1

I have configured ikev2 VPN on my server, but there is no tunnel interfaces like openvpn (tun0).

So actually, I can't limit the ikev2 vpn speed using tc tool.

Example for traffic shapping of openvpn (tun0) below.

tc qdisc del dev tun0 root
tc qdisc add dev tun0 root handle 1: htb
tc class add dev tun0 parent 1:1 classid 1:10 htb rate 1mbit ceil 1mbit
tc class add dev tun0 parent 1:1 classid 1:20 htb rate 1mbit ceil 1mbit
tc qdisc add dev tun0 parent 1:10 sfq perturb 10
tc qdisc add dev tun0 parent 1:20 sfq perturb 10
tc filter add dev tun0 protocol ip parent 1: prio 50 u32 match ip src 10.24.26.1/32  flowid 1:10

Because ikev2 doesn't have a tunnel interface I can't limit the internal IP speed using even tc.

Any idea on it?

I need to limit individual internal ip speed 10.24.26.1-10.24.26.255.

maar
  • 485
  • 6
  • 20
JohnsonGoey
  • 51
  • 10

1 Answers1

0

ok guys, i already found out the way by limiting using internal address of ikev2

iptables -I FORWARD -s 10.24.26.2 -j MARK --set-mark 6
iptables -I FORWARD -d 10.24.26.2 -j MARK --set-mark 6
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 1mbit ceil 1mbit
tc qdisc add dev eth0 parent 1:10 sfq perturb 10
tc filter add dev eth0 protocol ip parent 1: prio 1 handle 6 fw flowid 1:10
JohnsonGoey
  • 51
  • 10
  • https://linuxscriptshub.com/bandwidth-control-on-openvpn-using-tc-and-iptables-for-individual-user/ https://linuxscriptshub.com/bandwidth-control-on-ikev2-with-tc-and-iptables/ https://linuxscriptshub.com/bandwidth-rate-limiting-on-vpn-pptp-l2tp/ – JohnsonGoey Apr 16 '17 at 09:46
  • Great solution. This works, however, the entire VPN traffic is limited to 1mbit/s. This is not limiting the speed per connected user to 1mbit. Correct me if I'm wrong.. – Houman Nov 10 '18 at 09:58