Forging a Internet Connection Server

D

d-_-b

Well-Known Member
Joined
Oct 26, 2005
Messages
427
Reaction score
4
Location
Pretoria
Hi

We are a few guys that want to share an internet connection, we are thinking of putting down an ubuntu server to manage the internet connection and cache the data downloaded locally so that we don’t waste bandwidth in downloading things double.

We are thinking about sharing one 30 GB local account and allow each other to buy our own prepaid accounts from different ISP for international bandwidth. So it means we are going to have one ISP account anybody can use to access the internet(and the data gets cached) and then we would like each user to setup their own ISP accounts for their own use, but this data should also get cached.

We would also like to throttle the amount of bandwidth that may be used by certain users, for example in the weekdays between 8 and 5 we will open up the internet connection so that people can run downloads(ftp, p2p etc) but after 5 till 12 at night some port should be throttled.

I know this will take a lot of setup and fine tuning but I have to start somewhere, so if you guys would maybe post links to useful site or help me in the right direction it would be greatly appreciated.

Regards,
 
Ubuntu and Squid will do most of what you want. Multiple accounts will be a hassle though, as you'd need to set up multiple PPPOE connections from one box and your routing rules will be hideous. Roaring Penguin has good software for achieving this: http://www.roaringpenguin.com/en/penguin/openSourceProducts/rpPppoe - the multiple connections stuff is here: http://www.voy.com/41165/4151.html

Routing between the various connections will probably be best achieved by using an iptables firewall. http://www.netfilter.org/

Squid will be perfect for your proxy needs, as the cache is extremely configurable. http://www.squid-cache.org/
 
BobbyMac said:
Routing between the various connections will probably be best achieved by using an iptables firewall. http://www.netfilter.org/
Click to expand...

Nope. Netfilter (the package containing the iptables command) is a packet filter - it doesn't route. What you need to look at is iproute2 (included in Ubuntu as 'iproute').

The problem I see with each one using his own account (for international, I assume) is that you'll need a connection for each. When you have a connection for each person's international traffic, you need that whole routing table for each source IP (that'll make a *big* routing table) so that each person's international traffic is routed via a different interface. This is still doable, but when you drop a proxy inbetween, you kill that idea.

The best way to go about this is have two connections - one for local, one for international. That way your proxy would still fit in nicely. Find another way to figure out who used how much international bandwidth and split the cost accordingly. If you let iptables log everything, you can sort the traffic by source and destination and work it out that way - you'll probably have to script something. Haven't tried it yet.
 
koffiejunkie said:
Nope. Netfilter (the package containing the iptables command) is a packet filter - it doesn't route. What you need to look at is iproute2 (included in Ubuntu as 'iproute').
Click to expand...
Yes, you're right. I should have mentioned iproute on top of netfilter. I use rules (in iptables) to set a mark per outgoing connection address, then use that mark (fwmark) in iproute to route as needed.
The problem I see with each one using his own account (for international, I assume) is that you'll need a connection for each. When you have a connection for each person's international traffic, you need that whole routing table for each source IP (that'll make a *big* routing table) so that each person's international traffic is routed via a different interface. This is still doable, but when you drop a proxy inbetween, you kill that idea.

The best way to go about this is have two connections - one for local, one for international. That way your proxy would still fit in nicely. Find another way to figure out who used how much international bandwidth and split the cost accordingly. If you let iptables log everything, you can sort the traffic by source and destination and work it out that way - you'll probably have to script something. Haven't tried it yet.
Click to expand...
Squid's logs will also be useful in determining who did what if configured correctly. Alternatively, if you did set a mark as I described earlier, then you'd be able to know who did what from your iproute logs as well.
 
BobbyMac said:
Ubuntu and Squid will do most of what you want. Multiple accounts will be a hassle though, as you'd need to set up multiple PPPOE connections from one box and your routing rules will be hideous. Roaring Penguin has good software for achieving this: http://www.roaringpenguin.com/en/penguin/openSourceProducts/rpPppoe - the multiple connections stuff is here: http://www.voy.com/41165/4151.html

Routing between the various connections will probably be best achieved by using an iptables firewall. http://www.netfilter.org/

Squid will be perfect for your proxy needs, as the cache is extremely configurable. http://www.squid-cache.org/
Click to expand...

There's a really userfriendly post right here on mybroadband about using IPCop to Split Local/In Traffic

Read more here
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X