Rate Limit sshfs

by Jordan Emmorey

v0.1 This work is licensed under a Creative Commons License.

0. TOC and Purpose
1. Background
2. Use
3. Resources
4. Contact
5. Keywords
6. Disclaimer

0. TOC and Purpose

The purpose of this is paper is to document a cryptic procedure for rate limiting sshfs, and explain some of the pertinent terminology.

1. Background

I use sshfs to mount my backup directory for my webhost.  Backing up this directory drove my home internet connection into the ground which in tern killed my VoIP.  I wanted to rate limit the backups, however most utilities only have rate limiting for remote backups.  Since sshfs provides a local mount point, these backup utilities do not rate limit.

The first thing I learned is that Linux has a built in traffic controller which handles packet queuing before it makes it to the network interface card. The interface is aptly named tc.

2. Use

To see the current traffic control configuration, you can use tc. This tells us that for eth0 the qdisc (short for 'queueing discipline') is FIFO (first in and first out) for the root band.

souljah@bluepunx:~$ sudo tc qdisc show
qdisc pfifo_fast 0: dev eth0 root bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1

To add traffic shaping I found a script from the Ubuntu forums which I modified and tested. See below:

DEV=eth0
DEV_MAX=100Mbit
SSH_UPLOAD=220kbit
SERVER_IP=192.168.10.50/32
SERVER_PORT=22
tc qdisc del dev $DEV root
tc qdisc add dev $DEV root handle 1: htb default 10
tc class add dev $DEV parent 1: classid 1:1 htb rate $DEV_MAX
tc class add dev $DEV parent 1:1 classid 1:10 htb rate 192kbit ceil $DEV_MAX
tc class add dev $DEV parent 1:1 classid 1:11 htb rate 192kbit ceil $SSH_UPLOAD
tc qdisc add dev $DEV parent 1:10 handle 10: sfq
tc qdisc add dev $DEV parent 1:11 handle 11: sfq
tc filter add dev $DEV parent 1: protocol ip prio 5 \
u32 match ip dst $SERVER_IP \
match ip dport $SERVER_PORT 0xffff classid 1:11

This script sets a rate limit (throttle) of ~22KiB/s for any traffic to 192.168.10.50 on port 22.  You should Modify the SERVER_IP and SSH_UPLOAD to match your network connection and remote host.

Important ideas:

• rate = the maximum bandwidth a class can use without borrowing from other classes.
• ceiling = the maximum bandwidth that a class can use, which limits how much bandwidth the class can borrow.

You probably do not want to have your combined rates be larger than your available bandwidth. To encourage better quality shaping you can have your rate lower and then cap with a larger ceiling.

3. Resources

• Kernel Korner - Analysis of the HTB Queuing Discipline
• Route Based QOS mini howto
• Ubuntu Forums
• tc man page

4. Contact

Thanks for reading. If you have any comments, suggestions or gripes please feel free to send them along. I'm always hungry for feedback. Thanks. Contact me via email at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

5. Keywords

ssfsh, rate, limit, rate-limit, throttle, Linux, Ubuntu, server, desktop, 9.10, 9.04, karmic,  sshd, bandwidth,

6. Disclaimer

Obsecurities is furnishing this item "as is". Obsecurities does not provide any warranty of the item whatsoever, whether express, implied, or statutory, including, but not limited to, any warranty of merchantability or fitness for a particular purpose or any warranty that the contents of the item will be error-free.

In no respect shall obsecurities incur any liability for any damages, including, but limited to, direct, indirect, special, or consequential damages arising out of, resulting from, or any way connected to the use of the item, whether or not based upon warranty, contract, tort, or otherwise; whether or not injury was sustained by persons or property or otherwise; and whether or not loss was sustained from, or arose out of, the results of, the item, or any services that may be provided by Obsecurities.