Update: It seems I’ve created a monster. I’ve had my first two Google searchers arrive on this blog entry searching for “limit roomate downloading” and “netgear limit roomate”. Well after years of experimenting with QoS this is the best method I’ve found to do exactly that, so enjoy.
For part of the year I’m on a rural wifi network that, on a good day, gives me 3 megabits per second download speed and 700kbps upload speed. I’ve tried multiple rural providers, had them rip out their equipment because of the packet loss (that means you Skybeam), I’ve shouted at Qwest to upgrade the local exchange so we can get DSL, but for now I’m completely and utterly stuck on a 3 megabits downlink using Mile High Internet.
I have an occasional room-mate, my nephew, who downloads movies on iTunes and it uses about 1.5 to 3 megabits. I’ve tried configuring quality of service (QoS) on various routers including Netgear and Linksys/Cisco and the problem is that I need a zero latency connection for my SSH sessions to my servers. So while QoS might be great if everyone’s using non-realtime services like iTunes downloads and web browsing, when you are using SSH or a VoIP product like Skype, it really sucks when someone is hogging the bandwidth.
The problem arises because of the way most streaming movie players download movies. They don’t just do it using a smooth 1 megabit stream. They’ll suck down as much as your connection allows, buffer it and then use very little bandwidth for a few seconds, and then hog the entire connection again. If you are using SSH and you hit a key, it takes a while for the router to say: “Oh, you wanted some bandwidth, ok fine let me put this guy on hold. There. Now what did you want from me again? Hey you still there? Oh you just wanted one real-time keystroke. And now you’re gone. OK I guess I’ll let the other guy with a lower priority hog the bandwidth again until you hit another keystroke.”
So the trick, if you want to effectively deal with the movie downloading room-mate is to limit the amount of bandwidth they can use. That way netflix, iTunes, youtube, amazon unbox or any other streaming service has to use a constant 1 megabit rather than bursting to 3 megabits and then dropping to zero – and you always have some bandwidth available without having to wait for the router to do it’s QoS thing.
Here’s how you do it.
First install DD-WRT firmware on your router. I use a Netgear WNDR3300 router and after using various Linksys/Cisco routers I swear by this one. It has two built in radios so you can create two wireless networks, one on 2Ghz and one of 5Ghz. It’s also fast and works 100% reliably.
Then look up your router on dd-wrt’s site and download DD-WRT for your router and install it. I use version “DD-WRT v24-sp2 (10/10/09) std – build 13064″. There are newer builds available, but when I wrote this this was the recommended version.
Once you’re all set up and you have your basic wireless network with DD-WRT, make sure you disable QoS (it’s disabled by default).
Then configure SSH on DD-WRT. It’s a two step process. First you have to click the “Services” tab and enable SSHd. Then you have to click the Administration tab and enable SSH remote management.
Only the paid version of DD-WRT supports per user bandwidth limits, but I’m going to show you how to do it free with a few shell commands. I actually tried to buy the paid version of DD-WRT to do this, but their site is confusing and I couldn’t get confirmation they actually support this feature. So perhaps the author can clarify in a comment.
Because you’re going to enter shell commands, I recommend adding a public key for password-less authentication when you log in to DD-WRT. It’s on the same DD-WRT page where you enabled the SSHd.
Tip: Remember that with DD-WRT, you have to “Save” any config changes you make and then “Apply settings”. Also DD-WRT gets confused sometimes when you make a lot of changes, so just reboot after saving and it’ll unconfuse itself.
Now that you have SSHd set up, remote ssh login enabled and hopefully your public ssh keys all set up, here’s what you do.
SSH to your router IP address:
ssh root@192.168.1.1
Enter password.
Type “ifconfig” and check which interface your router has configured as your internal default gateway. The IP address is often 192.168.1.1. The interface is usually “br0″.
Lets assume it’s br0.
Enter the following command which clears all traffic control settings on interface br0:
tc qdisc del dev br0 root
Then enter the following:
tc qdisc add dev br0 root handle 1: cbq \
avpkt 1000 bandwidth 2mbit
tc class add dev br0 parent 1: classid 1:1 cbq \
rate 700kbit allot 1500 prio 5 bounded isolated
tc filter add dev br0 parent 1: protocol ip \
prio 16 u32 match ip dst 192.168.1.133 flowid 1:1
tc filter add dev br0 parent 1: protocol ip \
prio 16 u32 match ip src 192.168.1.133 flowid 1:1
These commands will rate limit the IP address 192.168.1.133 to 700 kilobits per second.
If you’ve set up automatic authentication and you’re running OS X, here’s a perl script that will do all this for you:
#!/usr/bin/perl
my $ip = $ARGV[0];
my $rate = $ARGV[1];
$ip =~ m/^\d+\.\d+\.\d+\.\d+$/ &&
$rate =~ m/^\d+$/ ||
die “Usage: ratelimit.pl\n”;
$rate = $rate . ‘kbit’;
print `ssh root\@192.168.1.1 “tc qdisc del dev br0 root”`;
print `ssh root\@192.168.1.1 “tc qdisc add dev br0 root handle 1: cbq avpkt 1000 bandwidth 2mbit ; tc class add dev br0 parent 1: classid 1:1 cbq rate $rate allot 1500 prio 5 bounded isolated ; tc filter add dev br0 parent 1: protocol ip prio 16 u32 match ip dst $ip flowid 1:1 ; tc filter add dev br0 parent 1: protocol ip prio 16 u32 match ip src $ip flowid 1:1″`;
You’ll see a few responses for DD-WRT when you run the script and might see an error about a file missing but that’s just because you tried to delete a rule on interface br0 that might not have existed when the script starts.
These rules put a hard limit on how much bandwidth an IP address can use. What you’ll find is that even if you rate limit your room mate to 1 megabit, as long as you have 500 kbit all to yourself, your SSH sessions will have absolutely no latency, Skype will not stutter, and life will be good again. I’ve tried many different configurations with various QoS products and have not ever achieved results as good as I’ve gotten with these rules.
Notes: I’ve configured the rules on the internal interface even though most QoS rules are generally configured on an external interface because it’s the only thing that really really seems to work. The Cisco engineers among you may disagree, but go try it yourself before you comment. I’m using the Linux ‘tc’ command and the man page is here.
PS: If you are looking for a great router to install DD-WRT on, try the Cisco-Linksys E3200. It has a ton of RAM and the CPU is actually faster at 500 MHz than the E4200 which is more expensive and only has a 480 MHz CPU. It also is the cheapest Gigabit Ethernet E series router that Cisco-Linksys offers. Here is the Cisco-Linksys E3200′s full specs on DD-WRT’s site. The E3200 is fully DD-WRT compatible but if you are lazy and don’t want to mess with DD-WRT, check out the built in QoS (Quality of Service) that the E3200 has built in on this video.
With havin so much content and articles do you ever run into any problems
of plagorism or copyright infringement? My website has a lot of unique content I’ve either authored myself or outsourced but it looks like a lot of it is popping it up all over the internet without my permission. Do you know any ways to help reduce content from being stolen? I’d really appreciate
it.
The long term of casino play
In 2011, a lot more than four hundred million units of PDAs had been offered on to every component of the earth, especially [url=http://casino-play.ca]http://casino-play.ca/[/url]. The compact earth is wastefully creating the advancement to progressed units and with this comes much more than ample factors to think about positing that you are a enterprise holder. A companionship hunting to penetrate an impacting business could in addition to in this way get a gander at how the sum of telephones out there can support them broaden their acquaintanceship’s popularity.
Betting joints for instance have widened their procedure online considering that the Web provides a track for them to attain thousands and thousands of likely players. It might henceforth not be amazing if clubhouse affiliations are presently modifying to just take over the telephone gaming viewpoint. Clearly, we are even now considerably far from opportunity to occur when countless numbers if not millions can get a kick out of the identical gaming expertise they have today web making use of hardly their PDAs when actively playing casino online games.
Nowadays, there are beginning not prolonged in the past diversions that gamers can perform on their telephones for sincere to goodness funds. Clearly, the beforehand stated will not match the conspicuousness of chancing joint amusements performed on desktop and PCs. Headway is nearly dependably produced notwithstanding and even with the exams established up, the pace of enhancing entertainments for PDAs has been snatching in the previous handful of quarters.
A single of the most excellent considerations for progressing delightments for phones is that originators of the formerly said adaptable phones have their specific blueprint. This routines fashioners need to have to contemplate truly the way that they are making a preoccupation that can and ought to be performed in a jumbled sack of display screen dimensions and dedication. Certainly with awesome redirections, the sum of exclusive monitor dimensions is making it essentially demanding to arrangement an enjoyment that may possibly be regulated by all progressed cells.
A distinctive worry is protection. With hundreds of thousands of phones hitting the enterprise each and every 12 months, malware makers have additionally goes up their entertainment and have organized contaminations to concentrate on phones. The better part of phones utilized these days do not even have the most essentials of threatening to contamination contraptions developed producing them simple selecting for hackers.
Authorized that the avant-garde phones we have today in the business are progressively healthier the extent that presentation stood out from phones of yesteryears, the predominant component of them are nevertheless not nevertheless up to the degree may have been quick to engage in club redirections.
The mobile mobile phone business be that as it may possibly is creating development at a breakneck pace. Operating schemas and gear have been enhanced and will just be upgraded propelling. This might discard colossal amounts of the reroutes that demolish clubhouse from supplying their redirections to the more stupendous component of PDA buyers.
for more, checks out [url=http://casino-play.ca]casino[/url]
You can surely view the expertise in the work anyone create. The globe hope pertaining to a lot more excited internet writers for instance anyone that may not be worried to state that they imagine. Continually chase the heart.
What a super website! to very much info and a quite short life hehehehe keep it up, great deliver the results
Sir i am in a hostel. our wifi is hacked by one of our colleague. only his laptop has wifi connectivity 24*7. I am not able to connect. i think he has hacked our wifi for sure. please help me i am in deep trouble
Try net cut utility. U can identify his IP address and MAC too and prevent him from disconnecting you from the network.
Or you can plug in to the router directly via ethernet and change the security settings to WPA2 creating a network key using letters numbers and a character or two. Your colleague will need a super computer to break the password even if he already has a large database created. Remember you can have up to 63 characters on a WPA2 password. If you don’t know how to do this look up your router’s model number and default router login instructions.
Tremendous issues here. I’m very happy to look your post. Thank you a lot and I am looking forward to touch you. Will you please drop me a mail?
I’m curious to find out what blog system you have been working with? I’m experiencing some minor security issues with
my latest blog and I’d like to find something more safeguarded. Do you have any recommendations?
OK, I’ve run the tc commands and the router didn’t snivel, so maybe it’ll work.
What sort of tc command can I run to check that the commands have ‘taken’, so I can be sure that my brother-in-law will be bandwidth limited when he stream sports channels when he visits us, please?
Jim
Excellent tutorial, which after I’ve digested it will probably do just what I’m looking for. Many thanks Mark!
Just one aside: I’ve printed the man page for tc and have to say that whilst I have some experience with Linux, the tc command seems pretty opaque!
I am running a cyber cafe with 10 computers, DIR 615 dlink router and a wimax MODEM for internet. All the computers are connected to the router through wirelless cards. How can I limit the download and upload bandwith through my rouuter? THANKS in advance.
Follow the above instructions, or hire someone to configure it.
Is there a way this could be done if my dd-wrt firmware router doesn’t have an SSHD command to turn on but only a telnet command? Can these commands be done through telnet?
Hey, nice tutorial
I wish my Router supported it :/ My Italian room mate has been hogging the bandwidth for ages.
Ignore the stupid, arrogant haters in above posts
You sure know your stuff!
Thanks
Great info – thanks! No good deed goes unpunished – I have two questions. First, do you know how to apply the limit to the upload speed? Second, is there a line to remove the rule, aside from just increasing the limit?
Thanks again!
Just restore your router to default using reset button for 30 sec
What a surprise.
Author uses technical terms unknown to non-techies … And lo and behold, author runs a technology company.
What a surprise.
The title of this post promises “how to reliably limit the amount of bandwidth your roommate or bad office colleague uses”. Not “advanced networking for dummies”
Before we even get to the “technical” stuff it is apparent that this solution requires a Linux-based third party router firmware. (To be fair, anyone desiring any level of network control past ‘setting the wifi password’ NEEDS custom firmware, if not commercial-grade network hardware.)
I’m pretty sure anyone who has hacked a residential gateway router can get their head around some damn shell scripts. If that’s too much to ask, consider speaking with your bandwidth-hogging compatriot, THAT certainly doesn’t require a whole lot of technical skill …
I hate to sound rude to “non-techies”, but really? If someone offers FREE INFORMATION, YOU HAVE ONLY YOURSELF TO BLAME. LEARN TO GOOGLE, WIKI, AND READ BEFORE GETTING UPSET AT SOMEONE POSTING APROPOS TECHNICALLY SIMPLE KNOWLEDGE?”
Good information
It’s not even that technical, a subject like this requires a slightly techinical answer.
Have you considered instead of moaning about the lingo/jargo used. Actually Googling (that’s how you go here right) the lingo and consider reading. There is an ever increasing number of lazy people always wanting the quick solution with minimal learning. The author could not of made it any easier for you.
Thanks Mark, brilliant solution to quite a complex problem. I would ignore comments from the “sloth-like” people.
I accidentally posted prior to reading your post. Well said indeed. I tried to erase my old post as I hate posting with accidental grammatical &/or spelling errors.
It’s hard to excuse ignorance when so much free knowledge is available to those willing to look.
It’s sad to see comments where someone would post something so ignorant. How can someone explain a technical task to a person without the slightest foundation of technical knowledge?
Sadly, one day I foresee a world desperate for Google to wipe their butts and feed them. It’s bad enough that everyone has to have the newest $600 phone, only to complain about simple technical issues and demand that their provider “reimburse them for their time.” How much can 15 minutes cost from someone unable to READ THE INSTRUCTIONS or RESEARCH THE PROBLEM?
Oh… I just realized you’re a wordpress person…. never mind! What a waste of time!!!!!
You are a &^%$#@ idiot!!!!! I have DD-WRT on my router and I need to do this, but your explanation is impossible for a normal person to follow. Perl script? Shell? 192.168.1.133… awesome! If only my room mate used that IP addres! KISS MY A$$! You jerkoff!!!! How about a way for the rest of us to solve this problem without getting gun and shooting our room mates in the head!!!
twat
If only you could change the number when you type it in. You should design the next version of windows, as you clearly know a lot about usability testing.
Perhaps if you are so technically challenged that you can’t google to learn enough about using shell scripts to do what is described in the article you shouldn’t be screwing around with your router in the first place. But since you asked so politely for help I’m sure many here will jump at the chance to respond with detailed instructions. While we are at it maybe someone could come to your house and teach you how to tie your shoelaces….
Perhaps you could assist the author by writing a few billion individual tutorials, one for each IP that exists in the world. Thats definitely the easiest option isn’t it…..
Or perhaps, if you’re capable of installing custom firmware onto a router, you might actually be capable of reading a screen to find out your room mates IP address. Or even, get up and walk to his computer to find it out.
But I guess that’s probably too much effort for someone who can’t think for themselves.
I don’t know what’s worse, that these types of people exist, or that other people took this comment seriously…
Learn to read you illiterate app! Better yet, pay the money to have someone that isn’t tossed into a world of furious profanity and chest pounding when RIDICULOUSLY easy terminology is used!
It’s difficult for myself, and I’m certain I speak for the grand majority of persons making a living by creating devices and softwares with big shiny buttons and softwares and instructions purpusly written for the vast majority of Americans that have made education and articles mind numbingly simplistic with a literary rate of a 3rh grade child!
If you are unfamiliar and unwilling to learn such simple, rudimentary and fundamental terminologies and tools, I.E. PERL (A scripting language… sorry… a computer programming/scripting language executed… ehem… language that does stuff in a screen)… I can’t do continue speaking on idiot terms without being payed!
The only thing you deserve my foul mouthed peter, is a humbling beating… some color books on computer terminology that I learned as an 8 year old child WITHOUT THE INTERNET WE KNOW TODAY, because it mattered to me, and I am not ignorant enough, or lazy enough to cry and complain and insult persons that offered an extremely easy to follow means to circumvent a problem without having to pay for someone else to do it for them.
IF YOU NEED THIS THAT MUCH… PAY FOR IT YA IDIOT. DD-WRT’S $20 FIRMWARES CAN DO EXACTLY WHAT YOU’RE CRYING ABOUT NOT UNDERSTANDING! EVEN IF YOU DID THAT, I DOUBT YOU’D BE ABLE TO FIGURE IT OUT SINCE YOU’VE NEVER HEARD OF PERL SCRIPTING, LINUX SHELLS, IP ADDRESSES (HOW THE HELL DID YOU MANAGE TO INSTALL DD-WRT WITHOUT SOMEONE COMFORTING YOUR CHILDISH FRUSTRATIONS AND INABILITY TO CALMLY AND INTELLIGENTLY RESEARCH INSTALLING A 3RD PARTY FIRMWARE WITHOUT BRIKING YOUR UNIT OR BREAKING YOUR HAND PUNCHING THE WALLS IN FRUSTRATION.
Peter, you’re the perfect example of why humanity should be purged like an infectious vermine. To translate, your one of those many POS (ehem… piece of s**t) that would justify wiping out humanity.
Now how to introduce packet delays and the like? That would be cool to know.
HEY! CAN SOMEONE HELP ME! HOW CAN I DISABLE THIS LIMITATION, CAUSE MY BROTHER USED THIS “hogging of bandwidth”. I have DL SPEED of 400-2mb before but now it fell to 20kbps. Were sharing a Router…..
PLS HELP ME! im not that “techy” so EASY INSTRUCTIONS ARE VERY MUCH APPRECIATED!
THANKS IN ADVANCE!
Hi, nice tutorial! I have one question – since our line is asynch in that we have 4Mbps down and 512kbps up, how would I limit the down speed to700kbps and the up speed to 100 kbps?
Thanks again, cool article!
Would this also work for Tomato firmware?
I stumbled on your post and this is exactly what i am looking for. however, i can’t figure out
SSH to your router IP address:
ssh root@192.168.1.1
Enter password.
Type “ifconfig” and check which interface your router has configured as your internal default gateway. The IP address is often 192.168.1.1. The interface is usually “br0″.
How do i get there? I set up my private key and can connect thru WinSCP following the dd-wrt wiki.
I’m stuck on the same thing – how do I “ssh to my router”?
Google “putty.exe”. The first link should place you right on the download page. Free ssh client.
hi
i have DIR-615(Dlink) and loaded DD-WTR for it.
i limited bandwidth with tc commands but
cleared all limitation when i turn off router
Hi Ali Reza,
Mind sharing with me on how you do it?
thanks
Hi Reza, mind share the configuration step to me? tq
Pingback: limit bandwidth by norty - TribalWar Forums
hiii in my hostel someone is hacking the speed of wifi and his speed is of 1mbps but here in my laptop it is only 3 kbps .. plz help me what to do .. m cnfused
should i use any software..
or can anybody tell me what is that guy using and what is he doing … plz help me
Great idea ! i would like to ask something more.
In my situation , i am in quite identical to yours, i have a 2 gig avalability at my laptop from a 30 gig at the model from the service provider. So i don’t ask help for that aspect, nothing can be done, already tryed. What i am concernng about is there is only one ”cvlient” me, but i have a constant 3 other pc that use my bandwith limit for free. ( it is accepted that way ) But my problem is that i have a limited bandwith download after what i have a penality fee by each gig over what make an expensive fine by the end of the month. Guess WHAT ? nobody take exess bandwith lolll ! so as i can’t see what every one use as programme and download, i don’t want to slowdown them but to install a ”filtering download bandwith limit for EACH one i add on my network ( under my rooter..dd-wrt linksys modelwrt54G/GL/GS.) Is there a setting or a command lines that would settle me for that ? That way, what ever or when ever they use the bandwith,when reached their each specified limit, their connection will be stop until the next paramater. ( ex: 500mb/day or 3 gig a week or 12 gig / month ) I would b able to have a better control of the bandwith regardless of anybody use,just by the mac adress download limit. Thank’s a lot
Notify me if something is confusing in my explanation
sorry to bother you, i was trying to do the same but with a liksys wrt54g2 but all i get is:
root@DD-WRT:~# tc qdisc del dev br0 root
RTNETLINK answers: No such file or directory
root@DD-WRT:~# tc qdisc add dev br0 root handle 1: cbq \
> avpkt 1000 bandwidth 6mbit
RTNETLINK answers: Invalid argument
root@DD-WRT:~# tc class add dev br0 parent 1: classid 1:1 cbq \
> rate 700kbit allot 1500 prio 5 bounded isolated
RTNETLINK answers: No such file or directory
root@DD-WRT:~# tc filter add dev br0 parent 1: protocol ip \
> prio 16 u32 match ip dst 192.168.1.249 flowid 1:1
RTNETLINK answers: Invalid argument
root@DD-WRT:~# tc filter add dev br0 parent 1: protocol ip \
> prio 16 u32 match ip src 192.168.1.249 flowid 1:1
RTNETLINK answers: Invalid argument
any ideas?
thanks in advance
What operating system are you running?
If I want to do this for a handful of different ips that are not in any particular range, is that possible?
Nice article, exactly what I’m looking for, except I am having a problem with step 2:
root@DD-WRT:~# tc class add dev br0 parent 1: classid 1:1 cbq \
> rate 1kbit allot 1500 prio 5 bounded isolated
RTNETLINK answers: No such file or directory
root@DD-WRT:~#
Anyone have any suggestions?
Oh duh, you mention that error and that I can ignore it. Reading: how does it work? =)
Is there a way this could be done if my dd-wrt firmware router doesn’t have an SSHD command to turn on but only a telnet command? Can these commands be done through telnet? It’s a Linksys wrt54g.
Thanks.
I was using the micro version of the firmware, which doesn’t have SSH. If you use the “standard” one, you’ll get SSH. However, telnet will work fine to enter the commands.
Yeah: Micro. Kind of stymied…
My situation resembles your hypothetical one as:
I’ve got a 200′ ethernet cable from my up-the-hill landlord’s Qwest modem, going into my wireless router (running “Firmware: DD-WRT v24-sp2 (10/10/09) micro”) and, precisely as you described, my Netflix viewing habits have got on my landlord’s nerves, and I am convinced that I need to place a limit on how much of my landlord’s bandwidth I draw away from him: After all, he is the one paying for the internet service, so if I am hogging bandwidth, I am being a bad tenant–which self-respecting no tenant wants to do.
Any help here would be appreciated.
actually this information is useful for me but i want to restrict all user who connect with my router in my office so who to do this for all user
please give me solution
as soon as possible it’s argent
Perhaps you can tell us what each line of command means. I like to know what I’m doing. Also what if I am using a 15 Mbps internet connection. Will the commands be different? Lastly, how can I undo this. Thanks.
Hi
Great tutorial. It seems like it is exactly what I have been looking for….however, beeing a newbie in this field, I need a little more guidance to get all the way home.
quote: ” Because you’re going to enter shell commands, I recommend adding a public key for password-less authentication when you log in to DD-WRT.”
How do I add a public key?
Hi, Need a solution:-
I have a belkin router in my home, my room mate have limited my bandwidth allocation, how can i reset the same. and get the access to the full bandwidth?
Thank you in advance
This post is spot-on, thanks for putting it up. Does exactly what I needed, is simple to deploy, and does not waste time with books of documentation (no patience for that when you need something effective and simple).
Question, somewhat related. Once you have your rate limit on, do you see a data flow reduction in results coming out of rFlow from your DD-WRT device? I see no difference in mine, though I know the rate limiter works. I suspect that the problem is that rFlow does not report P2P sessions (maybe because they are always on and don’t end?) I have 1 MB/sec download going to a wireless client on my network but this traffic is not shown when using NetFlow analysis tools like Scrutinize. I tried several different monitoring tools. If you have an idea of what’s going on, would be interesting to know.
Cheers, good work.
This is GREAT!!! The only problem I have is doing it by IP address since it’s normally assigned dynamically. My son’s computer is normally the bandwidth hog since he’s streaming movies and conducting internet life on a near 24/7 basis. I’ve gone so far as to create a separate wireless network for him and allow him to connect *only* to that WiFi network. I configured rules to prevent his network from being able to see any of the other networks so have essentially carved out a network that he and his friends can connect to. I’d *really* (emphasis on REALLY) love to be able to limit this network to a certain amount of bandwidth. (Think of it as a guest network per se.) If that isn’t possible, perhaps limiting by MAC address would be the second best option. I can’t tell you how many times my network has gone to a crawl (SSH sessions disconnecting, all hell breaking loose) because one of his friends comes over and is running a P2P program that sucks all the available bandwidth. I have 24Mbps download and 6Mbps upload on a pretty consistent basis so my network rocks – it just gets abused…
I’ve created a restriction policy and put it in place based on MAC address. I add his friends computers and apply the setting. BOOM! Internet is back to stable for me and there’s weeping and wailing coming from his bedroom. I hate to completely cut him off so just limiting him to 1-2Mbps would be ideal.
Please let me know if you can think of anyway to achieve this great feat!
Thanks!
Yes you can limit it by making a different segment for him. For example, if your complete network is 192.168.1./24 like the examples given, you can set static IPs in the dhcp server of the router within the trusted range of 192.168.1.2-127, and then set the dhcp dynamic range to 128+
Then in the tc filter commands, use 192.168.1.128/25 instead of a specific IP address. That is shorthand for 192.168.1.128 with a netmask of 255.255.255.128. That makes all IPs 128 and above restricted to the limit set. And since that is the dynamic range given by the dhcp server, only trusted devices you assign IPs below 128 will not be subject to the limit. You can get fancy and add multiple limits, using 1:2 instead of 1:1 as well.
Hello. I am about to buy a Netgear WNDR3300 router to apply this guide.
My goal is to limit the bandwidth use of an Ipod touch and a PC connected wirelessly to my current router.
My network also assigns random IP addresses to each device. I want to use your method to create two divisions of IPs in the DHCP server to help me set apart throttled devices from restriction-free ones.
Could you explain with a bit more detail how to create these “groups” and how do I assign static IPs to restriction-free devices?
I want to understand how this is going to work before I buy the router.
Thanks!!
Look at setting up Vlans. Then apply the above to the Vlan you want. EX: Vlan1 is 192.168.2.x and Vlan3 is 192.168.3.x
DD WRT has a function that allows the DHCP server to always issue a specific PC with the same IP address dynamically. This is done by associating a MAC address with a static IP lease. This can be set under the Services tab > DHCP Server > Static Leases. You put in the MAC address and the desired IP address (which should be out of range of the DHCP server) and that IP will automatically be assigned to that a specific PC whenever it connects.
This would then allow you to follow Mark’s instructions above.