I want to be able to set up two xen guests like this:

xen-create-image --hostname=xen1.example.com --size=10Gb --swap=512Mb --ip= --force --memory=256Mb --arch=i386 --debootstrap


xen-create-image --hostname=xen1.example.com --size=10Gb --swap=512Mb --ip= --force --memory=256Mb --arch=i386 --debootstrap

(the difference is the ips '' and '') I want to set it up so that '' has dial-up speed and '' has unshaped connection speed to xen1.example.com. I don't know anything about traffic shaping, or what i need to install to do this. So i guess when you answer be ultra noobie-concerned.

    #! /bin/bash

# reinit
tc qdisc del dev $NETCARD root handle 1
tc qdisc add dev $NETCARD root handle 1: htb default 9999

# create the default class
tc class add dev $NETCARD parent 1:0 classid 1:9999 htb rate $(( $MAXBANDWIDTH ))kbit ceil $(( $MAXBANDWIDTH ))kbit burst 5k prio 9999

# control bandwidth per IP
declare -A ipctrl
# define list of IP and bandwidth (in kilo bits per seconds) below

for ip in "${!ipctrl[@]}"
    mark=$(( mark + 1 ))

    # traffic shaping rule
    tc class add dev $NETCARD parent 1:0 classid 1:$mark htb rate $(( $bandwidth ))kbit ceil $(( $bandwidth ))kbit burst 5k prio $mark

    # netfilter packet marking rule
    iptables -t mangle -A INPUT -i $NETCARD -s $ip -j CONNMARK --set-mark $mark

    # filter that bind the two
    tc filter add dev $NETCARD parent 1:0 protocol ip prio $mark handle $mark fw flowid 1:$mark

    echo "IP $ip is attached to mark $mark and limited to $bandwidth kbps"

#propagate netfilter marks on connections
iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark

i did see this above, but i don't know what config file i need to edit.

So just to be clear. I want two ip's to access the same site, but one ip has dial-up speed and the other has untouched. Thanks so mcuh!

1 Answers1


I use my pfsense firewall for this..

ipfw and freebsd rocks for this type of thing over the Linux's

Hope you try this out :D

  • 3,592
  • 2
  • 24
  • 34