Fair bandwidth repartition between multiple users

Question

I have a debian server at home using my personal internet connection (50 mbps up). I've set up a simple SFTP service with OpenSSH to share big files (10 Gb+) with multiple users.

Here's my problem : regarding bandwidth repartition, it's the jungle. I have users with standard ADSL connection, others with optic fiber connection, etc. Each user has a different download speed, and usually the largest download bandwidth wins.

I'd like to know if it's possible to divide my upload bandwidth "almost equally" between the users.

Ideally, each user would be able to download a file up to 50/n mbps (where n is the number of users connected).

Thank you very much for your help.

Answer 1

Since you're using Debian Linux, you can do it quite simple. You can use this script for "fair" repartition on the bandwidth:

#Put here your Internet-interface instead of eth1
ext_iface=eth1
eiface_addr=192.169.158.150

###############Remove shaper rules###############################3
iptables -t mangle --flush

tc qdisc del dev $ext_iface root 2> /dev/null > /dev/null

iptables -t mangle -D POSTROUTING -o $ext_iface -j shape-in 2> /dev/null > /dev/null
iptables -t mangle -F shape-in 2> /dev/null > /dev/null
iptables -t mangle -X shape-in 2> /dev/null > /dev/null

##############Adding shaper rules###################################
tc qdisc add dev $ext_iface root handle 1:0 htb default 10
tc class add dev $ext_iface parent 1:0 classid 1:1 htb rate 100mbit ceil 100mbit

tc class add dev $ext_iface parent 1:1 classid 1:5 htb rate 100mbit ceil 100mbit prio 0
tc class add dev $ext_iface parent 1:1 classid 1:10 htb rate 48mbit ceil 48mbit prio 0

tc qdisc add dev $ext_iface parent 1:5 handle 5: pfifo limit 5
tc qdisc add dev $ext_iface parent 1:10 handle 10: pfifo limit 10

iptables -t mangle -N shape-in
iptables -t mangle -I POSTROUTING -o $ext_iface -j shape-in

#Priority for pings
iptables -t mangle -A shape-in -p icmp -j MARK --set-mark 5

#Priority for Server Access
iptables -t mangle -A shape-in -s $eiface_addr -j MARK --set-mark 5

#Othet packets (user\'s internet traffic)
iptables -t mangle -A shape-in -m mark --mark 0 -j MARK --set-mark 10

tc filter add dev $ext_iface parent 1:0 prio 0 protocol ip handle 5 fw flowid 1:5
tc filter add dev $ext_iface parent 1:0 prio 1 protocol ip handle 10 fw flowid 1:10

Note that the users will get 48/n channel and there is two Mbs left for a reserve.

Answer 2

What, exactly, is the problem you are having? Are the slower downloaders being starved out completely whenever someone with a fiber line is downloading? Unless that's the case, you should probably just let your server's TCP/IP stack deal with your clients' varying download speeds as best it can. Everyone should eventually get their chunk of your upload.

Also, I believe your notion of 50/n mbps per user as "fair" is misguided. For example, say you have only two users connected, one on fiber capable of 50 mbps download, and the other on dialup at 56 kbps. Do you really want to limit the fiber downloader to just 25 mbps, and basically waste the remaining 25 mbps on the dialup user?

If I were in your position, I wouldn't bother trying to impose this particular notion of "fairness". If you did, it wouldn't be long before users would figure out a way to grab a bigger chunk of your upload bandwidth anyway, by, for example, opening additional connections.