HTB performance, and debbuging

HTB performance, and debbuging

[Žilvinas Vaičkus]

Hi list,

I have two traffic shaping servers, on Linux Centos 5.5 
(2.6.18-194.32.1.el5) with HTB. In these servers are 2 gigabit NIC's and 
running script which generates two HTB class'es per ip, one for http and 
icmp, and another class for other ports. These class'es have different 
bandwidth rate. Each server serves about 5000 IP's, so each server have 
about 10000 class'es and about 40000 filters (4 filters per class), and 
all IP's are hashed with hashing tables.I am not sure that all my ip's 
are shaped. When i look to default class with "tc -s class show dev" 
sometimes default class traffic goes up, so there is asumtion that some 
of ip's are not shaped.

1. First question ist there any way to check which ip's go trough 
default HTB class ?
2. In rush hours servers reach about 975 Mbits of 1 Gbist total 
bandwidth. Question which solution is the best, buy the third server, 
and balance traffic with three servers, or buy dual or quad NIC's and 
make bond device, then start HTB on bond ? or maybe other solution ?

Thank you for the answers
Zilvinas

Re: HTB performance, and debbuging

[Benjamin Kiessling]

[-- Attachment #1: Type: text/plain, Size: 1144 bytes --]

Hi,

On 2013.03.05 08:27:41 +0200, Žilvinas Vaičkus wrote:
> Hi list,
> 
> I have two traffic shaping servers, on Linux Centos 5.5
> (2.6.18-194.32.1.el5) with HTB. In these servers are 2 gigabit NIC's and
> running script which generates two HTB class'es per ip, one for http and
> icmp, and another class for other ports. These class'es have different
> bandwidth rate. Each server serves about 5000 IP's, so each server have
> about 10000 class'es and about 40000 filters (4 filters per class), and all
> IP's are hashed with hashing tables.I am not sure that all my ip's are
> shaped. When i look to default class with "tc -s class show dev" sometimes
> default class traffic goes up, so there is asumtion that some of ip's are
> not shaped.
> 
> 1. First question ist there any way to check which ip's go trough default
> HTB class ?

It would be possible to mirror traffic reaching the default class to an
ifb like this: 

tc filter add dev eth0 parent 1:defaultclass protocol ip priority 10 u32 \
match u32 0 0 flowid 1: action mirred egress mirror dev ifb0

Then just run a tcpdump on ifb0.

Regards,
Ben

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

Re: HTB performance, and debbuging

[Žilvinas Vaičkus]

On 03/05/2013 01:56 PM, Benjamin Kiessling wrote:
> Hi,
>
> On 2013.03.05 08:27:41 +0200, Žilvinas Vaičkus wrote:
>> Hi list,
>>
>> I have two traffic shaping servers, on Linux Centos 5.5
>> (2.6.18-194.32.1.el5) with HTB. In these servers are 2 gigabit NIC's and
>> running script which generates two HTB class'es per ip, one for http and
>> icmp, and another class for other ports. These class'es have different
>> bandwidth rate. Each server serves about 5000 IP's, so each server have
>> about 10000 class'es and about 40000 filters (4 filters per class), and all
>> IP's are hashed with hashing tables.I am not sure that all my ip's are
>> shaped. When i look to default class with "tc -s class show dev" sometimes
>> default class traffic goes up, so there is asumtion that some of ip's are
>> not shaped.
>>
>> 1. First question ist there any way to check which ip's go trough default
>> HTB class ?
> It would be possible to mirror traffic reaching the default class to an
> ifb like this:
>
> tc filter add dev eth0 parent 1:defaultclass protocol ip priority 10 u32 \
> match u32 0 0 flowid 1: action mirred egress mirror dev ifb0
>
> Then just run a tcpdump on ifb0.
>
> Regards,
> Ben
Thank you for the reply Benhamin.

Ok so simple example i have these HTB rules:

eth2 - internet
eth0 - lan
default class for eth0 are 2:16 and if I add filter (last line) all 
traffic which arive in that class will be mirrored to ifb0 correct ?

-------------------------------------------------------------------------------------------------------------
qdisc replace dev eth2 root handle 1: htb default 12
qdisc replace dev eth0 root handle 2: htb default 16

class add dev eth2 parent 1:0 classid 1:12 htb rate 995Mbit ceil 995Mbit
class add dev eth0 parent 2:0 classid 2:16 htb rate 995Mbit ceil 995Mbit

class add dev eth2 parent 1:0 classid 1:64 htb rate 5024kbit
class add dev eth2 parent 1:0 classid 1:65 htb rate 124kbit

         filter add dev eth2 parent 1:0 protocol ip prio 100 u32 match 
ip src 10.42.1.24 match ip icmp_type 0x08 0xff flowid 1:64
         filter add dev eth2 parent 1:0 protocol ip prio 100 u32 match 
ip src 10.42.1.24 match ip dport 80 0xffff flowid 1:64
         filter add dev eth2 parent 1:0 protocol ip prio 100 u32 match 
ip src 10.42.1.24 match ip dport 443 0xffff flowid 1:64
         filter add dev eth2 parent 1:0 protocol ip prio 100 u32 match 
ip src 10.42.1.24 match ip dport 33434 0xff80 flowid 1:64
         filter add dev eth2 parent 1:0 protocol ip prio 100 u32 match 
ip src 10.42.1.24 match ip dport 0 0x0000 flowid 1:65

class add dev eth0 parent 2:0 classid 2:64 htb rate 5024kbit
class add dev eth0 parent 2:0 classid 2:65 htb rate 124kbit

         filter add dev eth0 parent 2:0 protocol ip prio 100 u32 match 
ip dst 10.42.1.24 match ip icmp_type 0x00 0xff flowid 2:64
         filter add dev eth0 parent 2:0 protocol ip prio 100 u32 match 
ip dst 10.42.1.24 match ip sport 80 0xffff flowid 2:64
         filter add dev eth0 parent 2:0 protocol ip prio 100 u32 match 
ip dst 10.42.1.24 match ip sport 443 0xffff flowid 2:64
         filter add dev eth0 parent 2:0 protocol ip prio 100 u32 match 
ip dst 10.42.1.24 match ip sport 33434 0xff80 flowid 2:64
         filter add dev eth0 parent 2:0 protocol ip prio 100 u32 match 
ip dst 10.42.1.24 match ip sport 0 0x0000 flowid 2:65
----------------------------------------------------------------------------------------------------------------
filter add dev eth0 parent 2:16 protocol ip priority 10 u32 match u32 0 
0 flowid 1: action mirred egress mirror dev ifb0