Limitar ancho de banda con PrometheusQOS

Imagen de RazaMetaL

Tema: 

En mi búsqueda de una aplicación que me permita limitar anchos de banda por direcciones IP llegué hasta [url=http://www.arachne.cz/index.php?clanekid=231]PrometheusQoS[/url].

[quote]
Prometheus QoS (Quality of Service) is an ISP-oriented tool for easy manipulation of the IP traffic shaping and sharing features of the Linux kernel. It generates multiple nested HTB traffic control classes with fine-grained rate and ceiling values and implements optional daily (or simply periodical) data transfer quotas and data transfer statistics (as HTML). It is compatible with NAT (both asymmetric and symmetric), yet still provides good two-way shaping and prioritizing for both uploads and downloads.
[/quote]

Mis requerimientos son:
- Limitar anchos de banda por direcciones IP;
- Limitar anchos de banda por grupos de direcciones IP;
- Que sea fácil de administrar, esto porque quien va a administrar el servicio no voy a ser yo :)

Voy a describir como instalar y configurar PrometheusQoS para administrar los anchos de banda para los usuarios de mi red interna.

[b]Requisitos:[/b]
- Kernel 2.6 con soporte HTB y SFQ habilitados;

cat /boot/config-`uname -r` | grep CONFIG_NET_SCH_HTB && cat /boot/config-`uname -r` | grep CONFIG_NET_SCH_SFQ
CONFIG_NET_SCH_HTB=m
CONFIG_NET_SCH_SFQ=m

- Debian GNU/Linux, aunque se puede instalar prometheus en cualquier otra distro, si alguien lo hace que me avise para actualizar este manual ;)
- La instalación se hará como usuario root;

[b]Instalación:[/b]
Descargamos PrometheusQoS:

cd /usr/src/
wget http://www.arachne.cz/download/prometheus-0.7.8.tar.gz

Creamos un paquete deb y lo instalamos:

aptitude -y install debhelper build-essential debian-builder
cd /usr/src/
tar zvxf prometheus-0.7.8.tar.gz
cd prometheus-0.7.8
make deb
dpkg -i prometheus_0.7.8-1_i386.deb

[b]Configuración:[/b]
La configuración la podemos encontrar en /etc/prometheus y consta de dos archivos:

/etc/prometheus/prometheus.conf
/etc/prometheus/hosts

El primero va a contener los "planes" que vamos a ofrecer a los usuarios y el segundo especifica a que plan pertenece cada uno.

Supongamos que vamos a tener dos tipos de "planes":

- 1024kbps compartido entre 2 usuarios, con un mínimo de 512kbps y máximo de 1024kbps
- 512kbps compartido entre 8 usuarios, con un mínimo de 64kbps y máximo de 512kbps

Nuestros archivos de configuración ser verían así:
/etc/prometheus/prometheus.conf

#==========================================================================
#
# Prometheus QoS - steal fire from your ISP !
# "fair-per-IP" quality of service utility
# requires Linux kernel with HTB qdisc enabled
# GNUpyright(G)2007 Michael xChaos Polak, x@n.cz
# Credits: CZFree.Net / Freegate / Deu / d@n.cz
# ...and Martin Devera for his HTB, of course ;-)
#
#==========================================================================
#Path to external utilities required to run iGW Prometheus:
#--------------------------------------------------------------------------
tc /sbin/tc
iptables /sbin/iptables
iptables-restore /sbin/iptables-restore
#==========================================================================
#Filename of iptables mangle table for iptables-restore
#--------------------------------------------------------------------------
iptables-file /var/spool/prometheus.iptables
#==========================================================================
#Filename of /etc/hosts - style IP address configuration file
#--------------------------------------------------------------------------
hosts /etc/prometheus/hosts
#==========================================================================
#Keywords found in /etc/host comments - syntax KEYWORD-MIN-MAX
#Eg.: 192.168.1.2 mypc #internet-256-512
#sets HTB rate for 192.168.1.2 to 256 kbps and HTB ceil to 512 kbps
#--------------------------------------------------------------------------
keyword internet512-8a1
keyword internet1024-2a1

#==========================================================================
#LAN (local, downstream) and WN (isp, internet, upstream) interface names
#didn't work well with only one interface - two interfaces are required now
#--------------------------------------------------------------------------
lan-interface eth1 #Linux network interface name
wan-interface eth0 #Linux network interface name
#==========================================================================
#LAN and WAN medium definition (100Mbit, 10Mbit - use 2Mbit for Wi-Fi)
#--------------------------------------------------------------------------
lan-medium 100Mbit #Mbit|kbit
wan-medium 100Mbit #Mbit|kbit
#==========================================================================
#guranted upload and download bandwidth FROM your ISP (in kbps, please!)
#asymetry settings will be automaticaly calculated from these values
#--------------------------------------------------------------------------
wan-download 2048 #kbps
wan-upload 2048 #kbps
#==========================================================================
#special QoS free zone (eg. free CZFree tranzit, etc.)
#Apply QoS on HTTP proxy IP addres/port
#Set HTB rate and HTB ceil for address undefined in hosts file
#--------------------------------------------------------------------------
qos-free-zone 0 #0=disable|subnet eg. 192.168.0.0/16
qos-free-delay 14400 #seconds to wait before applying QoS
qos-proxy-enable 1 #1=yes|0=no
qos-proxy-ip 192.168.0.1/32 #eg. IP of our LAN interface
qos-proxy-port 3128 #squid port
free-rate 64 #kbps - by Vitex kuli testovani dashboardu
free-ceil 128 #kbps
digital-divide-weirdness-ratio 1 #can be 1, 2, 3, maybe even more...
#==========================================================================
#Asymetric line settings - this allows setup of ADSL-style ISP service
#asymetry-rate 2 means upload is limited to 50% of the rate of download
#asymetry-treshold 64 means upload will be 64 kbps slower then download
#--------------------------------------------------------------------------
#These settings are keyword-derived ! (see "keyword" section)
#--------------------------------------------------------------------------
internet512-8a1-asymetry-ratio 1 #2,4,etc. for relative upload shaping
internet512-8a1-asymetry-treshold 0 #kbps
internet1024-8a1-asymetry-ratio 2
internet1024-8a1-asymetry-treshold 0
#==========================================================================
#HTB fine tuning part I - common settings
#--------------------------------------------------------------------------
htb-nesting-limit 3 #0..4: HTB seems to have built-in limit
htb-burst 8 #kbit (ip level classes)
htb-burst-group 32 #kbit (group level classes)
htb-burst-main 64 #kbit (medium&line level classes - 1:1, 1:2)
htb-leaf-discipline sfq perturb 5 #maybe "none"
htb-r2q 1
#type filtering traffic: mark&filter or classify (without tc filter)
filter-type classify #or mark
#==========================================================================
#magic-include-upload - is data counter sum of upload and download ?
#magic-treshold - heaviest downloader: htb-rate, 2nd: htb-rate+magic-treshold
#==========================================================================
magic-include-upload 1 #1=yes|0=no
magic-treshold 2 #kbps
#--------------------------------------------------------------------------
#Magic data limit based od guaranted bandwidth in kbps fine tunes HTB ceil:
#(magic-relative-limit)*(min bandwidth kbps) = limit for given time period
#eg. value 8 gives 512 MB limit to 64 kbps HTB rates, 1024 MB to 128'ers...
#magic-fixed-limit is fixed data limit in MB (megabytes), 0=no limit
#HTB ceil will be reduced to (HTB rate) for the most unfair-users
#other offenders get (HTB rate)+(magic-treshold)
#magic-relative-prio and magic-fixed-prio work exactly the same way as
#limit, except that they reduce HTB priority instead of HTB ceil
#--------------------------------------------------------------------------
#These settings are keyword-derived ! (see "keyword" section)
#--------------------------------------------------------------------------
internet512-8a1-magic-relative-limit 8 #*kb/sec->MB/day
internet512-8a1-magic-relative-prio 6 #*kb/sec->MB/day
internet512-8a1-magic-fixed-limit 0 #MB, less then
internet512-8a1-magic-fixed-prio 0 #MB, less then
internet1024-2a1-magic-relative-limit 12
internet1024-2a1-magic-relative-prio 8
internet1024-2a1-magic-fixed-limit 0
internet1024-2a1-magic-fixed-prio 0
#==========================================================================
#HTB fine tuning part II - keyword dependent settings
#--------------------------------------------------------------------------
#These settings are keyword-derived ! (see "keyword" section)
#--------------------------------------------------------------------------
internet512-8a1-htb-default-prio 1 #can be 1...7
internet512-8a1-htb-rate-bonus 0 #kbps
internet512-8a1-htb-ceil-malus 0 #kbps
internet1024-2a1-htb-default-prio 1
internet1024-2a1-htb-rate-bonus 16
internet1024-2a1-htb-ceil-malus 0
#==========================================================================
#HTB fine tuning part III - keyword dependent settings
#--------------------------------------------------------------------------
#These settings are keyword-derived ! (see "keyword" section)
# optionally! if not defined, using global leaf-discipline
# value "none" skip qdisc creation for this keyword
#--------------------------------------------------------------------------
#internet512-8a1-leaf-leaf-discipline esfq
#internet1024-2a1-leaf-discipline none
#==========================================================================
#Credit file settings - stores unused credit from previous runs
#--------------------------------------------------------------------------
credit-filename /var/lib/misc/prometheus.credit
credit-enable 1 #1=yes|0=no
#==========================================================================
#Log file names and directories
#--------------------------------------------------------------------------
log-filename /var/log/prometheuslog
log-traffic-directory /var/www/logs/
log-traffic-html-directory /var/www/logs/html/
log-traffic-url-path logs/
#==========================================================================
#Hall of Fame - Greatest Suckers settings
#--------------------------------------------------------------------------
hall-of-fame-enable 1 #1=yes|0=no
hall-of-fame-filename /var/www/yesterday.html
hall-of-fame-preview /var/www/today.html
hall-of-fame-title Hall of Fame - Greatest Suckers
#==========================================================================
#Hall of Fame - Color settings (for FUP data limit display)
#--------------------------------------------------------------------------
#These settings are keyword-derived ! (see "keyword" section)
#--------------------------------------------------------------------------
internet512-8a1-html-color 008000
internet1024-2a1-html-color 000080
#==========================================================================
#That's all, folks. Now just run /usr/sbin/prometheus every day...

Como podrán apreciar, en el archivo de configuración hemos definido los nombres de los planes que vamos a ofrecer:

internet512-8a1
internet1024-2a1

Entre otras cosas también se ha especificado:

wan-download Ancho de banda de bajada que tenemos disponible para distribuir
wan-upload Ancho de banda de subida que tenemos disponible para distribuir
lan-interface Interfaz LAN, generalmente eth1
wan-interface Interfaz WAN, generalmetne eth0
lan-medium Velocidad de la tarjeta de red LAN (10Mbit, 100Mbit, etc)
wan-medium Velocidad de la tarjeta de red WAN (10Mbit, 100Mbit, etc)

Ahora debemos definir cuales son los usuarios que van a estar en cada plan:
/etc/prometheus/hosts

# use TABs to separate IP address, hostname, and speed definition!
# this file is just dummy example not related to prometheus.conf.SAMPLE
# see sample-configuration/hosts to learn more about what Prometheus QoS can handle

# syntax: "via-prometheus-MIN-MAX", where MIN and MAX are values in kbps
# "sharing-HOSTNAME" is useful to aggregate more IPs in single traffic class

# note, that keywords parsed by Prometheus QoS look like ordinary comments to tools
# used to process bsd-style /etc/hosts file...

192.168.0.0 redclientes #(solo informacion - nombre de la red)
192.168.0.1 linux #(solo informacion - interfaz interna del linux)
192.168.0.2 pcmonitoreo #sharing-linux
192.168.0.3 pcrazametal #sharing-linux

# Clientes plan 512kbps
# En ancho de banda mínimo cuando todos esten conectados será de 64kbps
# y el máximo de 512kbps
192.168.0.101 cliente1 #internet512-8a1-64-512
192.168.0.102 cliente2 #sharing-cliente1
192.168.0.103 cliente3 #sharing-cliente1
192.168.0.104 cliente4 #sharing-cliente1
192.168.0.105 cliente5 #sharing-cliente1
192.168.0.106 cliente6 #sharing-cliente1
192.168.0.107 cliente7 #sharing-cliente1
192.168.0.108 cliente8 #sharing-cliente1

# Clientes plan 1024kbps
# En ancho de banda mínimo cuando todos esten conectados será de 512kbps
# y el máximo de 1024kbps
192.168.0.201 cliente9 #internet1024-2a1-512-1024
192.168.0.202 cliente10 #sharing-cliente9

Habilitamos el arranque de PromethusQoS y nuestras configuración cuando reiniciemos el servidor:
vi /etc/default/prometheus

# Run prometheus on startup
PROMETHEUS_ENABLE=yes

Iniciamos prometheus:

/etc/init.d/prometheus start

Prometheus nos mostrará los clientes y a que plan estan asociados:

Prometheus QoS - "fair-per-IP" Quality of Service setup utility.
Version 0.7.8 - Copyright (C)2005-2008 Michael Polak (xChaos)
iptables-restore & burst tunning & classify modification 0.7d by Ludva
Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf

Parsing configuration file /etc/prometheus/prometheus.conf ...
Configured keywords: via-prometheus internet512-8a1 internet1024-2a1
Parsing iptables verbose output ...
Parsing class defintion file /etc/prometheus/hosts ...
Resolving shared connections ...
Unresolved shared connection: 192.168.0.3 pcrazametal sharing-linux
Unresolved shared connection: 192.168.0.2 pcmonitoreo sharing-linux
Parsing credit file /var/lib/misc/prometheus.credit ...
Initializing iptables and tc classes ...
Running /sbin/iptables-restore

[b]Para tener en cuenta:[/b]
La unidad utilizada en /etc/prometheus/prometheus.conf es el kilobit y no el kilobyte (1 byte = 8 bits).
El archivo /etc/prometheus/hosts utiliza espacios de tabulador entre la dirección IP, nombre de cliente y plan.
Podemos utlizar prometheus -p para obtener una top10 de consumo de cada cliente.

Comentarios

Las instrucciones son para

Imagen de RazaMetaL

Las instrucciones son para instalarlo en Debian y derivados. Así que el comando "make deb" te va a ser de poca utilidad. Por otra parte, el mensaje de error claramente dice:

[code]
make: cc: No se encontró el programa
[/code]

Lo que indica que no tienes instalado cc.

-----

Visita este [url=http://www.sindominio.net/ayuda/preguntas-inteligentes.html]link[/url] :evil:

[img]http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/debian.jpg[/img]

(adsbygoogle = window.adsbygoogle || []).push({});

hola saludos instale el

Imagen de maxstoro

hola saludos instale el prometheus carga todo bien pero no me controla el ancho de banda que podria ser ???? estoy tratando de controlar solo a un pc y no controla ni la subida ni la bajada sera el orden en que cargo mi script podria ser????
lo cargo de la siguiente forma primero squid luego mi firewall y por ultimo el prometheus estoy tratando de controlar solo puro no compartido el ancho de banda gracias por la ayuda que puedan darme

Muestranos la salida

Imagen de RazaMetaL

Muestranos la salida de:


iptables -nL -t mangle

-----

Visita este [url=http://www.sindominio.net/ayuda/preguntas-inteligentes.html]link[/url] :evil:

[img]http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/debian.jpg[/img]

(adsbygoogle = window.adsbygoogle || []).push({});

la verdad no se que estoy

Imagen de maxstoro

la verdad no se que estoy haciendo mal no sale nada


Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Ejecutastes

Imagen de RazaMetaL

Ejecutastes ?

/etc/init.d/prometheus start

-----

Visita este [url=http://www.sindominio.net/ayuda/preguntas-inteligentes.html]link[/url] :evil:

[img]http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/debian.jpg[/img]

(adsbygoogle = window.adsbygoogle || []).push({});

al instalar en centos5.5 ayuda porfavor

Hola a lo que comienso a instalar en centos me sale lo siguiente ayuda porfavor

[root@www src]# cd prometheus-0.7.8
[root@www prometheus-0.7.8]# make deb
cc -o prometheus prometheus.c
debian/prometheus.debian
debian/prometheus.debian: line 3: dpkg-architecture: command not found
dpkg-buildpackage
make: dpkg-buildpackage: No se encontró el programa
make: *** [deb] Error 127

luego hice lo siguiente

[root@www prometheus-0.7.8]# make install
cc -o prometheus prometheus.c
install -d /usr/sbin
install -d /usr/share/man/man1
install -d /usr/share/man/man5
install -d /etc/cron.d
install -d /etc/prometheus
install -m 755 prometheus /usr/sbin
install -m 644 prometheus.1 /usr/share/man/man1
install -m 644 prometheus.conf.5 /usr/share/man/man5
install -m 755 conf/prometheus.cron /etc/cron.d/prometheus
install -m 755 conf/prometheus.init /etc/init.d/prometheus
install -m 600 conf/prometheus.conf /etc/prometheus
install -m 600 conf/prometheus.hosts /etc/prometheus/hosts
install -m 644 conf/prometheus.default /etc/default/prometheus
[root@www prometheus-0.7.8]# dpkg -i prometheus_0.7.8-1_i386.deb
bash: dpkg: command not found

por que me sale esto???

bash: dpkg: command not found

"El que se enorgullece de sus conocimientos es como si estuviera ciego en plena luz."

Estás tratando de seguir un

Imagen de deathUser

Estás tratando de seguir un tutorial para debian en un centos, dpkg es un programa de debian ...

RTFM, debe tener un readme, leelo y de pronto necesites hacer un make y luego make install y no make deb ...

bye
;)

El proceso de instalación en

Imagen de RazaMetaL

El proceso de instalación en CentOS es algo diferente.

Bastaría con hacer:


cd prometheus-0.7.8
make
make install

-----

Visita este [url=http://www.sindominio.net/ayuda/preguntas-inteligentes.html]link[/url] :evil:

[img]http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/debian.jpg[/img]

(adsbygoogle = window.adsbygoogle || []).push({});

Gracias ya lo instale tengo

Gracias ya lo instale tengo una pregunta tu declaras canales simetricos 2048 down u 2048 up
y no se si estoy mal pero creo que el plan 512 es 512 x 512 y el de 1024 es 1024x1024 ????

como hago si tendo 2048 down y 512 up
por desir un caso yo nesesito que sea un plan de 512x128
en donde y como pongo para un canal asimetrico

lo otro es que ya segui los pasos al pie de la letra lo unico que cambie es mi red interna que es 10.1.1.1 el server y las demas pcs son 10.1.1.2, 10.1.1.3 etc al realizar el test de velocidad o la descarga no segmenta sale lo mismo 2048x512 lo estoy probando en una sola pc con windows 7
al poner

iptables -nL -t mangle

me sale esto

[root@www ~]# iptables -nL -t mangle
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 10.0.0.0/8
CLASSIFY all -- 10.1.1.9 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.9 0.0.0.0/0
CLASSIFY all -- 10.1.1.8 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.8 0.0.0.0/0
CLASSIFY all -- 10.1.1.7 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.7 0.0.0.0/0
CLASSIFY all -- 10.1.1.6 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.6 0.0.0.0/0
CLASSIFY all -- 10.1.1.5 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.5 0.0.0.0/0
CLASSIFY all -- 10.1.1.4 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.4 0.0.0.0/0
CLASSIFY all -- 10.1.1.3 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.3 0.0.0.0/0
CLASSIFY all -- 10.1.1.2 0.0.0.0/0 CLASSIFY set 1:2049
ACCEPT all -- 10.1.1.2 0.0.0.0/0
MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK set 0x3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 10.0.0.0/8 0.0.0.0/0
CLASSIFY all -- 0.0.0.0/0 10.1.1.9 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.9
CLASSIFY all -- 0.0.0.0/0 10.1.1.8 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.8
CLASSIFY all -- 0.0.0.0/0 10.1.1.7 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.7
CLASSIFY all -- 0.0.0.0/0 10.1.1.6 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.6
CLASSIFY all -- 0.0.0.0/0 10.1.1.5 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.5
CLASSIFY all -- 0.0.0.0/0 10.1.1.4 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.4
CLASSIFY all -- 0.0.0.0/0 10.1.1.3 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.3
CLASSIFY all -- 0.0.0.0/0 10.1.1.2 CLASSIFY set 1:2049
ACCEPT all -- 0.0.0.0/0 10.1.1.2
MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK set 0x3
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
[root@www ~]#

no se que estoy haciendo mal me yudan de antemano gracias

"El que se enorgullece de sus conocimientos es como si estuviera ciego en plena luz."

Páginas