rookie_b
asked on
Limit bandwidth per ip
Hello,
Can you please suggest an appliance that would be capable of limiting bandwidth per IP address (up to 50 users)? A router, firewall, linux box, etc.. that won't break the bank.
Thank you!
Can you please suggest an appliance that would be capable of limiting bandwidth per IP address (up to 50 users)? A router, firewall, linux box, etc.. that won't break the bank.
Thank you!
I would recommend Mikrotik's Routerboard RB1100. You can do advanced load balancing using a very well-implemented queue system, and can go way beyond simple per-ip traffic shaping...for instance you can setup a queue that proportionally allocates bandwidth to active network users based on how much there is available at that time, so that no bandwidth goes unused yet no user experiences slowdowns.
Regards,
nuural
Regards,
nuural
ASKER
Thanks nuural, is there a lower class Mikrotik that would support that? Where caan I buy these in the UK?
Thanks!
Thanks!
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Speaking of which, you can even electronically purchase a routeros license and install it on an old x86 box, which is way handier and easier to get than having to fiddle with the usual linux gateway setup which you may or may not be comfortable with. At that point you'd have the cheapest routerOS-based solution, which would include easy as cake access to every advanced routing/firewalling/shapin g/etc feature you may desire.
nuural
nuural
And one last thing: I'm now seeing you can also get a free trial routerOS licenses, so go for it and try it out on a virtual machine or on an old box :)
Regards,
nuural
Regards,
nuural
ASKER
Thanks nuural, I am thinking of getting this one http://linitx.com/viewproduct.php?prodid=12417
Just one last confirm - the 30 users are on switches and access points, that's ok right? I mean bandwidth restriction is per ip not interface, right?
I am thinking of setting up more or less like this:
isp dsl router LAN - 192.168.1.254
Mikrotik port 1 - set up as WAN int, default VLAN 0, ip 192.168.1.1 gw 192.168.1.254 dns 192.168.1.254
Mikrotik ports 2,3, 4 - VLAN 1, 192.1682.0/24 for wired users with static IPs
Mikrotik port 5 - VLAN 2, 10.0.0.0/24, dhcp range 10.0.0.50 - 10.0.0.100, downstream 150 KB/s per ip in the DHCP range.
Does this sound feasible/doable with the Mikrotik 450G?
Thanks a lot!!!
Just one last confirm - the 30 users are on switches and access points, that's ok right? I mean bandwidth restriction is per ip not interface, right?
I am thinking of setting up more or less like this:
isp dsl router LAN - 192.168.1.254
Mikrotik port 1 - set up as WAN int, default VLAN 0, ip 192.168.1.1 gw 192.168.1.254 dns 192.168.1.254
Mikrotik ports 2,3, 4 - VLAN 1, 192.1682.0/24 for wired users with static IPs
Mikrotik port 5 - VLAN 2, 10.0.0.0/24, dhcp range 10.0.0.50 - 10.0.0.100, downstream 150 KB/s per ip in the DHCP range.
Does this sound feasible/doable with the Mikrotik 450G?
Thanks a lot!!!
that's absolutely doable - and bandwidth restriction criteria are fully configurable to meet your needs, be it per ip, per interface, fixed, adaptive, and more. You also have a stateful packet inspection firewall in routeros. That can be used to identify and shape (or block, or prioritize...) traffic at the application layer. In other words, should you want to limit or block one particular peer-to-peer protocol, you can. just look up the various shaping options in the mikrotik wiki here: http://wiki.mikrotik.com/wiki/Manual:Queue
regards,
nuural
regards,
nuural
ASKER
Excellent!
You can accomplish this using a managed switch behind your router but with 50 users that would expensive and time consuming. Another option would be to set up a proxy. http:// www.squid-cache.org using delay pools. You can change bandwidth available to users based on time/ip/username.
This may require a little developer knowledge but it is a free download. At least the last time I used it.....it was a free download.