From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?ISO-8859-1?Q?BERTRAND_Jo=EBl?= Date: Mon, 29 Oct 2007 18:48:45 +0000 Subject: [LARTC] Some questions about HTB Message-Id: <47262B0D.10106@systella.fr> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hello, I have installed a server with three physical ethernet links and some virtual interfaces: eth0 - 213.215.42.70 eth0:1 - 213.215.42.71 eth0:2 - 213.215.42.72 eth0:3 - 213.215.42.73 eth0:4 - 213.215.42.74 eth0:5 - 213.215.42.75 eth0:6 - 213.215.42.76 eth0:7 - 213.215.42.77 eth0:8 - 213.215.42.78 eth2 - 192.168.1.128 eth3 - 213.215.42.69 All traffic are routed by iproute2 and iptables rules without any trouble, but I don't understand how install a traffic limitation on each IP address. I have to limit forwarded traffic on eth0:x, and input and output traffic on eth3. Thus, I have written : MAX_LOCAL_RATE=2mbit MAX_PUBLIC_RATE0mbit LOCAL_INTERFACE=eth3 LOCAL_ADDRESS!3.215.42.69 PUBLIC_INTERFACE=eth0 # eth3 tc qdisc add dev $LOCAL_INTERFACE root handle 1: htb default 100 tc class add dev $LOCAL_INTERFACE parent 1: classid 1:1 \ htb rate $MAX_LOCAL_RATE tc filter add dev $LOCAL_INTERFACE protocol ip parent 1: \ prio 1 u32 match ip src $LOCAL_ADDRESS/32 flowid 1:1 tc class add dev $LOCAL_INTERFACE parent 1: classid 1:100 \ htb rate 16kbit tc qdisc add dev $LOCAL_INTERFACE parent 1:100 sfq perturb 10 tc qdisc add dev $LOCAL_INTERFACE handle ffff: ingress tc filter add dev $LOCAL_INTERFACE protocol ip parent ffff: \ prio 1 u32 match ip dst $LOCAL_ADDRESS/32 \ police rate $MAX_LOCAL_RATE burst 20k drop flowid :1 # eth0 tc qdisc add dev $PUBLIC_INTERFACE root handle 2: htb default 200 tc class add dev $PUBLIC_INTERFACE parent 2: classid 2:1 \ htb rate $MAX_PUBLIC_RATE burst 20k tc class add dev $PUBLIC_INTERFACE parent 2: classid 2:200 \ htb rate 16kbit tc qdisc add dev $PUBLIC_INTERFACE parent 2:200 sfq perturb 10 # 213.215.42.71 tc class add dev $PUBLIC_INTERFACE parent 2:1 classid 2:71 \ htb rate 1024kbps ceil 1024kbps burst 20k tc qdisc add dev $PUBLIC_INTERFACE parent 2:71 handle 71: sfq perturb 10 tc filter add dev $PUBLIC_INTERFACE protocol ip parent 2:71 \ prio 1 handle 71 fw flowid 2:71 # 213.215.42.72 tc class add dev $PUBLIC_INTERFACE parent 2:1 classid 2:72 \ htb rate 512kbit tc qdisc add dev $PUBLIC_INTERFACE parent 2:72 handle 72: sfq perturb 10 tc filter add dev $PUBLIC_INTERFACE protocol ip parent 2:72 \ prio 1 handle 72 fw flowid 2:72 When I start for example a ftp connection (and only one) on 213.215.42.71, traffic shaping works fine (fw mark are set by iptables rules). When more than one connection are done, paquet transfert is very slow (~20 kbps even I specify 1024kbps). I suspect a mistake in my code but I don't know how fix it. I have tried to use quantum, r2q, burst, cburst without any success. Any idea ? Thanks in advance, JKB _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc