Shaping/Controlling/Trottleing INBOUND trafic (cheaply)

Posted on 2004-10-11
Last Modified: 2010-03-17
Having (very) limited bandwith, and a 20-30 user lan can be very frustrating. I have to fix it somehow, so here is what I have found so far:

Possible solutions ?
1) cache ! Good idea, but what if the bandwith muncher is not http of ftp ?
Rare I know, but this happens ( 2 me 2 mutch ;-)

2) Shape/throttle. Ok... BUT this is only 'easy' on outbound connections, and my outbount trafic is NOT the problem !

I need to controll (and log/investigate) the flow in. "As policy" the ISP "does not get involved" ( cant switch ISP - 3rd world )

I did STFW over and over and what I found is that:
1) there is GNU software/methods that can limit incomeing flow by droping packets to slow down connections, but this is not recomended since it is wastefull ( total trafic over the wire not= trafic into lan due to (lots of)droped packets)

2) There is software that can manipulate the TCP window size, but this is WAY out my budget. ( as is hardware solutions )

BUT, new stuff comes out every day, hopefully there is something that I havent come accross yet.
AND I'm still relatively new to linux, and I've only spent a week Google'n on this stuff.

What am I asking ? ADVICE, Educated oppinion, and genraly just a kick in the right direction.

What are my options ( appart from what I already mentioned ) ?

Thanks so much for any help/contrebution that you may offer me.
Question by:Xorb
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 12280875
Solutions for you are:
Squid to cache visit
tc - traffic control to shape the connection
visit  everything you need for traffic control is there


Author Comment

ID: 12284037
Like I said, I am not asking about cache. Cache just covers FTP and HTTP, and there is allot more trafic than that on my network.

I am reading thanks.

Accepted Solution

jacauc earned 150 total points
ID: 12284825
I am busy looking for the same kind of solution myself...

Seeing that any incoming data is already at your modem (local) by the time you want to manipulate it (it already used the bandwidth) , there can be no real effective solution to do this.

Anyway, look at for some for info.

They have quite an effective solution and explanation.

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Author Comment

ID: 12285591
Yeah, I was hoping that article was outdated. Most of what I said in my opening is based on that dock. ( well, what I said about droping packets and the TCP window size )


Author Comment

ID: 12285631
I just chaecked out your user info ... South Africa eh ? Me 2 !! Anyhow, seeing as you probably have a software budget, I can point you to a good solution to do what we are talking about ( it's the solution that I refered to as out of my budget ) <- these guys have a software solution that ( depending on your hardware ) is good up to 10Mbit, and hardware solutions that can handle up to 16 Gbit ( aledgedly )

Expert Comment

ID: 12286316
Thanks Xorb,

Good to see some other South Africans here too ;)
Seems like all people in SA are facing this problem... hehe... with our AMAZINGLY cheap and effective solutions available for Broadband internet connections....(notice the sarcasm)

hehe... anyways, i work in Angola, but i'm looking for this solution for my internet connection at home... Sentech

Thanks for the info though, i'll keep it in mind.


Assisted Solution

jeiler earned 100 total points
ID: 12627646
Allows shaping and throttling inbound connections, although it does assume most clients are well behaved.

Author Comment

ID: 12641708
Cool .... I'll read up all the docks and maybe even try to set it up. Sorry if I dont get back to you ultra soon, but I will get back to you.


Author Comment

ID: 15144443
This question has been open way to long, and has long gone cold.

Pitty, would love to know if there has been any new software/solutions released since this date.

In the spirit of EE, points for everyone that showed intrest, sorry about the low rating but we dident get close to a solution.... guess it was just a impossible question.

Expert Comment

ID: 21477418
Well I would suggest that you get a Cisco 877 router.  That was easy wasn't it !

You can do everything you like with bandwidth control IP prioritisation per client IP inbound and outbound and it is pretty cheap too considering what it does.  I use them for VOIP / bandwidth sensitive applications where the client has zero bandwidth (you know what I mean there).  You can fragment packets too into really small chunks which really smooths the flow out whilst reconstructing on the way out to your favorite MTU.

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question