From: nix4me <nix4me@cfl.rr.com>
To: lartc@vger.kernel.org
Subject: [LARTC] revised shaping rules, please take a look
Date: Sun, 05 Mar 2006 01:40:48 +0000 [thread overview]
Message-ID: <440A41A0.6090909@cfl.rr.com> (raw)
In my attempt to move my traffic shaping to my router from an internal
box, I have come up with a new set of rules. I would appreciate any
feedback the list members might have.
What I am trying to do is shape my outbound bandwidth so that my que
doesn't get full. I run a ftp server 24/7, do normal email, some ssh,
web surfing and some downloading. I have a cable modem with 10mbit
download and 1mbit upload. The router is a linux box running IPCOP and
eth1 faces the internet and eth0 faces the LAN.
I want to set my cap at 105kbps (slightly less than 1mbit) for all
outbound traffic. I want ftp traffic to send at the full 105kbps
without affecting my download speed or ssh ability. I also want the ftp
to send at the full 105kbps UNLESS I am sending an email. I think the
following rules will do that.
#!/bin/bash
# clear out the chain and setup a new chain
iptables -t mangle -D OUTPUT -o eth1 -j BW-OUT 2> /dev/null > /dev/null
iptables -t mangle -F BW-OUT 2> /dev/null > /dev/null
iptables -t mangle -X BW-OUT 2> /dev/null > /dev/null
iptables -t mangle -N BW-OUT
iptables -t mangle -I POSTROUTING -o eth1 -j BW-OUT
# mark packets: 2 is active ftp and passive ftp, 1 is ACK for downloads
and email and everything else
iptables -t mangle -A BW-OUT -p tcp -m length --length :64 -j MARK
--set-mark 1
iptables -t mangle -A BW-OUT -m tcp -p tcp --dport 25 -j MARK --set-mark 1
iptables -t mangle -A BW-OUT -p tcp --sport 59999 -j MARK --set-mark 2
iptables -t mangle -A BW-OUT -p tcp --sport 50000:51000 -j MARK
--set-mark 2
iptables -t mangle -A BW-OUT -m mark --mark 0 -j MARK --set-mark 1
# clear the qdisc
tc qdisc del dev eth1 root
#add the root qdisk
tc qdisc add dev eth1 root handle 1: htb default 10
#add main rate limit class and 2 leafs
tc class add dev eth1 parent 1: classid 1:1 htb rate 105kpbs ceil 105kpbs
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 50kbps ceil
105kbps prio 0
tc class add dev eth1 parent 1:1 classid 1:11 htb rate 50kbps ceil
105kbps prio 1
#filter traffic into classes
tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 1 fw flowid
1:10
tc filter add dev eth1 parent 1:0 prio 1 protocol ip handle 2 fw flowid
1:11
So, in a nutshell. This should shape outbound ftp to 105kpbs. If I
download, the ACK packets should go to the front of the que. If I send
a large email, the email should borrow speed from the ftp. Web surfing
should be snappy and ssh also beacuse they are in the higher priority que.
Any comments?
nix4me
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
reply other threads:[~2006-03-05 1:40 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=440A41A0.6090909@cfl.rr.com \
--to=nix4me@cfl.rr.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.