Use Vyatta to limit Guest Network Bandwidth

Use Vyatta to Limit Guest Network Bandwidth

Friday, 28 October 2011 19:48 |

Written by Tony |

|

|

A problem many of us have in our offices or our homes is the need to have Guest access to our network but not hog all the bandwidth. What I did here is use Vyatta Quality of Service (QoS) settings to limit the bandwidth on a guest network through a traffic shaping policy. You can add other QoS rules like prioritizing VIOP if you wish but as that is more complex, I'm not covering it in this article, I'm just focusing on all bandwidth.

First you need to create a policy called GUEST-UL.

#set traffic-policy shaper GUEST-UL

You can also give the policy a description if you wish. (This step is optional)

#set traffic-policy shaper GUEST-UL description “QoS policy for GUEST LAN”

Now we set the max upload bandwidth that we want to allow

#set traffic‐policy shaper GUEST-UL bandwidth 128kbit

We need to set the default bandwidth policy. If you add other QoS settings in the future you can change this to a lower number. This will not limit the default bandwidth unless there are other QoS policies in place but it is required to get the upload cap to work.

#set traffic‐policy shaper GUEST-UL default bandwidth 50%

Now we set the max amount of bandwidth that the default policy can utilize. In this case we're setting it to 100%.

#set traffic‐policy shaper GUEST-UL default ceiling 100%

Now we must bind the policy to the external interface to ensure the policy will limit the bandwidth. If you miss this step your bandwidth will not be limited.

#set interfaces ethernet eth0 traffic‐policy out GUEST-UL

Commit your changes

#commit

Now save them to ensure they will survive a reboot.

#save

Before you continue, test the settings with your favorite speed test site to make sure it works. If it does not, look to see where you went wrong. Now that we have limited the upload, let's limit the download. Create the limiter policy and give it a name.

#set traffic‐policy limiter GUEST-DL

You can also give the policy a description if you wish. (This step is optional)

#set traffic‐policy limiter GUEST-DL default description “Limit inbound guest traffic”

Set the default policy bandwidth. In this command we are limiting the bandwidth to 300kbps.

#set traffic‐policy limiter GUEST-DL default bandwidth 300kbit

As in the upload limiter we must bind the policy to the external interface to ensure the download policy will limit the bandwidth. If you miss this step your bandwidth will not be limited.

#set interfaces ethernet eth0 traffic‐policy in GUEST-DL

Commit your changes

#commit

Now save them to ensure they will survive a reboot.

#save

Before you continue, test the settings with your favorite speed test site to make sure it works. If it does not, look to see where you went wrong.

< Prev		Next >

Last Updated (Friday, 28 October 2011 20:04)

Comments

0 # Rodrigo 2012-02-10 12:56

hi, i´m using vyatta core and have some problems to set shaper and limiter because i want to limit this band per network´s ...example: 10.0.0.1/29 have 2mbps, 10.0.0.167/29 have 4MB etc...
do you help me ?

Reply | Reply with quote | Quote

0 # Tony 2012-02-10 16:30

Rodrigo, its actually pretty simple. Use the information above for each interface that you want to limit. Make sure to have a separate name for each policy because they have different speeds.

set interfaces ethernet eth1 traffic‐policy out Policy1-out
set interfaces ethernet eth2 traffic‐policy out Policy2-out
set interfaces ethernet eth1 traffic‐policy in Policy1-in
set interfaces ethernet eth2 traffic‐policy in Policy2-in

Make sure to setup the default bandwith for each interface using the commands above.

I wrote it up quickly based on the quick test I did for you so there may be a typo or two.
http://www.sohoadvisers.com/tutorials/vyatta-router/vyatta-multi-interface-traffic-shaping

Reply | Reply with quote | Quote

Refresh comments list
RSS feed for comments to this post

Add comment

JComments

The Advisers Group