Goal

Provide a network traffic shaper which supports web-based interface to manage Quality of Service (QoS) functions available in Linux Kernel.

Requirements

• Allow shaping from different constraints:
  • Per service (protocol and port)
  • Per eBox object
  • Per interface
  • Per application protocol
  • Per source/destination address
• Shaping capabilities:
  • Priorize traffic
  • Share bandwidth (equally|proportional)
  • Guarantee minimum bandwidth
  • Limit maximum bandwidth with/out bursting
  • Guarantee maximum delay
  • Fallback to default rule
• Treat egress traffic (sent) and ingress (received) equally using IMQ
• Enable/Disable/Remove/Change? priority to a rule

Design

Integration between Firewall module and Traffic Shaping module is needed, the requirements are filled here.

The traffic shaping module design will be taken incrementally. It will be taken different phases deployed in  roadmap:

1. Shape per service and per interface
   • The shaping consists of:
     1. Guarantee bandwidth
     2. Limit bandwidth
     3. Priorize traffic
   • The different rules can be enabled, disabled, removed or changed
2. Shape per eBox object
   • An eBox object can be a host or a net
3. Shape per source/destination address
4. Shape per application protocol
   • Using  l7-filter and/or  ipp2p to classify bulk data applications such as P2P file sharing.
   • A study-case should be done in order to take a look for performance issues
5. Shape not only egress traffic but also ingress traffic
   • In theory, kernel should treat them equally but it's not and  IMQ workaround should be used.
     • Its lack of stability is the main point to delay its incursion
6. Include bursting into limit bandwidth
7. Guarantee a maximum delay using HFSC queue discipline
   • This gives VoIP/SIP and other very interactive traffic a point
   • Almost transparent from user point of view
8. Hierarchical rules
   • Sharing bandwidth

Web interface will use  prototype library to give AJAX support

Class structure