Simple bandwidth with exception management using cbq.init on Linux

In hotspot we got Mikrotik to handle bandwidth for every users. But Mikrotik only a box to handle client that connect to our network through wireless hotspot. We have main router installed with Linux (Centos 6.3) and also installed with several services such as web and MySql database server which is also a router for the hotspot.

We have to admit that Mikrotik it a great tool to deal with traffic, but Linux is better in serving various internet services. The problem is that our Linux box also is a main router for other users including Mikrotik hotspot that connect through LAN cable. Those users need high bandwidth for accessing local services in our network but will be be treated as other hotspot user if they want to access to internet.


Somehow we can't find any tutorials and examples around, so we want to share a simple rules we've created to managed bandwidth with cbq.init, which will managing high bandwidth for local or specific address while also limiting access to internet. Here it is:

Unlimited bandwidth to specific services or addresses

We created 4 cbq files in /etc/sysconfig/cbq which consists of :

cbq-0002.xxxx
cbq-0003.xxxx
cbq-0004.xxxx
cbq-0005.xxxx



The first two files (cbq-0002.xxxx and cbq-0003.xxxx) are created with high priority. This files is needed to give high bandwidth allocation for local or specific address. cbq-0002.xxx controlling unlimited download for specific address on local network devices, in this case eth2 (eth1 is device that connect to internet, eth2 connect to local network).

DEVICE=eth2,1000Mbit,100Mbit
RATE=1000Mbit
WEIGHT=100Mbit
PEAK=1000Mbit
LEAF=sfq
QUANTUM=1500
PRIO=1
ISOLATED=no
RULE = 192.168.32.0/24, #download from a specific network
RULE = 203.24.50.15, #download from a specific address
RULE = 10.10.8.0/24,10.10.8.0/24 #download from local to local


cbq-0003.xxx controlling unlimited upload traffic to specific address on internet devices.

DEVICE=eth1,1000Mbit,100Mbit
RATE=1000Mbit
WEIGHT=100Mbit
PEAK=1000Mbit
LEAF=sfq
QUANTUM=1500
PRIO=1
ISOLATED=no
RULE = 10.10.8.0/24,192.168.32.0/24 #upload to specific network
RULE = 10.10.8.0/24,203.24.50.15 #upload to specific address


As you can see, both files using highest priority (PRIO=1), which will give high access to only specified address provided on RULE on the file.

Limit for several users to other than exception address

cbq-0004.xxxx and cbq-0005.xxxx contain of bandwidth limiting rules with lower priority (PRIO=8) for specific users. cbq-0004.xxxx controlling download for local devices, all users provided in this rule will be limited to up-to 1Mbit download to internet,

DEVICE=eth2,1000Mbit,100Mbit
RATE=1Mbit
WEIGHT=100Kbit
PEAK=1Mbit
LEAF=sfq
QUANTUM=1500
PRIO=8
ISOLATED=no
RULE = 10.10.8.1
RULE = 10.10.8.2
RULE = 10.10.8.3
RULE = 10.10.8.4
RULE = 10.10.8.5


And cbq-0005.xxxx controlling upload for internet devices, all users will be limited to up-to 1Mbit upload to internet.

DEVICE=eth1,1000Mbit,100Mbit
RATE=1Mbit
WEIGHT=100Kbit
PEAK=1Mbit
LEAF=sfq
QUANTUM=1500
PRIO=8
ISOLATED=no
RULE = 10.10.8.1,
RULE = 10.10.8.2,
RULE = 10.10.8.3,
RULE = 10.10.8.4,
RULE = 10.10.8.5,



I hope this would helpful for peoples who still want to use cbq.init in their Linux box, although peoples said that htb.init is better than cbq.init, but for us those scripts are enough already.