Bandwidth Management using Linux CBQ and HTB :

Bandwidth Management
Approach
Explanation

Term Bandwidth means the data throughput achived on a particualr interface. This interface may be serving a local LAN or it can be a leased line connected to Internet.

Now, then what is Bandwidth Mangement ?

Simple, managing the bandwidth ha ha ... Managing in terms of distributed or needed use or restriction or allocating. Taking a company scenario, which has a T1 line and having a bandwidth up to 1.544 Mbps Now, the company has many department in their company consisting of Development, Marketing, Finance, HR(not one man show HR, but a team of people, ha ha..), MIS, Management Heads, Visitors(not a dept but a category of people) etc...

Now the company wants to make the optimum use of the bandwidth in a organized way, as the company runs many application, web, VOIP and database server 24x7. So the admin decides to categorize his department priority and the crital application that needs most of the internet connectivity. So he then uses assigns Bandwidth share for the group of categories(in for of IPs) with range or host and depending upon the application(services) ie 250kbps for http, 500 for VOIP, 250kbps for PeopleSoft, 250kbps for Tibco(database server), 150kbps for Manahement Head(for any application he uses) and then reset for the other services or pc's(ip-host).
Requirements


One can follow two differnet approaches for controlling bandwidth, using CBQ or HTB. I have used HTB... so I will explanation more regarding it...

What is CBQ ?

Class Based Queeing approach. In this, differnet classes are made and their chlid classes are in turn used to categorize a section. For instance I create a class for HTTP(which is the parent class), then under this there are classes like MRKT, DEV, FIN, MGT(child class) and which inturn has child classes. So in this way the bandwidth share is divided for easy maintainence. The config file takes the data fron the files stored in the /etc/cbq folder, which follow a pattern, like the Interface speed , the allocated speed and then the application using that speed. Also the bps/kbps shared is mentioned along with the borrow limit.


What is HTB ?

Hierachaical Token Bucket. This approach uses the same concept but has a fixed hierarchy which is not broken, and also the removal of redundance entry in the config files related to LAN card speed...

NOTE: The share is distributed/implemented on the node class ie the child class and not the parent.

The config file takes the data fron the files stored in the /etc/sysconfig/htb folder. It is the latest approach and well performed then CBQ(the old age approach), because of the easy config file structure and accuracy in controlling the bandwidth
Implementation

It uses a daemon called statsd for reporting and then the Bandwidth script which uses Qdisc, IP and Iptables. The config files are stored under the folder /etc/sysconfig/htb HTB follow the structure of default class, root class and then the child classes. Default class share the unallocated(categorized) IP's for bandwidth share and root class is mandetory which has the details for the actual bandwidth the ISP is providing the company(rather what bandwidth he is getting). In our company the Hughes line gets no more than 122 kbps(Kilo Bits per sec)


The structure of file is as below.

Root class structure
RATE=128.569kbit
CEIL=128.569kbit
LEAF=sfq
PRIO=5
MARK=3

Child class structure
RATE=38.6kbit
CEIL=38.6kbit
LEAF=sfq
MARK=8

Marks are assigned to iptables and when the ip are found in that mark, it is assigned the needed bandwidth.

service bandwidth start service bandwidth stop service bandwidth status

The reporting part is done using MRTG, which shows the Link statistic, service graph and the datatransfered from the host daily, weekly, monthly and yearly.

I will type in more details when I organize things....

Feature List for the current Bandwidth Management module(my & and not the MailServ 4.x)

1) Bandwidth allocation can be classified based on the Service and IP.

a) Admin can create(divide) the entire bandwidth into different classes.
b) This class division is based on the service like http, ssh, smtp, telnet, etc...
c) For which the rules can be applied on individual IP, Range of IP or the entire Subnet.

NOTE: Every rule is associated with a service and an IP address/ Range / Subnet


2) In what way can the admin control the bandwidth.

a) Admin can control the bandwidth usage based on incomming and outgoing traffic from his LAN.
b) Incomming traffic -- DOWNLOAD -- When a user visits a site eg: www.yahoo.com, the user
inturn is downloading some data. Eg: FTP, HTTP, etc..
c) Outgoing traffic -- UPLOAD -- When a user is trying to upload a 5 MB attachment file to
wwww.mail.yahoo.com, or using a file transfer in Yahoo or MSN messenger, we can limit the
upload bandwidth, so that user can upload 5 MB attachment in 10 mins rather than 2 mins.
d) A company is hosting a web, ftp, mail server etc.. in its internal LAN and would wish to
provide more bandwidth allocation for the outgoing traffic ie. users accessing the web, ftp
mail server from outside(internet).
e) A IP/Range/Subnet can be limited a bandwidth usage for certain web or ftp sites and can have
a higher allocation of bandwidth for different sets of site or all.


Second phase of Bandwidth Management

1) Currently the Bandwidth is managed on single External(Internet) Interface and single Internal(Local LAN) interface. We can enhance further and implement on multiple External Interface ie. the client has Internet connection from multiple ISP's connection on "N" number for External Interface and same for the Internal(Local LAN) interface where one local interface is using a differnet subnet and other a different subnet.

2) MAC wise controlling of bandwidth.

Third Phase Customization

1) Client sites connected to different branches either using leased line dialup or VPN connection. Controlling the bandwidth for the same.