From mboxrd@z Thu Jan 1 00:00:00 1970 From: dE Date: Thu, 16 May 2013 06:48:19 +0000 Subject: Re: pfifo_fast behavior. Message-Id: <51947E63.1030808@gmail.com> List-Id: References: <518FA146.2070900@gmail.com> In-Reply-To: <518FA146.2070900@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org On 05/13/13 23:19, Benjamin Kiessling wrote: > On 05/12, dE wrote: >> Hello everyone! >> >> I was trying to do some traffic shaping to make http pages more responsive >> while torrenting. So I decided to modify TOS value of packets to have an >> affect on the default pfifo_fast qdisc. >> >> I've the following iptable rules -- >> >> #DNS request >> iptables -t mangle -A OUTPUT -o eth1 -p udp -m multiport --dports 53 -j TOS >> --set-tos 0x10 >> >> #DNS response >> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --sports 53 -j >> TOS --set-tos 0x10 >> >> #Incoming torrent connections >> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --dports 2000 >> -j TOS --set-tos 0x2 >> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --dports >> 2000,1900,2001 -j TOS --set-tos 0x2 >> >> #Mail server >> iptables -t mangle -A OUTPUT -o eth1 -p tcp -d imap.googlemail.com -m >> multiport --dports 993 -j TOS --set-tos 0x10 >> >> #HTTP(S) >> iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j >> TOS --set-tos 0x14 >> #iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j >> TOS --set-tos 0x10 >> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443 >> -j TOS --set-tos 0x14 >> #iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443 >> -j TOS --set-tos 0x10 > There are several issues with your configuration. First, setting the > (deprecated ToS) bits on incoming packets if you don't plan to forward > these packets is senseless. Second, all *fifo* qdiscs are > work-conserving, i.e. will dequeue packets at line speed. As the > bandwidth of your local LAN is usually quite a bit higher than your > internet uplink packets will still pile up at your DSL/cable/... modem. > To actually prioritize services you need to own the queue by limiting > your egress packet rate to slughtly lower than your modems rate. Be > aware that most ISPs overcommit bandwidth in the order of 1:15-1:50 and > your setup will still be ineffective if the shaped rate is higher than > the modems rate. > >> But is there a difference between all TOS values which fall in a single >> band? > Nope. > >> I mean, does the behavior of pfifo_fast change if I change from 0x12 to >> 0x16? Cause I thought the qdisc to be simple, and a different behavior for >> all of the above TOS values means pfifo_fast does a lot more than just >> placing packets in 3 different queues. > Nope. > >> Another question -- how do you get these TOS values? > They are derived from [0]. Again ToS bits are deprecated. > >> and what does -j TOS --set-tos do? Does it modify the 4 bits >> or the whole 8 bit TOS value in the header, or does something >> completely different? > Citing the manpage: "This module sets the Type of Service field in the > IPv4 header (including the "precedence" bits) or the Priority field in > the IPv6 header." It accesses the whole byte. Again ToS is deprecated. > If you want to explicitely mark packet priorities in your network use > DSCP (but don't forget admission control), otherwise just use iptables > to match hosts/protocols directly to HTB/HFSC/DRR/... classes. > > Regards, > Ben > > [0] https://tools.ietf.org/html/rfc1349 > Thank you!