Vyos per ip bandwidth limiting

General questions
9

In this example:

  • eth0 is my WAN interface, where traffic-policy shaper is applied. for outbound traffic.
  • I define global bandwidth, and use percentage on class shaper.
  • LAN network: 203.0.113.0/24, and filter applied only to 203.0.113.2/32
vyos@vyos# run show config comm | grep pol
set interfaces ethernet eth0 traffic-policy out 'ABC'
set traffic-policy shaper ABC bandwidth '100mbit'
set traffic-policy shaper ABC class 10 bandwidth '2%'
set traffic-policy shaper ABC class 10 match HOST-2M ip source address '203.0.113.2/32'
set traffic-policy shaper ABC class 10 queue-type 'fq-codel'
set traffic-policy shaper ABC default bandwidth '20%'
set traffic-policy shaper ABC default ceiling '100%'
set traffic-policy shaper ABC default priority '7'
set traffic-policy shaper ABC default queue-type 'fair-queue'

Results:
Simulation consists on 2 VyOS instance located on LAN, and traffic shaper should applied only to VyOS with IP 203.0.113.2/24, and connects to remote VyOS using monitor bandwidth tool for VyOS.

  • First test: bandwidth test from host 203.0.113.2 (VyOS instance) to remote instance, where filter should be applied:
vyos@vyos# run monitor bandwidth-test initiate 198.51.100.2
------------------------------------------------------------
Client connecting to 198.51.100.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 203.0.113.2 port 58554 connected with 198.51.100.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-11.3 sec  2.62 MBytes  1.95 Mbits/sec

Filter was applied – Bandwidth 1.95 Mbits/sec

  • Second test: bandwidth test from host 203.0.113.3 (VyOS instance) to remote instance, where filter should not be applied:
vyos@vyos:~$ monitor bandwidth-test initiate 198.51.100.2
------------------------------------------------------------
Client connecting to 198.51.100.2, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[  3] local 203.0.113.3 port 53766 connected with 198.51.100.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   115 MBytes  96.4 Mbits/sec

Filter not applied – Bandwidth 96.4 Mbits/sec