BetterBandwidth lets you monitor and control individual, group, and system-wide bandwidth usage in multi-tenant Linux environments.
- Link outgoing traffic to specific Linux users. Our mod_betterlinux Apache module enables the cpu daemon to map Apache threads to system users and move them into one or more cgroup-based jail cores when users exceed configured limits. Our I/O daemon also enforces users' configured I/O limits on outgoing traffic.
- Individual bandwidth limiting doesn't require assigning individual IP addresses. (you'll need fewer IPV4 IP address blocks)
- Cap the uncontrolled use of the few who inflate your monthly bill without having to throttle everyone.
- Automatically force a specific user's traffic on a shared server to originate from a specified IP address. (Dedicated users' traffic no longer appears to originate from your main shared IP; there is no more need to bind each program to a dedicated IP, which is cumbersome and only works with some programs)
- Monitor bandwidth per user and user’s application over specifiable intervals; monitor applications’ addresses, port destinations, and how much bandwidth flows through each socket. See also protocol (ip, tcp, etc.) and detailed packet info, including bytes used per pid. You can also create custom data summaries.
The above features mean more users per box and fewer customer support requests, which translate into higher profits.
CONNECTION LIMITING (monitor and limit bandwidth connections per admin-defined group of Linux users)
- Limit the number of inbound connections available per group member on any given port.
- Tie inbound traffic to specific Linux users, even when destined for generic users, like Apache’s “nobody” user.
- Prioritize port connections (e.g. give Apache more connections than MySQL).
- Get connection data: type (local or internet), method (string, diagram, etc.), and per user/port maximums with each one’s current use data expressed in number and percent. See every configured connection (limited or not) and all in-use connections (configured or not), as well as a resettable connection denial counter.
Without per-user connection limits, any user can monopolize all connections and behave like a DOS attack. And if you limit the Apache user, for example, you risk unnecessarily cutting off legitimate traffic. But because you can now tie all traffic to specific Linux users, you can also limit inbound connections per user and minimize the impact of DOS attacks. Connections beyond the limit are simply shut down. Less severe connection inefficiencies also occur many times a day without administrators even knowing it, which per-user connection limiting also solves.
**One configuration file can hold settings for multiple systems.
Add to Favourites
Print this Article