From: Edgar <donvodka@gmail.com>
To: lartc@vger.kernel.org
Subject: [LARTC] P2P shaping, won't work
Date: Fri, 08 Jul 2005 06:36:53 +0000 [thread overview]
Message-ID: <200507080136.53843.donvodka@gmail.com> (raw)
Hello, its me again, I won't stop sending emails to this list, until I solve
this problem, I've tried several apps to create the right htb rules (even
made them my self), but I always get the same results, traffic gets shaped,
but I can't use my bandwidth, and this is weird, because I should be able to,
also I keep seeing download being limited too, and that shouldn't be
happening, I don't think I'm the only one with this problem out there, so I
will post here once again my configuration, to match p2p traffic and to shape
it:
### ###
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -N lay7PRE
iptables -t mangle -N lay7POST
iptables -t mangle -N ipp2pPRE
iptables -t mangle -N ipp2pPOST
### PREROUTING RULES ###
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING -m mark ! --mark 0 -j ACCEPT
iptables -t mangle -A ipp2pPRE -p tcp -m ipp2p --ipp2p -j MARK --set-mark 3
iptables -t mangle -A ipp2pPRE -p udp -m ipp2p --bit -j MARK --set-mark 3
iptables -t mangle -A ipp2pPRE -p tcp -m mark --mark 3 -j CONNMARK --save-mark
iptables -t mangle -A lay7PRE -m layer7 --l7proto smtp -j MARK --set-mark 1
iptables -t mangle -A lay7PRE -m layer7 --l7proto ssh -j MARK --set-mark 2
iptables -t mangle -A lay7PRE -m mark --mark 2 -j CONNMARK --save-mark
### POSTROUTING RULES ###
iptables -t mangle -A ipp2pPOST -o eth1 -m mark --mark 3 -j CLASSIFY
--set-class 1:30
iptables -t mangle -A lay7POST -o eth1 -m mark --mark 1 -j CLASSIFY
--set-class 1:20
iptables -t mangle -A lay7POST -o eth1 -m mark --mark 2 -j CLASSIFY
--set-class 1:10
### ###
iptables -t mangle -A PREROUTING -j lay7PRE
iptables -t mangle -A POSTROUTING -j lay7POST
iptables -t mangle -A PREROUTING -j ipp2pPRE
iptables -t mangle -A POSTROUTING -j ipp2pPOST
TC RULES
tc qdisc add dev eth1 handle 1:0 root dsmark indices 8 default_index 0
tc qdisc add dev eth1 handle 2:0 parent 1:0 htb
tc class add dev eth1 parent 2:0 classid 2:1 htb rate 22000bps ceil 22000bps
tc class add dev eth1 parent 2:1 classid 2:2 htb rate 3000bps ceil 5000bps
prio 0
tc qdisc add dev eth1 handle 3:0 parent 2:2 sfq
tc class add dev eth1 parent 2:1 classid 2:3 htb rate 5000bps ceil 6000bps
prio 1
tc qdisc add dev eth1 handle 4:0 parent 2:3 sfq
tc class add dev eth1 parent 2:1 classid 2:4 htb rate 8000bps ceil 8000bps
prio 2
tc qdisc add dev eth1 handle 5:0 parent 2:4 sfq
tc class add dev eth1 parent 2:1 classid 2:5 htb rate 10000bps ceil 10000bps
burst 0 cburst 0 prio 3 quantum 1500
tc qdisc add dev eth1 handle 6:0 parent 2:5 sfq
tc class add dev eth1 parent 2:1 classid 2:6 htb rate 10000bps ceil 22000bps
prio 1
tc qdisc add dev eth1 handle 7:0 parent 2:6 sfq
tc filter add dev eth1 parent 2:0 protocol all prio 1 tcindex mask 0x7 shift 0
tc filter add dev eth1 parent 2:0 protocol all prio 1 handle 5 tcindex classid
2:6
tc filter add dev eth1 parent 2:0 protocol all prio 1 handle 4 tcindex classid
2:4
tc filter add dev eth1 parent 2:0 protocol all prio 1 handle 3 tcindex classid
2:5
tc filter add dev eth1 parent 2:0 protocol all prio 1 handle 2 tcindex classid
2:3
tc filter add dev eth1 parent 2:0 protocol all prio 1 handle 1 tcindex classid
2:2
tc filter add dev eth1 parent 1:0 protocol all prio 1 u32 match u8 0x5 0xf at
0 match u16 0x0 0xffc0 at 2 classid 1:5
tc filter add dev eth1 parent 1:0 protocol all prio 1 u32 match u8 0x5 0xf at
0 match u8 0x10 0x10 at 33 classid 1:4
tc filter add dev eth1 parent 1:0 protocol all prio 1 u32 match u8 0x5 0xf at
0 classid 1:5
tc filter add dev eth1 parent 1:0 protocol all prio 1 u32 match u32 0x0 0x0 at
0 classid 1:5
well, this rules are generated with tcng (tcc actually), and I see traffic
going to the p2p rule (being 2:5), but still I'm not able to browse the web!
nor chat nor anything, someone adviced me to create an interactive class and
then leave the unmatched traffic go to a default class (and here'll go p2p
traffic too), but then I'm running a squid server at home, and thus I don't
know what port to specify to do this, anyway, I've tried already with normal
http traffic, with layer7, I see the traffic going to the iptables chain, but
yet it'll still won't work, p2p traffic keeps eating all my bandwidth, its
ignoring all the priorities I have in my tc rules (being the 2:5 class the
one with the lowest priority), I really need to get this working, and I know
there's some ppl that has lots of more experience that me, and I'm sure you
can help me. Thank you
EDGAR MERINO
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next reply other threads:[~2005-07-08 6:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-08 6:36 Edgar [this message]
2005-07-08 13:30 ` [LARTC] P2P shaping, won't work Francisco Pereira
2005-07-08 13:59 ` Jody Shumaker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200507080136.53843.donvodka@gmail.com \
--to=donvodka@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.