Changes

Jump to: navigation, search

Traffic shaping with tc

316 bytes added, 13:10, 16 June 2006
no edit summary
tc filter add dev $DEV parent 1: protocol ip prio 20 u32 match u32 1 0x0000 police rate 2kbit buffer 10k drop flowid :1
</pre>
 
== Limiting packages per second rate from VE ==
To prevent dos atacks from the VE you can limit packages per second rate using iptables.
<pre>
DEV=eth0
iptables -I FORWARD 1 -o $DEV -s X.X.X.X -m limit --limit 200/sec -j ACCEPT
iptables -I FORWARD 2 -o $DEV -s X.X.X.X -j DROP
</pre>
X.X.X.X is an IP address of VE
== External links ==
Vass
172
edits
Retrieved from "https://wiki.openvz.org/Special:MobileDiff/1713"

Navigation menu