From mboxrd@z Thu Jan 1 00:00:00 1970 From: simms Date: Tue, 11 Jan 2005 14:42:39 +0000 Subject: Re: [LARTC] wondershaper with ssh on a non-standard port Message-Id: <20050111144239.GA26124@queeg> MIME-Version: 1 Content-Type: multipart/mixed; boundary="r5Pyd7+fXNt84Ff3" List-Id: References: <20050110194905.GM13970@queeg> In-Reply-To: <20050110194905.GM13970@queeg> To: lartc@vger.kernel.org --r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable mornin' all, i still haven't found the right solution for my situation, but after=20 some digging, i realized that the free PuTTY SSH client (commonly used=20 to access remote systems from under Windows) does NOT set the TOS bit=20 in a way that would let the default wondershaper script identify its=20 packets as high-priority. =20 this means that -- as suggested by Ed -- prioritizing SSH packets in the=20 uplink stream would have to be done on the basis of the port number used=20 by these packets. =20 also, because PuTTY does not set the TOS bit as wondershaper expects,=20 PuTTY users will have to use *port-based* prioritization in wondershaper=20 EVEN IF THEIR SSH SERVER RUNS ON THE DEFAULT PORT (22).=20 i will post up my solution as soon as i get it working. in the=20 meantime, please feel free to correct me if i'm wrong / suggest other=20 solutions.=20 peace -p --=20 Until lions have their historians, tales of the hunt shall always glorify the hunters. - African Proverb=20 On Mon, 10-Jan-2005 at 22:16:02 +0000, Ed Wildgoose wrote: > Hi, >=20 > >having read the docs and the wondershaper script itself, it occurred to= =20 > >me that the documentation promises an immediate drop in interactive app= =20 > >latency, specifically mentioning SSH as a big winner.=20 > >however, looking through the script i can't really tell just *how*=20 > >wondershaper figures out which port my SSH daemon is running on.=20 > > > >so what i'd like to know is, if i'm running my sshd on, say, port 222,= =20 > >do i need to make any changes to the wondershaper script, or will it=20 > >figure out the right number automagically (e.g. from /etc/services,=20 > >where SSH is already correctly assigned to port 222) ? > >(conversely, does it 'need' to figure out this port number at all?) > >=20 > > >=20 > It's been a while since I looked through wondershaper, but the relevant= =20 > lines are apparently these: >=20 > # TOS Minimum Delay (ssh, NOT scp) in 1:10: >=20 > tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \ > match ip tos 0x10 0xff flowid 1:10 >=20 > So it seems to be matching based on the "type of service" bits in the IP= =20 > packet. I seem to remember that SSH actually sets the IP tos bits=20 > correctly? >=20 > So it *should* work when ssh is on another port. I guess you need to=20 > either tweak the script (if you want a quick fix then just mark anything= =20 > to/from port 222 as high priority), or else figure out why your packets= =20 > aren't matching the required rule.... >=20 > Good luck >=20 > Ed W --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: http://www.gnupg.org iD8DBQFB4+XeDCKFvpZK6O4RApsbAJ9lwxx127ZgCIH/GKF1YyteaayTGgCeMk2I e1O6c9n9DDpi7+YP1fq1gEU= =NQI4 -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3-- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/