Link to home
Create AccountLog in
Avatar of rookie_b
rookie_bFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Limit bandwidth per ip

Hello,

Can you please suggest an appliance  that would be capable of limiting bandwidth per IP address (up to 50 users)? A router, firewall, linux box, etc.. that won't break the bank.

Thank you!
Avatar of Patmac951
Patmac951
Flag of United States of America image


You can accomplish this using a managed switch behind your router but with 50 users that would expensive and time consuming. Another option would be to set up a proxy.  http:// www.squid-cache.org using delay pools. You can change bandwidth available to users based on time/ip/username.

This may require a little developer knowledge but it is a free download.  At least the last time I used it.....it was a free download.
Avatar of nuural
nuural

I would recommend Mikrotik's Routerboard RB1100. You can do advanced load balancing using a very well-implemented queue system, and can go way beyond simple per-ip traffic shaping...for instance you can setup a queue that proportionally allocates bandwidth to active network users based on how much there is available at that time, so that no bandwidth goes unused yet no user experiences slowdowns.

Regards,
nuural
Avatar of rookie_b

ASKER

Thanks nuural, is there a lower class Mikrotik that would support that? Where caan I buy these in the UK?

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of nuural
nuural

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Speaking of which, you can even electronically purchase a routeros license and install it on an old x86 box, which is way handier and easier to get than having to fiddle with the usual linux gateway setup which you may or may not be comfortable with. At that point you'd have the cheapest routerOS-based solution, which would include easy as cake access to every advanced routing/firewalling/shaping/etc feature you may desire.

nuural
And one last thing: I'm now seeing you can also get a free trial routerOS licenses, so go for it and try it out on a virtual machine or on an old box :)

Regards,
nuural
Thanks nuural, I am thinking of getting this one http://linitx.com/viewproduct.php?prodid=12417 
Just one last confirm - the 30 users are on switches and access points, that's ok right? I mean bandwidth restriction is per ip not interface, right?

I am thinking of setting up more or less like this:

isp dsl router LAN  - 192.168.1.254

Mikrotik port 1 - set up as WAN int, default VLAN 0, ip 192.168.1.1 gw 192.168.1.254 dns 192.168.1.254

Mikrotik ports 2,3, 4 - VLAN 1, 192.1682.0/24 for wired users with static IPs

Mikrotik port 5 - VLAN 2, 10.0.0.0/24, dhcp range 10.0.0.50 - 10.0.0.100, downstream 150 KB/s per ip in the DHCP range.

Does this sound feasible/doable with the Mikrotik 450G?

Thanks a lot!!!

that's absolutely doable - and bandwidth restriction criteria are fully configurable to meet your needs, be it per ip, per interface, fixed, adaptive, and more. You also have a stateful packet inspection firewall in routeros. That can be used to identify and shape (or block, or prioritize...) traffic at the application layer. In other words, should you want to limit or block one particular peer-to-peer protocol, you can. just look up the various shaping options in the mikrotik wiki here: http://wiki.mikrotik.com/wiki/Manual:Queue

regards,
nuural
Excellent!