No more static IPs
Geoffrey S. Mendelson
yellowdog-general@lists.terrasoftsolutions.com
Thu Feb 19 15:45:02 2004
Bryan D. Brown wrote:
> Hello, everyone:
>
> I recently set up DHCP to assign IP's based on hardware address.
> However, it seems that some folks on our network are still using
> static IP assignments, something I would like to put an eand to for a
> number of reasons (we have a few computers that obtained their own
> IPs by looking at the computers around them and trying one until it
> took).
>
> Is there a way to do this without using iptables. I have tried
> assigning all non-used IPs to pretend machines, but this hasn't
> solved the problem.
IMHO the best thing to is to let them run with those IPs, but use
QOS routing to slow them down. For example, I'm including a copy of a shell
script that I use to keep downloaders from hogging the network.
It came from a script called wondershaper which was set up to control
upload speeds.
These guys can run forever and wonder why their network is so sloooow. :-)
Geoff.
---------------------------------------------------------------------------
#!/bin/bash
DEV=eth0
VERY_LOW_BANDWIDTH_HOSTS=192.168.1.21
LOW_BANDWIDTH_HOSTS=
MED_BANDWIDTH_HOSTS=
HIGH_BANDWIDTH_HOSTS=192.168.1.22
TOP_BANDWIDTH_HOSTS="192.168.1.41 192.168.1.42"
if [ "$1" = "status" ]
then
tc -s qdisc ls dev $DEV
tc -s class ls dev $DEV
exit
fi
# clean existing down- and uplink qdiscs, hide errors
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
if [ "$1" = "stop" ]
then
exit
fi
tc qdisc add dev $DEV root handle 3: cbq avpkt 1000 bandwidth 100mbit
#
# The best limit to voip, etc.
#
tc class add dev $DEV parent 3: classid 3:1 cbq rate 100mbit bandwidth 100mbit \
allot 1600 prio 1 bounded
#
# For everyone else.
#
tc class add dev $DEV parent 3: classid 3:2 cbq rate 100mbit bandwidth 100mbit \
allot 1600 prio 2 bounded
#
# On the floor, don't loose them, just send sloooowly.
#
tc class add dev $DEV parent 3: classid 3:7 cbq rate 16kbit bandwidth 16kbit \
allot 1600 prio 7 bounded isolated
#
# As low as we want to go, too slow for streaming.
#
tc class add dev $DEV parent 3: classid 3:6 cbq rate 32kbit bandwidth 32kbit \
allot 1600 prio 6 bounded
#
# Not bad, similar to ISDN, same limit as upload.
#
tc class add dev $DEV parent 3: classid 3:5 cbq rate 128kbit bandwidth 128kbit \
allot 1600 prio 5 bounded
#
# Pretty good, but not a hog.
#
tc class add dev $DEV parent 3: classid 3:4 cbq rate 256kbit bandwidth 256kbit \
allot 1600 prio 4 bounded
#
# Almost the top.
#
tc class add dev $DEV parent 3: classid 3:3 cbq rate 512kbit bandwidth 512kbit \
allot 1600 prio 3 bounded
for a in $VERY_LOW_BANDWIDTH_HOSTS
do
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 32kbps burst 32k peakrate 32kbps avrate 32kbps \
mtu 1500 continue flowid 3:6 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 32kbps burst 32k peakrate 32kbps avrate 32kbps \
mtu 1500 continue flowid 3:6 match ip src $a
tc filter add dev $DEV parent 3: protocol ip prio 6 u32 \
police rate 16kbps burst 16k peakrate 16kbps avrate 16kbps \
mtu 1500 drop flowid 3:7 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 6 u32 \
police rate 16kbps burst 16k peakrate 16kbps avrate 16kbps \
mtu 1500 drop flowid 3:7 match ip src $a
done
for a in $LOW_BANDWIDTH_HOSTS
do
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 128kbps burst 16k peakrate 128kbps avrate 128kbps \
mtu 1500 continue flowid 3:5 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 128kbps burst 16k peakrate 128kbps avrate 128kbps \
mtu 1500 continue flowid 3:5 match ip src $a
tc filter add dev $DEV parent 3: protocol ip prio 6 u32 \
police rate 32kbps burst 32k peakrate 32kbps avrate 32kbps \
mtu 1500 continue flowid 3:6 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 6 u32 \
police rate 32kbps burst 32k peakrate 32kbps avrate 32kbps \
mtu 1500 continue flowid 3:6 match ip src $a
done
for a in $MED_BANDWIDTH_HOSTS
do
tc filter add dev $DEV parent 3: protocol ip prio 4 u32 \
police rate 256kbps burst 16k peakrate 256kbps avrate 256kbps \
mtu 1500 continue flowid 3:4 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 4 u32 \
police rate 256kbps burst 16k peakrate 256kbps avrate 256kbps \
mtu 1500 continue flowid 3:4 match ip src $a
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 128kbps burst 16k peakrate 128kbps avrate 128kbps \
mtu 1500 continue flowid 3:5 match ip dst $a
tc filter add dev $DEV parent 3: protocol ip prio 5 u32 \
police rate 128kbps burst 16k peakrate 128kbps avrate 128kbps \
mtu 1500 continue flowid 3:5 match ip src $a
done
for a in $HIGH_BANDWIDTH_HOSTS
do
tc filter add dev $DEV parent 3: prio 2 protocol ip \
u32 match ip src $a flowid 3:2
tc filter add dev $DEV parent 3: prio 2 protocol ip \
u32 match ip dst $a flowid 3:2
done
for a in $TOP_BANDWIDTH_HOSTS
do
tc filter add dev $DEV parent 3: protocol ip prio 1 u32 \
match ip dst $a flowid 3:1
done
#
# Unamed hosts get good performance.
#
tc filter add dev $DEV parent 3: protocol ip prio 7 u32 \
police rate 512kbps burst 16k peakrate 512kbps avrate 512kbps \
mtu 1500 continue flowid 3:3 match ip dst 0.0.0.0/0
tc filter add dev $DEV parent 3: protocol ip prio 7 u32 \
police rate 512kbps burst 16k peakrate 512kbps avrate 512kbps \
mtu 1500 continue flowid 3:3 match ip src 0.0.0.0/0
tc filter add dev $DEV parent 3: protocol ip prio 8 u32 \
police rate 256kbps burst 16k peakrate 256kbps avrate 256kbps \
mtu 1500 continue flowid 3:4 match ip dst 0.0.0.0/0
tc filter add dev $DEV parent 3: protocol ip prio 8 u32 \
police rate 256kbps burst 16k peakrate 256kbps avrate 256kbps \
mtu 1500 continue flowid 3:4 match ip src 0.0.0.0/0
--------------------------------------------------------------------------
--
Geoffrey S. Mendelson gsm@mendelson.com 972-54-608-069
Icq/AIM Uin: 2661079 MSN IM: geoffrey_mendelson@hotmail.com (Not for email)