Re: Dynamic firewall based on bandwidth usage ?
- From: Syv Ritch <syv@xxxxxxxxxxxxxxx>
- Date: Tue, 10 Oct 2006 18:55:36 -0700
On Sun, 08 Oct 2006 14:44:22 -0400
FM <dist-list@xxxxxxxxxxxxxxxxxx> wrote:
Hello,
I have a common problem but cannot find a solution.
My setup :
all servers are Redhat Enterprise 4
CISCO PIX in front on a HTTP load Balancer/failover (called a
director in the L.V.S. jargon) that sends requests to 4 web servers
(cluster setup based on Linux Virtual Server include in redhat
cluster suite).
Now my prob :-)
From time to time users download our site and block all http
connexion, and worst, use all our bandwidth. So I have to block (or
redirect) those network abusers after a download limit (for ex :
1Gb per day) for lets say 1day.
Because of the director, I cannot use the apache2 mod_cband.
My first though is to look at the iptables on the director but I
cannot find any information about that kind of setup.
Do you know if it is possible using build in linux
tools(iptables ?).
If not, do you know some hardware appliance that could do that ?
Cisco does that. Depending on which PIX and which version of the PIX,
you can do traffic shaping/policing based on a sliding window. Even a
Cisco 1750 serie will do it.
Then you can lower the quality of service to a level, that everybody
else get priority over them.
Hope this help
--
Thanks
http://www.911networks.com
When the network has to work
- References:
- Prev by Date: Re: Dynamic firewall based on bandwidth usage ?
- Next by Date: Re: Dynamic firewall based on bandwidth usage ?
- Previous by thread: Re: Dynamic firewall based on bandwidth usage ?
- Index(es):
Relevant Pages
|
|
