Dear all ,
i am very new for vyos and i am trying to limit bandwidth per ip address but i could not do it . so, i would like to request you to send me the example configuration to limit the bandwidth on per ip address . My lan ip address is 192.168.50.2/24
Best Regards
Arun Tamrakar
Hi
if you want to limit outgoing traffic , you could use traffic-policy with a shaping (depending the values/traffic) that you need to limit. here below there are some example s.
set traffic-policy shaper OUT bandwidth 'mbitX'
set traffic-policy shaper OUT class 10 bandwidth 'XXX%'
set traffic-policy shaper OUT class 10 match ADDRES50 ip source address '192.168.50.1/24'
set interfaces etherhet ethX traffic-policy out OUT
in fact , if you need to apply for ingress traffic , you should verify our documentation.
https://docs.vyos.io/en/equuleus/configuration/trafficpolicy/index.html
thanks fernando, i have tried this way but the traffic limits all that IP that passing through LAN , and i am not willing to set it hole ip block like /24 i wants to apply the rules only one ip address /32 . i dont know what is the problem
my config as bellow :
vyos@vyos# sh traffic-policy
shaper OUT {
bandwidth 100mbit
class 10 {
bandwidth 10mbit
match ADRESS {
ip {
source {
address 192.160.50.2/32
}
}
}
}
default {
bandwidth 10mbit
}
}
[edit]
vyos@vyos#
i wants to limit my bandwidth for only ip 192.168.50.2/32
Best Regards,
Arun Tamrakar
Looks like a typo in the config:
ip {
source {
address 192.160.50.2/32
}
Here: 192.160.50.2/32
It should be: 192.168.50.2/32
If your WAN port is using sNAT or masquerade, all LAN IPs will be translated into a single WAN IP, and your policy won’t match on LAN source IPs.
And all traffic will end up in default class
thank you very much Nikolay sir,
I have made correct entry again but it does not work , when the shaper rules applies as you sent and commit it ask default bandwidth and save all the ip address that passing through my LAN .
i have remove nat also and make static route .
here i wants to limit 10mbits bandwidths in my ip 192.168.20.19
but all the ip address 192.168.20.2-192.168.20.254 with all ip has limited 10mbts traffic
where is the wrong code
my current config is as bellow vyos@vyos# sh traffic-policy
shaper OUT {
bandwidth auto
class 10 {
bandwidth 10mbit
match address {
ip {
source {
address 192.168.20.19/32
}
}
}
}
default {
bandwidth 10mbit
}
}
[edit]
vyos@vyos#
What VyOS version you are using?
show version
Version: VyOS 1.4-rolling-202112090318
Release train: sagitta
Built by: [email protected]
Built on: Thu 09 Dec 2021 03:18 UTC
Build UUID: cabfcd3a-b2a5-4c11-bfcd-b8d121a7d49f
Build commit ID: 77cc894fd83b40
Architecture: x86_64
Boot via: installed image
System type: bare metal
Hardware vendor: Dell Inc.
Hardware model: OptiPlex 7010
Hardware S/N: 20N2NW1
Hardware UUID: 4c4c4544-0030-4e10-8032-b2c04f4e5731
Copyright: VyOS maintainers and contributors
[edit]
vyos@vyos#
thanks
In this example:
vyos@vyos# run show config comm | grep pol
set interfaces ethernet eth0 traffic-policy out 'ABC'
set traffic-policy shaper ABC bandwidth '100mbit'
set traffic-policy shaper ABC class 10 bandwidth '2%'
set traffic-policy shaper ABC class 10 match HOST-2M ip source address '203.0.113.2/32'
set traffic-policy shaper ABC class 10 queue-type 'fq-codel'
set traffic-policy shaper ABC default bandwidth '20%'
set traffic-policy shaper ABC default ceiling '100%'
set traffic-policy shaper ABC default priority '7'
set traffic-policy shaper ABC default queue-type 'fair-queue'
Results:
Simulation consists on 2 VyOS instance located on LAN, and traffic shaper should applied only to VyOS with IP 203.0.113.2/24, and connects to remote VyOS using monitor bandwidth tool for VyOS.
vyos@vyos# run monitor bandwidth-test initiate 198.51.100.2
------------------------------------------------------------
Client connecting to 198.51.100.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 3] local 203.0.113.2 port 58554 connected with 198.51.100.2 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-11.3 sec 2.62 MBytes 1.95 Mbits/sec
Filter was applied – Bandwidth 1.95 Mbits/sec
vyos@vyos:~$ monitor bandwidth-test initiate 198.51.100.2
------------------------------------------------------------
Client connecting to 198.51.100.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 3] local 203.0.113.3 port 53766 connected with 198.51.100.2 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 115 MBytes 96.4 Mbits/sec
Filter not applied – Bandwidth 96.4 Mbits/sec
thank you very much sir,
Sir as you said your WAN port is eth0 where you traffic policy is applied and i understood eth0 interface is connected is ISP ?
We could say so.
This was done in a virtual lab, simulating your case, so we could say eth0 is attached to ISP.
The idea in this scenario is that interface where traffic policy is applied, it’s supposed to be your “upstream” interface, where you want to apply shaper because of lack of bandwidth (this is at least what I simulated and think is your case)
Thank you very much it works now . as you told me i put the rues in WAN . sir i would like to request you to send me limiter example too. and which interface i need to apply the rules
Best regards,
Arun Tamrakar
Nepal
Here is an example on limiter.
set traffic-policy limiter ISP-IN class 10 bandwidth '10mbit'
set traffic-policy limiter ISP-IN class 10 burst '2mbit'
set traffic-policy limiter ISP-IN class 10 match 10M-IN description 'Download 10M'
set traffic-policy limiter ISP-IN class 10 match 10M-IN ip destination address '203.0.113.2/32'
set traffic-policy limiter ISP-IN default bandwidth '200mbit'
set interfaces ethernet eth0 traffic-policy in 'ISP-IN'
Please, refer to our traffic-policy docs if needed
thank you and it works now. there was wrong config of default burst . i have put it 15k . how can we find how much burst need to be applied ?
thanks
sir,
would you mind to help me to set the traffic in network 192.168.0.0/24 and each ip should have 10mb ,
we do it in mikrotik by PCQ ( per connection queue )