From: Robert Collier <lists@ossifrage.net>
To: lartc@vger.kernel.org
Subject: [LARTC] Problem with CBQ & Fwmark
Date: Wed, 14 Nov 2001 11:53:36 +0000 [thread overview]
Message-ID: <marc-lartc-100573882423812@msgid-missing> (raw)
Hi I'm trying to use CBQ to limit the outgoing traffic from my
server. The server is colocated on a 10Mb lan, but only has a 64Kbit
bandwidth allocation.
I using kernel 2.4.14 and I am trying to set up a 64K bounded class,
with 4 unbounded-subclassess of 16, 32, 2 & 14K.
This is what I'm using:
iptables -t mangle -F PREROUTING
iptables -t mangle -N mark1
iptables -t mangle -F mark1
iptables -t mangle -A mark1 -j MARK --set-mark 1
iptables -t mangle -N mark2
iptables -t mangle -F mark2
iptables -t mangle -A mark2 -j MARK --set-mark 2
iptables -t mangle -N mark3
iptables -t mangle -F mark3
iptables -t mangle -A mark3 -j MARK --set-mark 3
iptables -t mangle -N mark4
iptables -t mangle -F mark4
iptables -t mangle -A mark4 -j MARK --set-mark 4
iptables -t mangle -N mark5
iptables -t mangle -F mark5
iptables -t mangle -A mark5 -j MARK --set-mark 5
# traffic classification
iptables -t mangle -A PREROUTING -p TCP --sport 20 -j mark1 # ftp-data
iptables -t mangle -A PREROUTING -p TCP --sport 21 -j mark2 # ftp
iptables -t mangle -A PREROUTING -p TCP --sport 25 -j mark5 # smtp-recv
iptables -t mangle -A PREROUTING -p TCP --dport 25 -j mark5 # smtp-send
iptables -t mangle -A PREROUTING -p TCP --sport 80 -j mark3 # http
iptables -t mangle -A PREROUTING -p TCP --sport 110 -j mark5 # pop3
iptables -t mangle -A PREROUTING -p TCP --sport 119 -j mark4 # news-server
iptables -t mangle -A PREROUTING -p TCP --dport 119 -j mark5 # newsfeed in.
iptables -t mangle -A PREROUTING -p TCP --sport 2401 -j mark5 # cvspserver
# Next line is highport traffic (mainly ftp-data again)
iptables -t mangle -A PREROUTING -p TCP --sport 1024:65535 --dport 1024:65535 -j mark1
iptables -t mangle -A PREROUTING -p TCP -j mark5
iptables -t mangle -A PREROUTING -p UDP -j mark5
iptables -t mangle -A PREROUTING -p ICMP -j mark5
iptables -t mangle -A PREROUTING -j mark5
AVPKTt8
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 10: cbq bandwidth 10Mbit avpkt $AVPKT
## Setup Clases
tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 10Mbit rate \
10Mbit allot 1514 weight 1Mbit prio 8 maxburst 20 avpkt $AVPKT
# 64kbit parent class
tc class add dev eth0 parent 10:1 classid 10:200 cbq bandwidth 10Mbit rate \
64Kbit allot 1514 weight 64Kbit prio 5 maxburst 20 avpkt $AVPKT \
bounded
# 16kbit
tc class add dev eth0 parent 10:200 classid 10:250 cbq bandwidth 10Mbit rate \
16Kbit allot 1514 weight 16Kbit prio 5 maxburst 20 avpkt $AVPKT
# 32k
tc class add dev eth0 parent 10:200 classid 10:251 cbq bandwidth 10Mbit rate \
32Kbit allot 1514 weight 32Kbit prio 5 maxburst 20 avpkt $AVPKT
# 2k
tc class add dev eth0 parent 10:200 classid 10:252 cbq bandwidth 10Mbit rate \
2Kbit allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt $AVPKT
# 14k
tc class add dev eth0 parent 10:200 classid 10:253 cbq bandwidth 10Mbit rate \
14Kbit allot 1514 weight 14Kbit prio 5 maxburst 20 avpkt $AVPKT
# Setup queues
tc qdisc add dev eth0 parent 10:200 cbq bandwidth 64Kbit avpkt $AVPKT
tc qdisc add dev eth0 parent 10:250 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:251 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:252 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:253 sfq quantum 1514b perturb 15
# Setup filters
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 4 fw classid 10:250
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 3 fw classid 10:251
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 2 fw classid 10:252
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 1 fw classid 10:253
I get no errors when setting this up, but somehow my marked packets
are not making it into the queues.
# tc -s qdisc show
qdisc sfq 800f: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800e: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800d: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800c: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc cbq 800b: dev eth0 rate 64Kbit (bounded,isolated) prio no-transmit
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 74799 undertime 0
qdisc cbq 10: dev eth0 rate 10Mbit (bounded,isolated) prio no-transmit
Sent 5302106 bytes 7589 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 466 undertime 0
What silly (or not so silly) mistake have I been making?
- Thanks in advance, Robert Collier.
--
Robert Collier
rob@lspace.org
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
reply other threads:[~2001-11-14 11:53 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-100573882423812@msgid-missing \
--to=lists@ossifrage.net \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.