernel (and filesystems) can access the blocks belonging to /dev/mapper/scubed1 in a normal order” [scubed_readme].
15. cryptsetup -y –cipher serpent-cbc-essiv:sha256 –key-size 256 luksFormat /dev/mapper/scubed1.linear
16. cryptsetup luksOpen /dev/mapper/scubed1.linear scubed1.encrypted
17. mkfs.ext4 /dev/mapper/scubed1.encrypted
18. mount /dev/mapper/scubed1.encrypted ./rmme; cp *.java rmme; umount rmme
19. cryptsetup luksClose /dev/mapper/scubed1.encrypted
20. dmsetup remove scubed1.linear     #scubed itself seems not to have any mechanisms to remove mappings
21. dmsetup remove scubed1; dmsetup remove scubed2;  # scubed2 may be set up similarly to scubed1; steps 13 – 19 with s/scubed1/scubed2/g

22. # done. now the data must be accessed. this time only scubed1 will be created
23. cryptsetup create scubed1 /dev/loop0  #the only way to access previously created scubed partition is to supply the correct password for “cryptsetup create scubed1″. if it’s correct, it will show allocated blocks; if not, “000″:
24. scubed /dev/mapper/scubed?

root@darkstar:/home/iv# scubed /dev/mapper/scubed?
blocksize is 2097664 bytes, overhead is 512 bytes
0025 blocks in /dev/mapper/scubed1 (index 0)
0099 blocks unclaimed
0124 blocks total

25. scubed -M scubed1.linear /dev/mapper/scubed1
26. cryptsetup luksOpen /dev/mapper/scubed1.linear scubed1.encrypted
27. mount /dev/mapper/scubed1.encrypted rmme
28. ls rmme

root@darkstar:/home/iv# ls rmme
Exc.java  MyClass.java  constructors.java  interfce.java  listFiles.java  lost+found  reference.java  sss.java  tryReturn.java

#it’s there.