Well I heard there's some ways with Apache but never got them to work. Lighttpd has max speed per connections and max speed per server options if you want to use that. There's some bugs with the Lighttpd way that I noticed, however. My prefered way is to use iptables to classify/mark packets and
tc (part of the iproute2 package) to actually do packet shaping and control speeds based on your iptables settings.
http://gentoo-wiki.com/HOWTO_Packet_ShapingI use it at home, too, because my upstream bandwidth is limited and I like to get all I can in the household
Here's a bit of the iptables/tc setup I use at home and is pretty much adaptable to a server environment:
iptables rules:
CODE
# give "overhead" packets highest priority
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --syn -m length --length 40:68 -j CLASSIFY --set-class 1:10
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j CLASSIFY --set-class 1:10
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j CLASSIFY --set-class 1:10
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --tcp-flags ALL RST -j CLASSIFY --set-class 1:10
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --tcp-flags ALL ACK,RST -j CLASSIFY --set-class 1:10
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --tcp-flags ALL ACK,FIN -j CLASSIFY --set-class 1:10
# interactive SSH traffic
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --sport ssh -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -m multiport --dport ssh,4123 -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -d xx.xx.xx.xx --dport 9000 -j CLASSIFY --set-class 1:20
# interactive mail or web traffic
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -m multiport --sport http,imap,https,imaps,smtp -j CLASSIFY --set-class 1:30
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -m multiport --dport http,imap,https,imaps,smtp,aol,1863,5050 -j CLASSIFY --set-class 1:30
# dns lookups
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --dport domain -j CLASSIFY --set-class 1:30
# ICMP, UDP
iptables -t mangle -A POSTROUTING -o ${IFext} -p udp -j CLASSIFY --set-class 1:40
iptables -t mangle -A POSTROUTING -o ${IFext} -p icmp -m length --length 28:1500 -m limit --limit 2/s --limit-burst 5 -j CLASSIFY --set-class 1:40
# bulk traffic
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp --dport irc -j CLASSIFY --set-class 1:50
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -m multiport --dport ftp,ftp-data -j CLASSIFY --set-class 1:60
iptables -t mangle -A POSTROUTING -o ${IFext} -p tcp -m multiport --sport ftp,ftp-data -j CLASSIFY --set-class 1:60
CODE
tc qdisc add dev ${IFext} root handle 1: htb default 60
tc class add dev ${IFext} parent 1: classid 1:1 htb rate 270kbit
tc class add dev ${IFext} parent 1:1 classid 1:10 htb rate 128kbit ceil 270kbit prio 0
tc class add dev ${IFext} parent 1:1 classid 1:20 htb rate 64kbit ceil 270kbit prio 1
tc class add dev ${IFext} parent 1:1 classid 1:30 htb rate 56kbit ceil 270kbit prio 2
tc class add dev ${IFext} parent 1:1 classid 1:40 htb rate 24kbit ceil 270kbit prio 3
tc class add dev ${IFext} parent 1:1 classid 1:50 htb rate 18kbit ceil 270kbit prio 4
tc class add dev ${IFext} parent 1:1 classid 1:60 htb rate 10kbit ceil 270kbit prio 5
tc qdisc add dev ${IFext} parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev ${IFext} parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev ${IFext} parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev ${IFext} parent 1:40 handle 40: sfq perturb 10
tc qdisc add dev ${IFext} parent 1:50 handle 50: sfq perturb 10
tc qdisc add dev ${IFext} parent 1:60 handle 60: sfq perturb 10
Note how you can set rate ceilings, guaranteed rates, etc.
