* pfifo_fast behavior.
@ 2013-05-12 14:15 dE
2013-05-13 17:49 ` Benjamin Kiessling
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: dE @ 2013-05-12 14:15 UTC (permalink / raw)
To: lartc
Hello everyone!
I was trying to do some traffic shaping to make http pages more
responsive while torrenting. So I decided to modify TOS value of packets
to have an affect on the default pfifo_fast qdisc.
I've the following iptable rules --
#DNS request
iptables -t mangle -A OUTPUT -o eth1 -p udp -m multiport --dports 53 -j
TOS --set-tos 0x10
#DNS response
iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --sports 53
-j TOS --set-tos 0x10
#Incoming torrent connections
iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --dports
2000 -j TOS --set-tos 0x2
iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --dports
2000,1900,2001 -j TOS --set-tos 0x2
#Mail server
iptables -t mangle -A OUTPUT -o eth1 -p tcp -d imap.googlemail.com -m
multiport --dports 993 -j TOS --set-tos 0x10
#HTTP(S)
iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443
-j TOS --set-tos 0x14
#iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports
80,443 -j TOS --set-tos 0x10
iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport
80,443 -j TOS --set-tos 0x14
#iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport
80,443 -j TOS --set-tos 0x10
There is an improvement, but it's so little that it feels like placebo,
making me doubt the above action. So are the actions correct?
man tc-prio has a table --
TOS Bits Means Linux Priority Band
------------------------------------------------------------
0x0 0 Normal Service 0 Best Effort 1
0x2 1 Minimize Monetary Cost 1 Filler 2
0x4 2 Maximize Reliability 0 Best Effort 1
0x6 3 mmc+mr 0 Best Effort 1
0x8 4 Maximize Throughput 2 Bulk 2
0xa 5 mmc+mt 2 Bulk 2
0xc 6 mr+mt 2 Bulk 2
0xe 7 mmc+mr+mt 2 Bulk 2
0x10 8 Minimize Delay 6 Interactive 0
0x12 9 mmc+md 6 Interactive 0
0x14 10 mr+md 6 Interactive 0
0x16 11 mmc+mr+md 6 Interactive 0
0x18 12 mt+md 4 Int. Bulk 1
0x1a 13 mmc+mt+md 4 Int. Bulk 1
0x1c 14 mr+mt+md 4 Int. Bulk 1
0x1e 15 mmc+mr+mt+md 4 Int. Bulk 1
But is there a difference between all TOS values which fall in a single
band?
I mean, does the behavior of pfifo_fast change if I change from 0x12 to
0x16? Cause I thought the qdisc to be simple, and a different behavior
for all of the above TOS values means pfifo_fast does a lot more than
just placing packets in 3 different queues.
Another question -- how do you get these TOS values? and what does -j
TOS --set-tos <HEX/DEC> do? Does it modify the 4 bits or the whole 8 bit
TOS value in the header, or does something completely different?
I'm running a custom kernel with Gentoo OS.
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: pfifo_fast behavior.
2013-05-12 14:15 pfifo_fast behavior dE
@ 2013-05-13 17:49 ` Benjamin Kiessling
2013-05-15 2:33 ` dE
2013-05-16 6:48 ` dE
2 siblings, 0 replies; 4+ messages in thread
From: Benjamin Kiessling @ 2013-05-13 17:49 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: text/plain, Size: 3205 bytes --]
On 05/12, dE wrote:
> Hello everyone!
>
> I was trying to do some traffic shaping to make http pages more responsive
> while torrenting. So I decided to modify TOS value of packets to have an
> affect on the default pfifo_fast qdisc.
>
> I've the following iptable rules --
>
> #DNS request
> iptables -t mangle -A OUTPUT -o eth1 -p udp -m multiport --dports 53 -j TOS
> --set-tos 0x10
>
> #DNS response
> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --sports 53 -j
> TOS --set-tos 0x10
>
> #Incoming torrent connections
> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --dports 2000
> -j TOS --set-tos 0x2
> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --dports
> 2000,1900,2001 -j TOS --set-tos 0x2
>
> #Mail server
> iptables -t mangle -A OUTPUT -o eth1 -p tcp -d imap.googlemail.com -m
> multiport --dports 993 -j TOS --set-tos 0x10
>
> #HTTP(S)
> iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j
> TOS --set-tos 0x14
> #iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j
> TOS --set-tos 0x10
> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443
> -j TOS --set-tos 0x14
> #iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443
> -j TOS --set-tos 0x10
There are several issues with your configuration. First, setting the
(deprecated ToS) bits on incoming packets if you don't plan to forward
these packets is senseless. Second, all *fifo* qdiscs are
work-conserving, i.e. will dequeue packets at line speed. As the
bandwidth of your local LAN is usually quite a bit higher than your
internet uplink packets will still pile up at your DSL/cable/... modem.
To actually prioritize services you need to own the queue by limiting
your egress packet rate to slughtly lower than your modems rate. Be
aware that most ISPs overcommit bandwidth in the order of 1:15-1:50 and
your setup will still be ineffective if the shaped rate is higher than
the modems rate.
> But is there a difference between all TOS values which fall in a single
> band?
Nope.
> I mean, does the behavior of pfifo_fast change if I change from 0x12 to
> 0x16? Cause I thought the qdisc to be simple, and a different behavior for
> all of the above TOS values means pfifo_fast does a lot more than just
> placing packets in 3 different queues.
Nope.
> Another question -- how do you get these TOS values?
They are derived from [0]. Again ToS bits are deprecated.
> and what does -j TOS --set-tos <HEX/DEC> do? Does it modify the 4 bits
> or the whole 8 bit TOS value in the header, or does something
> completely different?
Citing the manpage: "This module sets the Type of Service field in the
IPv4 header (including the "precedence" bits) or the Priority field in
the IPv6 header." It accesses the whole byte. Again ToS is deprecated.
If you want to explicitely mark packet priorities in your network use
DSCP (but don't forget admission control), otherwise just use iptables
to match hosts/protocols directly to HTB/HFSC/DRR/... classes.
Regards,
Ben
[0] https://tools.ietf.org/html/rfc1349
[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: pfifo_fast behavior.
2013-05-12 14:15 pfifo_fast behavior dE
2013-05-13 17:49 ` Benjamin Kiessling
@ 2013-05-15 2:33 ` dE
2013-05-16 6:48 ` dE
2 siblings, 0 replies; 4+ messages in thread
From: dE @ 2013-05-15 2:33 UTC (permalink / raw)
To: lartc
On 05/12/13 19:33, dE wrote:
> Hello everyone!
>
> I was trying to do some traffic shaping to make http pages more
> responsive while torrenting. So I decided to modify TOS value of
> packets to have an affect on the default pfifo_fast qdisc.
>
> I've the following iptable rules --
>
> #DNS request
> iptables -t mangle -A OUTPUT -o eth1 -p udp -m multiport --dports 53
> -j TOS --set-tos 0x10
>
> #DNS response
> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --sports
> 53 -j TOS --set-tos 0x10
>
> #Incoming torrent connections
> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --dports
> 2000 -j TOS --set-tos 0x2
> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --dports
> 2000,1900,2001 -j TOS --set-tos 0x2
>
> #Mail server
> iptables -t mangle -A OUTPUT -o eth1 -p tcp -d imap.googlemail.com -m
> multiport --dports 993 -j TOS --set-tos 0x10
>
> #HTTP(S)
> iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports
> 80,443 -j TOS --set-tos 0x14
> #iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports
> 80,443 -j TOS --set-tos 0x10
> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport
> 80,443 -j TOS --set-tos 0x14
> #iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport
> 80,443 -j TOS --set-tos 0x10
>
> There is an improvement, but it's so little that it feels like
> placebo, making me doubt the above action. So are the actions correct?
>
> man tc-prio has a table --
>
> TOS Bits Means Linux Priority Band
> ------------------------------------------------------------
> 0x0 0 Normal Service 0 Best Effort 1
> 0x2 1 Minimize Monetary Cost 1 Filler 2
> 0x4 2 Maximize Reliability 0 Best Effort 1
> 0x6 3 mmc+mr 0 Best Effort 1
> 0x8 4 Maximize Throughput 2 Bulk 2
> 0xa 5 mmc+mt 2 Bulk 2
> 0xc 6 mr+mt 2 Bulk 2
> 0xe 7 mmc+mr+mt 2 Bulk 2
> 0x10 8 Minimize Delay 6 Interactive 0
> 0x12 9 mmc+md 6 Interactive 0
> 0x14 10 mr+md 6 Interactive 0
> 0x16 11 mmc+mr+md 6 Interactive 0
> 0x18 12 mt+md 4 Int. Bulk 1
> 0x1a 13 mmc+mt+md 4 Int. Bulk 1
> 0x1c 14 mr+mt+md 4 Int. Bulk 1
> 0x1e 15 mmc+mr+mt+md 4 Int. Bulk 1
>
> But is there a difference between all TOS values which fall in a
> single band?
>
> I mean, does the behavior of pfifo_fast change if I change from 0x12
> to 0x16? Cause I thought the qdisc to be simple, and a different
> behavior for all of the above TOS values means pfifo_fast does a lot
> more than just placing packets in 3 different queues.
>
> Another question -- how do you get these TOS values? and what does -j
> TOS --set-tos <HEX/DEC> do? Does it modify the 4 bits or the whole 8
> bit TOS value in the header, or does something completely different?
>
> I'm running a custom kernel with Gentoo OS.
Looks like this's long written and forgotten code.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: pfifo_fast behavior.
2013-05-12 14:15 pfifo_fast behavior dE
2013-05-13 17:49 ` Benjamin Kiessling
2013-05-15 2:33 ` dE
@ 2013-05-16 6:48 ` dE
2 siblings, 0 replies; 4+ messages in thread
From: dE @ 2013-05-16 6:48 UTC (permalink / raw)
To: lartc
On 05/13/13 23:19, Benjamin Kiessling wrote:
> On 05/12, dE wrote:
>> Hello everyone!
>>
>> I was trying to do some traffic shaping to make http pages more responsive
>> while torrenting. So I decided to modify TOS value of packets to have an
>> affect on the default pfifo_fast qdisc.
>>
>> I've the following iptable rules --
>>
>> #DNS request
>> iptables -t mangle -A OUTPUT -o eth1 -p udp -m multiport --dports 53 -j TOS
>> --set-tos 0x10
>>
>> #DNS response
>> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --sports 53 -j
>> TOS --set-tos 0x10
>>
>> #Incoming torrent connections
>> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --dports 2000
>> -j TOS --set-tos 0x2
>> iptables -t mangle -A PREROUTING -i eth1 -p udp -m multiport --dports
>> 2000,1900,2001 -j TOS --set-tos 0x2
>>
>> #Mail server
>> iptables -t mangle -A OUTPUT -o eth1 -p tcp -d imap.googlemail.com -m
>> multiport --dports 993 -j TOS --set-tos 0x10
>>
>> #HTTP(S)
>> iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j
>> TOS --set-tos 0x14
>> #iptables -t mangle -A OUTPUT -o eth1 -p tcp -m multiport --dports 80,443 -j
>> TOS --set-tos 0x10
>> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443
>> -j TOS --set-tos 0x14
>> #iptables -t mangle -A PREROUTING -i eth1 -p tcp -m multiport --sport 80,443
>> -j TOS --set-tos 0x10
> There are several issues with your configuration. First, setting the
> (deprecated ToS) bits on incoming packets if you don't plan to forward
> these packets is senseless. Second, all *fifo* qdiscs are
> work-conserving, i.e. will dequeue packets at line speed. As the
> bandwidth of your local LAN is usually quite a bit higher than your
> internet uplink packets will still pile up at your DSL/cable/... modem.
> To actually prioritize services you need to own the queue by limiting
> your egress packet rate to slughtly lower than your modems rate. Be
> aware that most ISPs overcommit bandwidth in the order of 1:15-1:50 and
> your setup will still be ineffective if the shaped rate is higher than
> the modems rate.
>
>> But is there a difference between all TOS values which fall in a single
>> band?
> Nope.
>
>> I mean, does the behavior of pfifo_fast change if I change from 0x12 to
>> 0x16? Cause I thought the qdisc to be simple, and a different behavior for
>> all of the above TOS values means pfifo_fast does a lot more than just
>> placing packets in 3 different queues.
> Nope.
>
>> Another question -- how do you get these TOS values?
> They are derived from [0]. Again ToS bits are deprecated.
>
>> and what does -j TOS --set-tos <HEX/DEC> do? Does it modify the 4 bits
>> or the whole 8 bit TOS value in the header, or does something
>> completely different?
> Citing the manpage: "This module sets the Type of Service field in the
> IPv4 header (including the "precedence" bits) or the Priority field in
> the IPv6 header." It accesses the whole byte. Again ToS is deprecated.
> If you want to explicitely mark packet priorities in your network use
> DSCP (but don't forget admission control), otherwise just use iptables
> to match hosts/protocols directly to HTB/HFSC/DRR/... classes.
>
> Regards,
> Ben
>
> [0] https://tools.ietf.org/html/rfc1349
>
Thank you!
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-05-16 6:48 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-12 14:15 pfifo_fast behavior dE
2013-05-13 17:49 ` Benjamin Kiessling
2013-05-15 2:33 ` dE
2013-05-16 6:48 ` dE
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.