From: "Ethy H. Brito" <ethy.brito@inexo.com.br>
To: lartc@vger.kernel.org
Subject: Re: Traffic shaping at 10~300mbps at a 10Gbps link
Date: Wed, 09 Jun 2021 22:13:20 +0000 [thread overview]
Message-ID: <20210609191320.7b0e9fac@babalu> (raw)
In-Reply-To: <20210607133853.045a96d5@babalu>
On Wed, 9 Jun 2021 21:57:30 +0200
Adam Niescierowicz <adam.niescierowicz@justnet.pl> wrote:
> W dniu 09.06.2021 o 21:30, Ethy H. Brito pisze:
> > On Wed, 9 Jun 2021 21:11:03 +0200
> > Adam Niescierowicz <adam.niescierowicz@justnet.pl> wrote:
> >
> >> How you make filters, it's one level or multilevel based?
> > Multi level.
> >
> > First test IPv4, IPv6 or Other Protocols.
> > Then test for two cidr "/19" and one /20 blocks we use.
> > Then for every /24 block inside the selected cidr block.
> >
> > I can send some fragments of each "test" block, if you want.
> >
> Please send it will be easier.
>
> We have 5+ Gbps at peak, 12core cpu and it's working. We don't use ipv6
> on this router, but we use PPPoE.
>
>
> What's kernel version?, our is old 4.17.
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
# tc -V
tc utility, iproute2-ss200127
# uname -a
Linux quiron 5.4.0-66-generic #74-Ubuntu SMP Wed Jan 27 22:54:38 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Here we go.
eth0 is the internal interface (send packets to users - download)
The rules are inserted in the order bellow. There are no inversions.
Just a very few lines were copied here.
I can send a WeTransfer link for those who may need the full script file.
---------------------------8<------------------------------------
/sbin/tc filter add dev eth0 parent 1:0 prio 1 protocol ipv6 u32
/sbin/tc filter add dev eth0 parent 1:0 prio 2 protocol ip u32
# Some service networks
/sbin/tc filter add dev eth0 protocol ipv4 parent 1: pref 2 \
u32 match ip dst 100.64.254.0/24 \
flowid 1:fffe
/sbin/tc filter add dev eth0 protocol ipv6 parent 1: pref 1 \
u32 match ip6 dst fe80::/10 \
flowid 1:fffe
#
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 1: u32 divisor 4
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 10: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ipv6 prio 1 u32 ht 1: match ip6 dst 2001:12c4:a10:e000::/51 hashkey mask 0x0000ff00 at 28 link 10:
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 100: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ipv6 prio 1 u32 ht 10:e0: match ip6 dst 2001:12c4:a10:e000::/56 hashkey mask 0x000000ff at 28 link 100:
... links 101 (2001:12c4:a10:e100::/56), 102 (2001:12c4:a10:e200::/56) ... up to
/sbin/tc filter add dev eth0 parent 1:0 protocol ipv6 prio 1 u32 ht 10:ff: match ip6 dst 2001:12c4:a10:ff00::/56 hashkey mask 0x000000ff at 28 link 11f:
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 11: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ipv6 prio 1 u32 ht 1: match ip6 dst 2001:12c4:6440::/51 hashkey mask 0x0000ff00 at 28 link 11:
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 120: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ipv6 prio 1 u32 ht 11:00: match ip6 dst 2001:12c4:6440:000::/56 hashkey mask 0x000000ff at 28 link 120:
... same here up to link 13f (2001:12c4:6440:1f00::/56):
More IPv6 filters like these follows to others CIDRs.
Now for IPv4 /24 blocks.
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 2: u32 divisor 4
# Hash Table para 256 Blocos /24 de endereços IP para o macro bloco 10.16.224.0/19
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 13: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 ht 2: match ip dst 10.16.224.0/19 hashkey mask 0x0000ff00 at 16 link 13:
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 150: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 ht 13:e0: match ip dst 10.16.224.0/24 hashkey mask 0x000000ff at 16 link 150:
... link 151 (10.16.225.0/24), 153 (10.16.226.0/24) ... up to
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 16f: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 ht 13:ff: match ip dst 10.16.255.0/24 hashkey mask 0x000000ff at 16 link 16f:
Other CIDRs blocks for 100.64.0/19 follows like...
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 14: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 ht 2: match ip dst 100.64.0.0/19 hashkey mask 0x0000ff00 at 16 link 14:
/sbin/tc filter add dev eth0 parent 1:0 prio 99 handle 170: u32 divisor 256
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 ht 14:00: match ip dst 100.64.0.0/24 hashkey mask 0x000000ff at 16 link 170:
up to link 19f:
And finally:
/sbin/tc filter add dev eth0 parent 1:0 handle ::2 prio 1 protocol ipv6 u32 match u32 0 0 link 1:
/sbin/tc filter add dev eth0 parent 1:0 handle ::2 prio 2 protocol ip u32 match u32 0 0 link 2:
/sbin/tc filter add dev eth0 parent 1:0 prio 3 protocol arp u32 match u32 0 0 classid 1:fffe
# Rede "default" para endereços IPV6 não Classificados anteriormente
/sbin/tc filter add dev eth0 parent 1:0 prio 1 handle ::ffe protocol ipv6 u32 match u32 0 0 classid 1:fffc
Thanks for your time.
Cheers
Ethy
next prev parent reply other threads:[~2021-06-09 22:13 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-07 16:38 Traffic shaping at 10~300mbps at a 10Gbps link Ethy H. Brito
2021-06-09 15:04 ` Ethy H. Brito
2021-06-09 19:11 ` Adam Niescierowicz
2021-06-09 19:30 ` Ethy H. Brito
2021-06-09 19:57 ` Adam Niescierowicz
2021-06-09 22:13 ` Ethy H. Brito [this message]
2021-06-12 11:24 ` Anatoly Muliarski
2021-06-14 16:13 ` Ethy H. Brito
2021-06-16 11:43 ` cronolog+lartc
2021-06-16 12:08 ` Erik Auerswald
2021-07-07 2:10 ` L A Walsh
[not found] <20210617121839.39aefb12@babalu>
2021-06-17 16:17 ` Jesper Dangaard Brouer
-- strict thread matches above, loose matches on Subject: below --
2021-06-17 17:57 Ethy H. Brito
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210609191320.7b0e9fac@babalu \
--to=ethy.brito@inexo.com.br \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.