* Re: Ingress QoS
2013-04-22 8:47 Ingress QoS Phil Daws
@ 2013-04-22 9:23 ` Kenyon Ralph
2013-04-22 12:43 ` John A. Sullivan III
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Kenyon Ralph @ 2013-04-22 9:23 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: text/plain, Size: 867 bytes --]
On 2013-04-22T09:47:18+0100, Phil Daws <uxbod@splatnix.net> wrote:
> have started to learn about Ingress policing/shaping using the IFB
> module. What I would like to achieve is having different class ID's
> for different service groups. One would contain HTTP/S traffic,
> another SMTP, and one for interactive services like RDP. Most
> examples I have seen are for limiting bandwidth, where as I am after
> priority control so that a non interactive does not impede a users
> interactive experience.
>
> What would be the most efficient way to achieve this sort of
> configuration ?
Probably using fq_codel would be the most efficient way. I use it via
OpenWrt's QoS scripts. You could adapt those to your system, or
something like this might help you implement it:
https://github.com/dtaht/deBloat/blob/master/src/debloat.sh
--
Kenyon Ralph
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: Ingress QoS
2013-04-22 8:47 Ingress QoS Phil Daws
2013-04-22 9:23 ` Kenyon Ralph
@ 2013-04-22 12:43 ` John A. Sullivan III
2013-04-22 13:07 ` John A. Sullivan III
2013-04-23 17:58 ` Andrew Beverley
3 siblings, 0 replies; 5+ messages in thread
From: John A. Sullivan III @ 2013-04-22 12:43 UTC (permalink / raw)
To: lartc
On Mon, 2013-04-22 at 02:23 -0700, Kenyon Ralph wrote:
> On 2013-04-22T09:47:18+0100, Phil Daws <uxbod@splatnix.net> wrote:
> > have started to learn about Ingress policing/shaping using the IFB
> > module. What I would like to achieve is having different class ID's
> > for different service groups. One would contain HTTP/S traffic,
> > another SMTP, and one for interactive services like RDP. Most
> > examples I have seen are for limiting bandwidth, where as I am after
> > priority control so that a non interactive does not impede a users
> > interactive experience.
> >
> > What would be the most efficient way to achieve this sort of
> > configuration ?
>
> Probably using fq_codel would be the most efficient way. I use it via
> OpenWrt's QoS scripts. You could adapt those to your system, or
> something like this might help you implement it:
> https://github.com/dtaht/deBloat/blob/master/src/debloat.sh
>
fq_codel looks really interesting. If I recall correctly, it is quite
new so hopefully there is good documentation.
To respond to the original point, there are a few factors. One is
whether the device you are working on is the only one which needs to
shape the traffic. If not, i.e., if internal routers and switches need
to be aware of the decisions made by this devices, netfilter/iptables
will be important, e.g., one could set the DSCP bits in the mangle table
and then set the internal systems to handle packets according to those
bits.
On the device itself, I have become a great fan of HFSC precisely
because it delinks bandwidth control from other factors. One can tweak
latency separately from guaranteed bandwidth separately from shared
bandwidth. Documentation is sparse but I do have a system
administrator's guide to both IFB and HFSC available.
There are some challenges with interactive protocols. For example,
OpenSSH makes a nice distinction between truly interactive traffic and
other activities such as file transfer (scp, sftp) using ssh as a
transport by setting the ToS bits differently. Thus, one can place
truly interactive traffic in a higher priority queue than bulk
transfers. As far as I know, ssh sessions built on libssh do not make
this distinction. RDP is even worse - no differentiation between
keystrokes/screens and print jobs, file transfers, sound relaying
performed over RDP.
Hope this helps and, if anyone has better ideas or corrections, please
respond as I am not an expert in this area - John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Ingress QoS
2013-04-22 8:47 Ingress QoS Phil Daws
2013-04-22 9:23 ` Kenyon Ralph
2013-04-22 12:43 ` John A. Sullivan III
@ 2013-04-22 13:07 ` John A. Sullivan III
2013-04-23 17:58 ` Andrew Beverley
3 siblings, 0 replies; 5+ messages in thread
From: John A. Sullivan III @ 2013-04-22 13:07 UTC (permalink / raw)
To: lartc
On Mon, 2013-04-22 at 10:02 -0300, Salatiel Filho wrote:
> John, could you point me this "system administrator's guide to both
> IFB and HFSC" ?
>
> Thanks !
>
>
>
> On Mon, Apr 22, 2013 at 9:43 AM, John A. Sullivan III
> <jsullivan@opensourcedevel.com> wrote:
> system
> administrator's guide to both IFB and HFSC available
>
<snip>
I'll send it to you directly. If it's of any use to LARTC, someone
please let me know and to whom I should send it. Thanks - John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Ingress QoS
2013-04-22 8:47 Ingress QoS Phil Daws
` (2 preceding siblings ...)
2013-04-22 13:07 ` John A. Sullivan III
@ 2013-04-23 17:58 ` Andrew Beverley
3 siblings, 0 replies; 5+ messages in thread
From: Andrew Beverley @ 2013-04-23 17:58 UTC (permalink / raw)
To: lartc
On Mon, 2013-04-22 at 09:07 -0400, John A. Sullivan III wrote:
> > system administrator's guide to both IFB and HFSC
>
> I'll send it to you directly. If it's of any use to LARTC, someone
> please let me know and to whom I should send it. Thanks - John
Please, post it to the list - that sounds useful!
Longer term it would be good if you could patch the man pages with some
more information, then it's captured in the official documentation. It's
something I'd like to do myself, but just haven't got the time at the
moment.
Andy
^ permalink raw reply [flat|nested] 5+ messages in thread