[LARTC] Limiting bandwidth to entire LAN

[LARTC] Limiting bandwidth to entire LAN

[Gastón]

Hi, first of all thanks for all your help. I`m using a bridge and I want to
assign the lan (with public routable ips) only 512Kbits (The internet link
is 1Mbit). What i thought was creating a class with  a ceil of 512Kbit an
applying a filter to it with the entire net (1.2.3.0/24). This approach
didn´t work for me(the ceil was bypassed). Should I use policing instead?


These are the commands I used:

tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1 htb default 10 r2q 5

tc qdisc del dev eth1 root
tc qdisc add dev eth1 root handle 1 htb default 10 r2q 5

tc class add dev eth0 parent 1: classid 1:2 htb rate 512Kbit

tc class add dev eth0 parent 1:2 classid 1:30 htb rate 448Kbit ceil 512Kbit
tc qdisc add dev eth0 parent 1:30 handle 30 sfq perturb 10
tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip src
1.2.3.0/24 classid 1:30



tc class add dev eth1 parent 1: classid 1:2 htb rate 512Kbit

tc class add dev eth1 parent 1:2 classid 1:30 htb rate 448Kbit ceil 512Kbit
tc qdisc add dev eth1 parent 1:30 handle 30 sfq perturb 10
tc filter add dev eth1 parent 1:0 protocol ip prio 100 u32 match ip dst
1.2.3.0/24 classid 1:30

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Limiting bandwidth to entire LAN

[Damion de Soto]

Hi Gastón,

> tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip src
> 1.2.3.0/24 classid 1:30

> tc filter add dev eth1 parent 1:0 protocol ip prio 100 u32 match ip dst
> 1.2.3.0/24 classid 1:30
I'm pretty sure you want 'flowid 1:30' instead of classid on the filters.

To my knowledge, the classid is declaring the filter to have that class, instead of 
directing the matching to the class with that id.

Although, taking a quick look through the doco, I can't see anywhere where
it explicitly says what the flowid does, maybe it's just assumed because all the 
examples are like that.

regards

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Damion de Soto - Software Engineer  email:     damion@snapgear.com
SnapGear - A CyberGuard Company ---    ph:         +61 7 3435 2809
  | Custom Embedded Solutions          fax:         +61 7 3891 3630
  | and Security Appliances            web: http://www.snapgear.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ---  Free Embedded Linux Distro at   http://www.snapgear.org  ---

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Limiting bandwidth to entire LAN

[Stef Coene]

On Thursday 04 March 2004 15:55, Gastón wrote:
> Hi, first of all thanks for all your help. I`m using a bridge and I want to
> assign the lan (with public routable ips) only 512Kbits (The internet link
> is 1Mbit). What i thought was creating a class with  a ceil of 512Kbit an
> applying a filter to it with the entire net (1.2.3.0/24). This approach
> didn´t work for me(the ceil was bypassed). Should I use policing instead?
Can you check the counters with tc -s -d class dev eth1 to see if the filters 
are working ?

Stef

-- 
stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Limiting bandwidth to entire LAN

[Stef Coene]

On Friday 05 March 2004 01:07, Damion de Soto wrote:
> Hi Gastón,
>
> > tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip src
> > 1.2.3.0/24 classid 1:30
> >
> > tc filter add dev eth1 parent 1:0 protocol ip prio 100 u32 match ip dst
> > 1.2.3.0/24 classid 1:30
>
> I'm pretty sure you want 'flowid 1:30' instead of classid on the filters.
>
> To my knowledge, the classid is declaring the filter to have that class,
> instead of directing the matching to the class with that id.
Fowid and classid are the same (from f_u32.c) :
     } else if (matches(*argv, "classid") = 0 ||
                    strcmp(*argv, "flowid") = 0) {

Stef

-- 
stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Limiting bandwidth to entire LAN

[gaston]

Hi Stef, this is the output of tc

# tc -s -d class show dev eth1

class htb 1:2 root rate 512Kbit ceil 512Kbit burst 2254b/8 mpu 0b cburst 
2254b/8 mpu 0b level 7
 Sent 6232181694 bytes 13132747 pkts (dropped 0, overlimits 0)
 rate 24621bps 60pps
 lended: 592516 borrowed: 0 giants: 0
 tokens: 17264 ctokens: 17264

class htb 1:57 parent 1:2 leaf 57: prio 0 quantum 3276 rate 128Kbit ceil 
128Kbit burst 1762b/8 mpu 0b cburst 1762b/8 mpu 0b level 0
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 88149 ctokens: 88149

class htb 1:30 parent 1:2 leaf 30: prio 0 quantum 11468 rate 448Kbit ceil 
512Kbit burst 2172b/8 mpu 0b cburst 2254b/8 mpu 0b level 0
 Sent 6232147503 bytes 13132747 pkts (dropped 783, overlimits 0)
 rate 24405bps 60pps
 lended: 12540231 borrowed: 592516 giants: 0
 tokens: 13875 ctokens: 17264


# tc -s -d filter show dev eth1
filter parent 1: protocol ip pref 100 u32
filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 
800 bkt 0 flowid 1:30
  match c850da00/ffffff00 at 16
filter parent 1: protocol ip pref 100 u32 fh 800::801 order 2049 key ht 
800 bkt 0 flowid 1:57
  match c850da1a/ffffffff at 16


# tc -s -d qdisc show dev eth1
qdisc sfq 57: quantum 1514b limit 128p flows 128/1024 perturb 10sec
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)

qdisc sfq 30: quantum 1514b limit 128p flows 128/1024 perturb 10sec
 Sent 6235399235 bytes 13141249 pkts (dropped 783, overlimits 0)

qdisc htb 1: r2q 5 default 30 direct_packets_stat 1 ver 3.12
 Sent 6235399289 bytes 13141250 pkts (dropped 783, overlimits 2438143)



-----Original Message-----
From: Stef Coene <stef.coene@docum.org>
To: lartc@mailman.ds9a.nl
Date: Sat, 6 Mar 2004 13:15:41 +0100
Subject: Re: [LARTC] Limiting bandwidth to entire LAN

> On Thursday 04 March 2004 15:55, Gastón wrote:
> > Hi, first of all thanks for all your help. I`m using a bridge and I
> want to
> > assign the lan (with public routable ips) only 512Kbits (The internet
> link
> > is 1Mbit). What i thought was creating a class with  a ceil of
> 512Kbit an
> > applying a filter to it with the entire net (1.2.3.0/24). This
> approach
> > didn´t work for me(the ceil was bypassed). Should I use policing
> instead?
> Can you check the counters with tc -s -d class dev eth1 to see if the
> filters 
> are working ?
> 
> Stef
> 
> -- 
> stef.coene@docum.org
>  "Using Linux as bandwidth manager"
>      http://www.docum.org/
>      #lartc @ irc.openprojects.net
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Limiting bandwidth to entire LAN

[gaston]

Well I´m quite confused about this. I had always shaped on the router
(eth0 for outgoing and eth1 for incoming), everything was ok. Now the 
scenario is different since I want to use a bridge for limiting (not 
shaping and this is my mistake, I think :)) the 1Mbit connection to 
512Kbit for the bridge and the other 512Kbit to go other way (not passing 
through the bridge). So I think I should do this in a different way, 
right?
What should I do to acomplish this? Thanks for your help and patience. 
Cheers.

 

-----Original Message-----
From: Stef Coene <stef.coene@docum.org>
To: lartc@mailman.ds9a.nl
Date: Sat, 6 Mar 2004 13:15:44 +0100
Subject: Re: [LARTC] Limiting bandwidth to entire LAN

> On Friday 05 March 2004 01:07, Damion de Soto wrote:
> > Hi Gastón,
> >
> > > tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip
> src
> > > 1.2.3.0/24 classid 1:30
> > >
> > > tc filter add dev eth1 parent 1:0 protocol ip prio 100 u32 match ip
> dst
> > > 1.2.3.0/24 classid 1:30
> >
> > I'm pretty sure you want 'flowid 1:30' instead of classid on the
> filters.
> >
> > To my knowledge, the classid is declaring the filter to have that
> class,
> > instead of directing the matching to the class with that id.
> Fowid and classid are the same (from f_u32.c) :
>      } else if (matches(*argv, "classid") = 0 ||
>                     strcmp(*argv, "flowid") = 0) {
> 
> Stef
> 
> -- 
> stef.coene@docum.org
>  "Using Linux as bandwidth manager"
>      http://www.docum.org/
>      #lartc @ irc.openprojects.net
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/