* [LARTC] New HTB-derived qdisc for accounting?
@ 2005-06-04 12:45 Carl-Daniel Hailfinger
2005-06-04 12:54 ` Peter Surda
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Carl-Daniel Hailfinger @ 2005-06-04 12:45 UTC (permalink / raw)
To: lartc
Hi,
at my local university network, I have to make sure no student
uploads more than x GB/day. So far, I give them unlimited bandwidth
until they have more than y GB (y<x) upload. After that, I use the
u32 filter to associate the affected IP address with a HTB class
limited to the rate (remainingtraffic/remainingtime).
Since the accounting is done with ipt_ACCOUNT right now and the
netfilter framework obviously can't know whether a packet was
dropped because the queue was full, dropped packets are counted as
traffic, but that is somewhat unfair.
Can I do the accounting with the traffic control framework in the
kernel instead of using ipt_ACCOUNT? Giving every IP its own htb
class and setting that to an incredibly high limit to do the
accounting seems overkill (there is no point in forcing HTB to
do all the calculations for shaping if I only want to count)
especially because I'd have to do that for a sparsely populated
/16 network (about 1500-2800 hosts).
One (not that sophisticted) idea is to leave the accounting "as is"
and add a "dropped bytes" count to htb. This could be subtracted
from the numbers ipt_ACCOUNT gives me. That would modify the output
of "tc class ls" from
Sent 86136037 bytes 103963 pkt (dropped 283998, overlimits 0 requeues 0)
to
Sent 86136037 bytes 103963 pkt (dropped 385953282 bytes 283998 pkt, overlimits 0 requeues 0)
Proposal:
----------------------------------
Another idea would be to create a qdisc HTBQ (HTB with quota)
derived from HTB with the following characteristics:
htb_rate=min(htbq_rate, (alreadysent=>htbq_squota)?((htbq_quota-alreadysent)/remtime):htbq_rate)
htb_ceil=htbq_ceil //this is just passed on
htb_burst=htbq_burst
htb_cburst=htbq_cburst
htb_prio=htbq_prio
htb_quantum=htbq_quantum //should be set automatically
htbq_interval seconds //time after which quota is reset
htbq_starttime seconds //time when the first interval starts
htbq_quota bytes //maximum allowed bytes
htbq_squota bytes //unshaped quota
htbq_rate is optional, unlimited if not set
htbq_ceil is optional
htbq_burst is optional
htbq_cburst is optional
htbq_prio is mandantory
htbq_quantum is optional
htbq_interval is mandantory
htbq_starttime is optional, defaults to unixtime 0
htbq_quota is mandantory
htbq_squota is optional, defaults to 0 (shape from beginning)
Basic description:
Case 1: already sent bytes are less than htbq_squota
if htbq_{rate,ceil,burst,cburst,quantum} is set then
do normal htb shaping with copied parameters
else
pass on packets directly to network device
Case 2: already sent bytes are greater or equal than htbq_squota
if htbq_{rate,ceil,burst,cburst,quantum} is set then
do htb shaping with copied parameters except
htb_rate=min(htbq_rate, (htbq_quota-alreadysent)/remtime)
htb_ceil=min(htbq_ceil, (htbq_quota-alreadysent)/remtime)
else
do htb shaping with following parameters
htb_rate=(htbq_quota-alreadysent)/remtime
htb_ceil=(htbq_quota-alreadysent)/remtime
This would surely be helpful for some admins who have to limit
users to a certain quota without constantly shaping their
network traffic or pulling the plug once the quota is full.
Thoughts?
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
@ 2005-06-04 12:54 ` Peter Surda
2005-06-04 13:21 ` Carl-Daniel Hailfinger
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Peter Surda @ 2005-06-04 12:54 UTC (permalink / raw)
To: lartc
On Sat, 04 Jun 2005 14:45:30 +0200 Carl-Daniel Hailfinger
<c-d.hailfinger.devel.2005@gmx.net> wrote:
>Hi,
Hi.
>Since the accounting is done with ipt_ACCOUNT right now and the
>netfilter framework obviously can't know whether a packet was
>dropped because the queue was full, dropped packets are counted as
>traffic, but that is somewhat unfair.
I did some tests about a year ago and arrived to the conclusion that this
difference can be ignored for practical purposes (~2%).
Yours sincerely,
Peter
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
2005-06-04 12:54 ` Peter Surda
@ 2005-06-04 13:21 ` Carl-Daniel Hailfinger
2005-06-04 13:35 ` Patrick McHardy
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Carl-Daniel Hailfinger @ 2005-06-04 13:21 UTC (permalink / raw)
To: lartc
Hi,
Peter Surda schrieb:
> On Sat, 04 Jun 2005 14:45:30 +0200 Carl-Daniel Hailfinger
>
>>Since the accounting is done with ipt_ACCOUNT right now and the
>>netfilter framework obviously can't know whether a packet was
>>dropped because the queue was full, dropped packets are counted as
>>traffic, but that is somewhat unfair.
>
> I did some tests about a year ago and arrived to the conclusion that this
> difference can be ignored for practical purposes (~2%).
I know that it can be ignored most of the time, but certain types
of communication using UDP packets don't adjust their rates like
a TCP connection would. One pathological case was >70% dropped
packets and the netfilter counters were complete garbage.
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
2005-06-04 12:54 ` Peter Surda
2005-06-04 13:21 ` Carl-Daniel Hailfinger
@ 2005-06-04 13:35 ` Patrick McHardy
2005-06-04 13:39 ` Peter Surda
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2005-06-04 13:35 UTC (permalink / raw)
To: lartc
Carl-Daniel Hailfinger wrote:
> Proposal:
> ----------------------------------
> Another idea would be to create a qdisc HTBQ (HTB with quota)
> derived from HTB with the following characteristics:
>
> htb_rate=min(htbq_rate, (alreadysent=>htbq_squota)?((htbq_quota-alreadysent)/remtime):htbq_rate)
Why do you want to decrease speed as the quota is approached?
Wouldn't a simple per-class quota or a quota-ematch work as
well?
Regards
Patrick
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
` (2 preceding siblings ...)
2005-06-04 13:35 ` Patrick McHardy
@ 2005-06-04 13:39 ` Peter Surda
2005-06-04 18:46 ` Carl-Daniel Hailfinger
2005-06-06 14:02 ` Patrick McHardy
5 siblings, 0 replies; 7+ messages in thread
From: Peter Surda @ 2005-06-04 13:39 UTC (permalink / raw)
To: lartc
On Sat, 04 Jun 2005 15:21:36 +0200 Carl-Daniel Hailfinger
<c-d.hailfinger.devel.2005@gmx.net> wrote:
>Hi,
Hi,
>I know that it can be ignored most of the time, but certain types
>of communication using UDP packets don't adjust their rates like
>a TCP connection would. One pathological case was >70% dropped
>packets and the netfilter counters were complete garbage.
In that case, on the same website as wrr ( http://wipl-wrr.sf.net/ ), there is
another program, wipl. It is supposed to do IP-accounting based on tc (I don't
know if it depends on wrr, I never used it, it just says it was designed for the
purpose you require).
>Regards,
>Carl-Daniel
Yours sincerely,
Peter
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
` (3 preceding siblings ...)
2005-06-04 13:39 ` Peter Surda
@ 2005-06-04 18:46 ` Carl-Daniel Hailfinger
2005-06-06 14:02 ` Patrick McHardy
5 siblings, 0 replies; 7+ messages in thread
From: Carl-Daniel Hailfinger @ 2005-06-04 18:46 UTC (permalink / raw)
To: lartc
Patrick McHardy schrieb:
> Carl-Daniel Hailfinger wrote:
>
>>Proposal:
>>----------------------------------
>>Another idea would be to create a qdisc HTBQ (HTB with quota)
>>derived from HTB with the following characteristics:
>>
>>htb_rate=min(htbq_rate, (alreadysent=>htbq_squota)?((htbq_quota-alreadysent)/remtime):htbq_rate)
>
>
> Why do you want to decrease speed as the quota is approached?
We have two phases (simplified):
1. Already sent traffic is less than htbq_squota
-> Do not limit anything.
2. Already sent traffic is more than htbq_squota
-> Limit the rate to something which allows the quota
to be filled completely in the remainig time.
Most people stay below htbq_squota and do not notice
anything at all, i.e. they get full wire speed. Power users
will cause more traffic than htb_squota and be limited so
they can't get over htbq_quota. Since it is impossible to
send faster than htb_rate, htb_rate will stay constant if
it is fully utilized. If htb_rate is not fully utilized,
the speed will actually *increase* over time.
> Wouldn't a simple per-class quota or a quota-ematch work as
> well?
That would be easier, but I can't see how to realize the
process above with a quota-ematch. Especially the dynamic
rate adaption needs something more than just quota.
Probably one could combine quota-ematch with some userspace
hackery to achieve what I want, but it would require to
statically set up 65536 classes for a /16 network. Hm.
The only difference to my solution would be that we need
a quota ematch instead of a htb_quota qdisc and rate control
would be done in userspace.
So where can I find code doing a quota ematch?
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [LARTC] New HTB-derived qdisc for accounting?
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
` (4 preceding siblings ...)
2005-06-04 18:46 ` Carl-Daniel Hailfinger
@ 2005-06-06 14:02 ` Patrick McHardy
5 siblings, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2005-06-06 14:02 UTC (permalink / raw)
To: lartc
Carl-Daniel Hailfinger wrote:
> Patrick McHardy schrieb:
>
>>Why do you want to decrease speed as the quota is approached?
>
>
> We have two phases (simplified):
> 1. Already sent traffic is less than htbq_squota
> -> Do not limit anything.
> 2. Already sent traffic is more than htbq_squota
> -> Limit the rate to something which allows the quota
> to be filled completely in the remainig time.
>
> Most people stay below htbq_squota and do not notice
> anything at all, i.e. they get full wire speed. Power users
> will cause more traffic than htb_squota and be limited so
> they can't get over htbq_quota. Since it is impossible to
> send faster than htb_rate, htb_rate will stay constant if
> it is fully utilized. If htb_rate is not fully utilized,
> the speed will actually *increase* over time.
Ok, so why do you want to prevent people from sending from
htbq_squota to htbq_quota at full speed? Isn't the important
point that noone sends more than their quota? Dynamic rate
adaption is not easy, HTB needs pre-calculated rate tables,
with HFSC it is even more complicated and can cause short
periods of unfairness.
>>Wouldn't a simple per-class quota or a quota-ematch work as
>>well?
>
> That would be easier, but I can't see how to realize the
> process above with a quota-ematch. Especially the dynamic
> rate adaption needs something more than just quota.
> Probably one could combine quota-ematch with some userspace
> hackery to achieve what I want, but it would require to
> statically set up 65536 classes for a /16 network. Hm.
> The only difference to my solution would be that we need
> a quota ematch instead of a htb_quota qdisc and rate control
> would be done in userspace.
>
> So where can I find code doing a quota ematch?
Nowhere I guess, but shouldn't take more than a couple of minutes
to write one. It would have the same problems as with iptables
however, it doesn't get feedback about dropped packets. A per-class
quota inside the qdisc is probably the best way.
Regards
Patrick
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2005-06-06 14:02 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-04 12:45 [LARTC] New HTB-derived qdisc for accounting? Carl-Daniel Hailfinger
2005-06-04 12:54 ` Peter Surda
2005-06-04 13:21 ` Carl-Daniel Hailfinger
2005-06-04 13:35 ` Patrick McHardy
2005-06-04 13:39 ` Peter Surda
2005-06-04 18:46 ` Carl-Daniel Hailfinger
2005-06-06 14:02 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.