From: Andy Furniss <andy.furniss@dsl.pipex.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Big problem :(((((
Date: Thu, 04 Nov 2004 09:49:38 +0000 [thread overview]
Message-ID: <4189FB32.80507@dsl.pipex.com> (raw)
In-Reply-To: <000c01c4c02b$d52895b0$050b010a@mozocomp>
Cireasa Claudiu wrote:
> Hello!
>
> I have an internet connection of 64kbps garanteed in a channel of 256kbps. On this connection the metropolitan speed is 10Mbps and in the provider's network the speed is 100Mbps.
> I have a few clients behind my linux box and i want to set up some limitations because some of them are using it irrational.
>
> I am marking the packets with 0 for internet;
0 means unmarked.
1 for metropolitan 2 for provider's network.
> Afther the mark i send the packets to the followind classes:
You can test your marking/setup with
tc -s -d class ls dev ethX or
tc -s -d qdisc ls dev ethX.
>
> script for eth0 (eth0 is my local network)
>
> #!/bin/bash
> tc qdisc del dev eth0 root >/dev/null
> tc qdisc add dev eth0 root handle 1: htb default 3
>
> tc class add dev eth0 parent 1: classid 1:1 htb rate 64kbit ceil 256kbit burst 15k quantum 1500 # Internet
> tc class add dev eth0 parent 1: classid 1:2 htb rate 10Mbit burst 15k quantum 1500 # Metropolitan
> tc class add dev eth0 parent 1: classid 1:3 htb rate 80Mbit burst 15k quantum 1500 # Provider
>
> tc class add dev eth0 parent 1:1 classid 1:100 htb rate 64kbit ceil 256kbit burst 15k
> tc qdisc add dev eth0 parent 1:100 handle 100: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:100 classid 1:1001 htb rate 4kbit ceil 64kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:1001 handle 1001: sfq perturb 5 quantum 1500
> tc class add dev eth0 parent 1:100 classid 1:1002 htb rate 4kbit ceil 64kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:1002 handle 1002: sfq perturb 5 quantum 1500
> ...
> tc class add dev eth0 parent 1:100 classid 1:1020 htb rate 4kbit ceil 64kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:1020 handle 1020: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:2 classid 1:300 htb rate 5Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:300 handle 300: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:300 classid 1:3001 htb rate 8kbit ceil 256kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:3001 handle 3001: sfq perturb 5 quantum 1500
> tc class add dev eth0 parent 1:300 classid 1:3002 htb rate 8kbit ceil 256kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:3002 handle 3002: sfq perturb 5 quantum 1500
> ...
> tc class add dev eth0 parent 1:300 classid 1:3020 htb rate 5kbit ceil 256kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:3020 handle 3020: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:2 classid 1:500 htb rate 80Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:500 handle 500: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:500 classid 1:5001 htb rate 8kbit ceil 8Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:5001 handle 5001: sfq perturb 5 quantum 1500
>
> tc class add dev eth0 parent 1:500 classid 1:5002 htb rate 8kbit ceil 8Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth0 parent 1:5002 handle 5002: sfq perturb 5 quantum 1500
> ...
>
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.1 -j CLASSIFY --set-class 1:1001
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.1 -m mark --mark 1 -j CLASSIFY --set-class 1:3001
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.1 -m mark --mark 2 -j CLASSIFY --set-class 1:5001
>
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.2 -j CLASSIFY --set-class 1:1002
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.2 -m mark --mark 1 -j CLASSIFY --set-class 1:3002
> iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.2 -m mark --mark 2 -j CLASSIFY --set-class 1:5002
> ...
Haven't used CLASSIFY so am unsure if this is OK.
Peturb 5 is a bit low - it causes packet reordering and the default
queue length for SFQ is 128 - too long.
In fact if you are going to shape someone to low bandwidth it would be
best to further mark and give their interactive traffic priority over
their bulk.
>
> ###END SCRIPT ETH0###
>
>
> the script for eth1 (the interface witch goes to provider) is:
>
> #!/bin/bash
> tc qdisc del dev eth1 root >/dev/null
> tc qdisc add dev eth1 root handle 1: htb default 4
>
> tc class add dev eth1 parent 1: classid 1:1 htb rate 64kbit ceil 256kbit burst 15k quantum 1500
> tc class add dev eth1 parent 1: classid 1:2 htb rate 10Mbit burst 15k quantum 1500
> tc class add dev eth1 parent 1: classid 1:3 htb rate 80Mbit burst 15k quantum 1500
>
>
> tc class add dev eth1 parent 1:1 classid 1:100 htb rate 64kbit ceil 256kbit burst 15k
> tc qdisc add dev eth1 parent 1:100 handle 100: sfq perturb 5 quantum 1500
>
> tc class add dev eth1 parent 1:100 classid 1:1001 htb rate 4kbit ceil 64kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:1001 handle 1001: sfq perturb 5 quantum 1500
> ...
>
> tc class add dev eth1 parent 1:2 classid 1:300 htb rate 5Mbit prio 8 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:300 handle 300: sfq perturb 5 quantum 1500
>
> tc class add dev eth1 parent 1:300 classid 1:3001 htb rate 32kbit ceil 128kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:3001 handle 3001: sfq perturb 5 quantum 1500
> tc class add dev eth1 parent 1:300 classid 1:3002 htb rate 32kbit ceil 128kbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:3002 handle 3002: sfq perturb 5 quantum 1500
> ...
>
> tc class add dev eth1 parent 1:3 classid 1:500 htb rate 80Mbit prio 8 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:500 handle 500: sfq perturb 5 quantum 1500
>
> tc class add dev eth1 parent 1:500 classid 1:5001 htb rate 128kbit ceil 8Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:5001 handle 5001: sfq perturb 5 quantum 1500
> tc class add dev eth1 parent 1:500 classid 1:5002 htb rate 128kbit ceil 8Mbit prio 5 quantum 1500 burst 15k
> tc qdisc add dev eth1 parent 1:5002 handle 5002: sfq perturb 5 quantum 1500
> ...
>
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.1 -m mark --mark 0 -j MARK --set-mark 1001
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.1 -m mark --mark 1 -j MARK --set-mark 3001
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.1 -m mark --mark 2 -j MARK --set-mark 5001
>
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.2 -m mark --mark 0 -j MARK --set-mark 1002
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.2 -m mark --mark 1 -j MARK --set-mark 3002
> iptables -t mangle -A PREROUTING -i eth0 -s 10.0.0.2 -m mark --mark 2 -j MARK --set-mark 5002
>
You can't match local addresses here if you are doing NAT.
...
>
> tc filter add dev eth1 protocol ip handle 1001 fw flowid 1:1001
> tc filter add dev eth1 protocol ip handle 3001 fw flowid 1:3001
> tc filter add dev eth1 protocol ip handle 5001 fw flowid 1:5001
>
> tc filter add dev eth1 protocol ip handle 1002 fw flowid 1:1002
> tc filter add dev eth1 protocol ip handle 3002 fw flowid 1:3002
> tc filter add dev eth1 protocol ip handle 5002 fw flowid 1:5002
>
>
> #END OF ETH1 SCRIPT#
>
> After i start the scripts all the hosts encounters difficulties in accessing the internet... the web from the internet (class 1:1) are loading verry slow (20-30 seconds); i have ping timeouts... yahoo messenger is connecting in about 20-30 seconds... iti si a mess...
> I know the bandwidth is verry small but even if there are 8 users online the bandwidth should divide and work much faster at least for web...
> I think the script has problems in the part with the burst of 15k... can somebody tell me where is going wrong?
>
> Please help,
> Claudiu.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2004-11-04 9:49 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-01 15:59 [LARTC] Big problem :((((( Cireasa Claudiu
2004-11-04 9:49 ` Andy Furniss [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4189FB32.80507@dsl.pipex.com \
--to=andy.furniss@dsl.pipex.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.