Routing and bandwidth problem

Tobias Speckbacher tobias at quova.com
Wed May 5 03:19:28 UTC 2004


http://lartc.org/howto/
 
enjoy

	-----Original Message----- 
	From: redhat-list-bounces at redhat.com on behalf of Rodolfo J. Paiz 
	Sent: Tue 5/4/2004 7:36 PM 
	To: fedora-list at redhat.com; redhat-list at redhat.com 
	Cc: 
	Subject: Routing and bandwidth problem
	
	

	Hey...
	
	I have no idea of which FM to R here, so I will happily accept pointers to
	good documentation and HOWTO documents. Any other help is also welcome, as
	I will need to solve this problem very soon. The problem is this:
	
	My small business is one of four tenants in a small building. The other
	three have agreed to allow me to buy one big connection and then resell
	service to them, such that they get a better price and I get to subsidize
	my own Internet service. However, while I *could* set this up quickly
	without any controls, they each want different service levels and amounts
	of bandwidth and will be paying different prices, so I want to do this
	properly.
	
	The firewall/gateway will run Fedora Core 1. I think I need *five* Ethernet
	adapters in the server (eth0 to the ISP, and eth1-eth4 to the four tenants)
	so that each client is properly isolated into their own network and cannot
	access the other clients' computers. If there is a way to do this securely
	and safely without a gaggle of Ethernet cards, please do tell! I can think
	of doing this with 801.2q VLAN tagging, but that requires a managed switch
	which is far more expensive. It seems to me that multiple Ethernet cards
	are the simplest *and* cheapest way to do it.
	
	I know how to provide masquerading, firewall, gateway, DNS, DHCP, NTP, and
	other services. What I don't know how to do is the following:
	
	         1. Required: Limit the total bandwidth a client can use to either
	128 Kbps or 256 Kbps.
	
	         2. Optional: Allow each client to exceed their limit if no one
	else is using the space. That is, a customer who stays late when all other
	offices are gone for the night, or someone who gets lucky that no one else
	is using the Net at that particular moment, could get access to the entire
	Internet connection (say, 512 Kbps). But if everyone is using the bandwidth
	simultaneously, then each would get their fair share (what they paid for
	and I provide, proportionately).
	
	         3. Optional: Even though traffic *through* the server (client
	connecting to Internet) should be throttled and limited, it would be ideal
	for traffic *to* the server (client connecting to the firewall) to have
	full 100 Mbps link speed. This would allow me to download the FC2 ISO
	images to the server at night, for example, and then let clients grab them
	at 100 Mbps over the internal network instead of having that internal
	download also throttled to 256 Kbps.
	
	         4. Optional: Provide each tenant with an FTP-served directory on
	the server which can *only* be accessed from their network. So if they pull
	down the confidential something or their wife's nude pictures, other
	tenants cannot get at that information.
	
	Can someone offer some hints, pointers, suggestions, or magic beans?
	
	Thanks in advance!
	
	
	--
	Rodolfo J. Paiz
	rpaiz at simpaticus.com
	http://www.simpaticus.com
	
	
	--
	redhat-list mailing list
	unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
	https://www.redhat.com/mailman/listinfo/redhat-list
	

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 6718 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-list/attachments/20040504/28b13303/attachment.bin>


More information about the redhat-list mailing list