Advanced Configuration : Running WinTC on a Router -------------------------------------------------- If you have a Windows PC/server with two NICs that acts as the gateway (router) to the Internet, you can accomplish more powerful bandwidth control. We assume that you have 2 NICs as follows: - Internal NIC (connected to the internal LAN) - External NIC (connected to the Internet via an ISP) Packet forwarding must be enabled between these two NICs (i.e., router). 1) Limit download bandwidth for all client PCs in the LAN. You can achieve this by running a WinTC on the Internal NIC, (i.e., limit packets that are going in to the intranet). You can enforce various rules, like per client IP, per TCP port. 2) Limit upload bandwidth for all client PCs in the LAN. You can achieve this by running a WinTC on the external NIC, (i.e., limit packets that are going out to the Internet). If this Windows machine is NOT doing N-to-1 NAT, you can: enforce rules based on client IPs and on TCP ports. If it IS doing N-to-1 NAT (most people fall in this category), you can: only enforce rules based on TCP ports, but you cannot enforce rules based on client IPs. This is because all internal IPs of client PCs are mapped to a single external IP by the NAT, and WinTC (and underlying QoS packet scheduler) work on the external IPs on the external NIC. You can simultaneously run two instances of WinTC, one on the external NIC, and the other on the internal NIC, to control both upload and donload bandwidths. You have to configure the two WinTCs separately. internal NIC : IP address: 192.168.1.1 statically assigned external NIC (outgoing): IP address: aaa.bbb.ccc.ddd Client-1: 192.168.1.100 statically assigned ("Bandwidth Exempt" PC) Client-2: 192.168.1.101 assigned by internal DHCP (Teen 1) Client-3: 192.168.1.102 assigned by internal DHCP (Teen 2) WinTC instances wintc_int : outbound traffic controller for internal NIC (download traffic) wintc_ext : outbound traffic controller for external NIC (upload traffic) Create WinTC instance for internal NIC > cd "\Program Files" > xcopy /s /e wintc wintc_int Create WinTC instance for external NIC > cd "\Program Files" > xcopy /s /e wintc wintc_ext 1) Limiting download bandwidth (on internal NIC) Bandwidth Usage Rules - Client-1 (192.168.1.100) : no limit - Client-2 and Client-3 share a single pipe that places the following limits on bandwidth usage: download : 300KB/sec --- wintc_int wintc.conf --- # put limits on internal NIC (do "wintc -i" to find out which NIC is internal) default_netif = 1 define_flow = flow-limit 300K define_flow = flow-nolim 1000K limit=no define_filter = capped srcaddr=192.168.1.0/24 define_filter = exempt srcaddr=192.168.1.100 assign_filter = capped flow-limit assign_filter = exempt flow-nolim --- end --- 2) Limiting upload bandwidth (on external NIC) Bandwidth Usage Rules - Non-Capped applications (i.e., destination ports) HTTP upload (80), HTTPS upload (443), SMTP upload (25), ssh upload (22) - Capped applications (i.e., destination ports) All other applications (destination ports) share a single pipe that places the following limits on bandwidth usage: upload : 100KB/sec --- wintc_ext wintc.conf --- # put limits on external NIC (do "wintc -i" to find out which NIC is external) default_netif = 0 define_flow = flow-limit 100K define_flow = flow-nolim 1000K limit=no define_filter = capped dstport=* define_filter = exempt dstport=80 define_filter = exempt dstport=443 define_filter = exempt dstport=25 define_filter = exempt dstport=22 assign_filter = capped flow-limit assign_filter = exempt flow-nolim --- end --- EOF