I am trying to configure my MT border router to shape the user’s bandwidth.
To do that I mark connections and packets based on ports, protocols, sources and/or destinations and create the proper queue trees to limit or prioritize the traffic flow.
The question is:
Is this enough or I should limit also the quantity of connections per user?
I can see that some users open many many tcp connections and I wonder if this resource must also be limitated in order to keep the network healthy.
Even more: some (many) connections last many days.
How can I know if thay are spurious or actual connections?
Should not these connections be claimed or closed by the OS?
Are not connection entries a scarse resource to protect?
How many concurrent connections should one allow to be open in order to assure a proper operation?
Many questions because I am suffering of poor performance of my router with (I suppose) not many users (about 30-35) and all the fingers point to a poor bandwidth administration.