Limit bandwidth per ip

Hello,

Can you please suggest an appliance  that would be capable of limiting bandwidth per IP address (up to 50 users)? A router, firewall, linux box, etc.. that won't break the bank.

Thank you!
rookie_bAsked:
Who is Participating?
 
nuuralConnect With a Mentor Commented:
For sure, I was recommending the 1100 since it includes a 13 port switch, and comes with a level6 license (http://wiki.mikrotik.com/wiki/Manual:License_levels). Nevertheless, you can accomplish bandwidth shaping (and most other things) even with a simple RB411. Basically, you could pickup a RB411, a POE (or simple DC) adaptor, and a basic enclosure, and you'd have a full fledged router for as little as 77$ (roughly 50£). Of course the rb411 has only one ethernet port, so you should add two ips on the lan interface, and set your final router to be its default gateway, while the routerboard would be your users' default gateway, so anything that passes through it is shaped before going out to the internet. It's a fairly simple setup. You can expand the routerboard by adding a wireless minipci card (some cost as little as 20$) and by purchasing a Level4 license, you could turn it into a hotspot/access point/wireless gateway/whatever. There's no limit to the things you can accomplish :)
The various routerboards are listed here: http://routerboard.com/
As for UK resellers, the official list is here: http://www.mikrotik.com/howtobuy.html

HTH
nuural
0
 
Patmac951Commented:

You can accomplish this using a managed switch behind your router but with 50 users that would expensive and time consuming. Another option would be to set up a proxy.  http:// www.squid-cache.org using delay pools. You can change bandwidth available to users based on time/ip/username.

This may require a little developer knowledge but it is a free download.  At least the last time I used it.....it was a free download.
0
 
nuuralCommented:
I would recommend Mikrotik's Routerboard RB1100. You can do advanced load balancing using a very well-implemented queue system, and can go way beyond simple per-ip traffic shaping...for instance you can setup a queue that proportionally allocates bandwidth to active network users based on how much there is available at that time, so that no bandwidth goes unused yet no user experiences slowdowns.

Regards,
nuural
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
rookie_bAuthor Commented:
Thanks nuural, is there a lower class Mikrotik that would support that? Where caan I buy these in the UK?

Thanks!
0
 
nuuralCommented:
Speaking of which, you can even electronically purchase a routeros license and install it on an old x86 box, which is way handier and easier to get than having to fiddle with the usual linux gateway setup which you may or may not be comfortable with. At that point you'd have the cheapest routerOS-based solution, which would include easy as cake access to every advanced routing/firewalling/shaping/etc feature you may desire.

nuural
0
 
nuuralCommented:
And one last thing: I'm now seeing you can also get a free trial routerOS licenses, so go for it and try it out on a virtual machine or on an old box :)

Regards,
nuural
0
 
rookie_bAuthor Commented:
Thanks nuural, I am thinking of getting this one http://linitx.com/viewproduct.php?prodid=12417 
Just one last confirm - the 30 users are on switches and access points, that's ok right? I mean bandwidth restriction is per ip not interface, right?

I am thinking of setting up more or less like this:

isp dsl router LAN  - 192.168.1.254

Mikrotik port 1 - set up as WAN int, default VLAN 0, ip 192.168.1.1 gw 192.168.1.254 dns 192.168.1.254

Mikrotik ports 2,3, 4 - VLAN 1, 192.1682.0/24 for wired users with static IPs

Mikrotik port 5 - VLAN 2, 10.0.0.0/24, dhcp range 10.0.0.50 - 10.0.0.100, downstream 150 KB/s per ip in the DHCP range.

Does this sound feasible/doable with the Mikrotik 450G?

Thanks a lot!!!

0
 
nuuralCommented:
that's absolutely doable - and bandwidth restriction criteria are fully configurable to meet your needs, be it per ip, per interface, fixed, adaptive, and more. You also have a stateful packet inspection firewall in routeros. That can be used to identify and shape (or block, or prioritize...) traffic at the application layer. In other words, should you want to limit or block one particular peer-to-peer protocol, you can. just look up the various shaping options in the mikrotik wiki here: http://wiki.mikrotik.com/wiki/Manual:Queue

regards,
nuural
0
 
rookie_bAuthor Commented:
Excellent!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.