Docs / Networking / How to Implement Bandwidth Throttling and QoS on Linux

How to Implement Bandwidth Throttling and QoS on Linux

By Admin · Mar 15, 2026 · Updated Apr 23, 2026 · 166 views · 2 min read

Quality of Service (QoS) and bandwidth throttling ensure critical services get the network resources they need while preventing any single application from consuming all available bandwidth.

Using tc (Traffic Control)

# tc is the Linux traffic control tool
# It uses queuing disciplines (qdiscs) to shape traffic

# View current qdisc
tc qdisc show dev eth0

Rate Limiting with tbf (Token Bucket Filter)

# Limit total bandwidth to 100Mbit
sudo tc qdisc add dev eth0 root tbf rate 100mbit burst 32kbit latency 400ms

# Remove the limit
sudo tc qdisc del dev eth0 root

Prioritized Traffic with HTB

# Hierarchical Token Bucket — create priority classes
# Total bandwidth: 100Mbit
sudo tc qdisc add dev eth0 root handle 1: htb default 30

# Root class
sudo tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit

# High priority (SSH, DNS) — guaranteed 20Mbit, can burst to 100Mbit
sudo tc class add dev eth0 parent 1:1 classid 1:10 htb rate 20mbit ceil 100mbit prio 1

# Medium priority (HTTP/HTTPS) — guaranteed 60Mbit
sudo tc class add dev eth0 parent 1:1 classid 1:20 htb rate 60mbit ceil 100mbit prio 2

# Low priority (everything else) — guaranteed 20Mbit
sudo tc class add dev eth0 parent 1:1 classid 1:30 htb rate 20mbit ceil 100mbit prio 3

# Classify traffic into classes
sudo tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip dport 22 0xffff flowid 1:10
sudo tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip dport 53 0xffff flowid 1:10
sudo tc filter add dev eth0 parent 1: protocol ip prio 2 u32 match ip dport 80 0xffff flowid 1:20
sudo tc filter add dev eth0 parent 1: protocol ip prio 2 u32 match ip dport 443 0xffff flowid 1:20

Limiting Per-IP Bandwidth

# Using iptables + tc to limit bandwidth per client
# Useful for shared hosting or preventing abuse
sudo tc qdisc add dev eth0 root handle 1: htb
sudo tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit
sudo iptables -A OUTPUT -d 192.168.1.100 -j CLASSIFY --set-class 1:1

Using wondershaper (Simple Tool)

# Install wondershaper for quick bandwidth limiting
sudo apt install wondershaper

# Limit download to 50Mbit, upload to 20Mbit
sudo wondershaper eth0 50000 20000

# Remove limits
sudo wondershaper clear eth0

Monitoring QoS

# View tc statistics
tc -s qdisc show dev eth0
tc -s class show dev eth0

# Watch in real time
watch -n 1 tc -s class show dev eth0

Was this article helpful?

Related Articles