/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsManaging Internet bandwidth is a major concern for most organizations today. Despite having a good Net connect, users continue to complain. While you might need to upgrade your bandwidth, in some cases, usually poor bandwidth management is to blame. This time, we'll see how to go about bandwidth management using outdated hardware like 486 boxes.
We'll use PicoBSD, a mini OS that is easy to configure, fits on a floppy and will automatically detect your network cards. PicoBSD is based on the FreeBSD distro. You will find an image of the same on this month's PCQuest Essential CD. You will need this image to create the bandwidth-management floppy, using the 'dd' command in Linux or the 'rawrite' application (on the CD) in DOS. After this, you just need to create the pipes and rules to set bandwidth priorities for your network users. You will find other similar distros at
www.fokus.gmd.de/linux/linux-distrib-small.html.
Create the floppy
From Linux, fire up the command console, insert a blank formatted floppy in the drive and issue the following command:
# dd if= pico.000608.bin of=/dev/fd0
In Windows, go to the command prompt and run the 'rawrite' application, which will ask you for the source-image file. Give the name of the file along with its location. The utility will then ask you for the destination where you want to create the distro from this image file. Insert a formatted floppy in the drive, and enter "a:" as the destination.
Manage bandwidth
Take any old machine (like a 486 system) with a floppy drive and setup two network cards in it. One card will connect to your Internet router, while the other will connect to your internal network.
Boot the system from the floppy. The OS should automatically detect your network cards and ask you to provide an IP address for one of the cards. Here, give a free IP address on your internal network, and then of course, ensure that the corresponding network card is also connected to it. The system will then boot and ask you for a username and password.
Give "root" as username and "setup" as the password.
Next, you have to configure the system according to the total bandwidth you are getting from your ISP. For this you first have to assign a public IP given by your ISP to your other network card. To do this, first issue the following command to identify the two network cards on the system:
#ifconfig -l
Next, assign an external IP address to the card as follows:
# ifconfig fxp1 inet 203.122.29.12 netmask 255.255.255.248
Here, ffxp1 is the device ID identified by the OS for the card connected to your external network.
Next you need to set the gateway for the public network so that internal users can access the public network (Internet). For this edit the rc.conf file found in /etc directory. Use ee editor to edit the file. Find the 'defaultgateway' entry in the file and set the default gateway address of your router. After this, find the 'gateway_enable' entry and set it to 'Yes'. Now, reinitialize the services by issuing this command.
# sh /etc/rc
With this, the system will start acting as a router and you can use its private IP as a gateway IP address for the clients connected on internal network.
Set rules
Finally, you need to create bandwidth pipes and rules for the various types of packets (ICMP, UDP, TCP) that are going to flow through the bandwidth-management box, which we have created. For this, first plan out the bandwidth requirements of your organization, and then allocate bandwidth for various kind of network traffic. For instance, suppose you want to limit the inbound traffic to 200 Kb/sec for hosts connected on the 192.168.1.0 subnet. For this, run the following commands:
# ipfw add pipe 1 ip from any ip to 192.168.1.0/24
his will create pipe 1. Then issue the following command to limit the bandwidth in this pipe:
#ipfw pipe 1 config bw 200Kbit/s queue 20 mask dst-p 0x000000ff
To share the above-created pipe with all users connected to the 192.168.1.0 network, issue the following commands:
#ipfw add queue 1 ip from any to 192.168.1.0/24
To create a queue for the 192.168.1.x subnet and to configure queue for pipe 1,
#ipfw queue 1 config weight 5 pipe 1 mask dst-ip 0x000000ff
And finally to allocate 200 Kb/sec bandwidth to this pipe, use the following command:
#ipfw pipe 1 config bw 200Kbit/s
Test the setup
You can test the setup by applying rules on ICMP packets so that you can visually see the effectiveness of this solution. Issue the following commands on the bandwidth management box:
#ipfw add pipe 2 icmp from any to any
#ipfw pipe 2 config bw 20Kbit/s queue 15
Now from a users desktop, ping your Internet router with the public IP. You will find that the ping response time has increased. Now delete the pipe that you created above on the bandwidth management box as follows:
#ipfw delete pipe 2
This will bring down the ping-response time.
This is how you can throttle the bandwidth according to your needs. A detailed manual of using ipfw can be found at
www.freebsd.org/cgi/man.cgi?query=ipfw&sektion=8.
However, keep in mind that the configuration that you have set above gets erased, when you reboot the machine. Then you need to set the configuration from scratch.
Sanjay Majumder