[LARTC] am i on the right track ?

[LARTC] am i on the right track ?

[Chandrashekhar Joshi]

hi,

i am trying to have bandwidth shaping on my linux router.
i have a 64kbps link, on which i want to restrict the link use for http
/ftp access and give more bandwidth priority for vpn access. thanks to
martin devera i am using the htb for this.

|-----------|            |-----------|
| MAIN LINK |-----+------|  CLASS A  |
|-----------|     |      |-----------|
                   |
            |------+-----|
            | CLASS B    |
            |------------|

MAIN LINK  = 64kbps
CLASS A = 24kbps  (for HTTP/ FTP and other internet related activities )
CLASS B = 40kbps  ( reserved for PPTP-VPN access incoming and outgoing)

requirements :
each class should be able to borrow bandwidth from the other class when
excess is available
incoming vpn connections should come through the class B bandwidth policy
outgoing vpn connections should go through the class B bandwidth policy

following is the command set (lifted from the htb manual :-)  ) i am
trying to use :

# tc qdisc add dev eth0 root handle 1: htb default 11
# tc class add dev eth0 parent 1: classid 1:1 htb rate 64kbps ceil 64
kbps burst 2k
# tc class add dev eth0 parent 1: classid 1:10 htb rate 64kbps ceil 64
kbps burst 2k
# tc class add dev eth0 parent 1: classid 1:11 htb rate 64kbps ceil 64
kbps burst 2k
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 21 0xffff flowid \      1:10
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 80 0xffff flowid  \      1:10
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 443 0xffff flowid \    1:10
# tc qdisc add dev eth0 parent 1:10 handle 20: pfifo limit 5
# tc qdisc add dev eth0 parent 1:11 handle 30: sfq perturb 10

first i would like to know whether what i have done is correct or not in
context with my problem , i think i am on right track ?

why i did what i did
now to meet the above requirements what i did was to define bandwidth
shaping only for http, https & ftp (the major bandwidth guzzlers to
class A and made the class B as default.
but because of above rulesets my other inet services (like domain, ssh,
whois, ping etc) will go through the default  policy of class B, which i
want to avoid without adding additional rulesets; can i define a ruleset
for VPN something like below :    (and remove the rulesets for class A
and make clas A as default)

# tc filter add dev eth0 protocol 47 parent 1:0 prio 1 u32 match ip src
192.168.1.0 flowid 1:11
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src
192.168.1.0 match tcp dst 1723 0xffff \
    flowid 1:11

but how do i define the ruleset for incoming connections, can the
following be true

# tc filter add dev eth0 protocol 47 parent 1:0 prio 1 u32 match ip dst
192.168.1.0 flowid 1:11
# tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dst
192.168.1.0 match tcp dst 1723 0xffff \
    flowid 1:11

thanx in advance

regards / shekhar



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Martin Devera]

I have not too much time to read it just now. But just wondering
if you really want 64kbps or rather 64kbit ?
devik

On Mon, 14 Jan 2002, Chandrashekhar Joshi wrote:

> hi,
> 
> i am trying to have bandwidth shaping on my linux router.
> i have a 64kbps link, on which i want to restrict the link use for http
....
> MAIN LINK  = 64kbps
> CLASS A = 24kbps  (for HTTP/ FTP and other internet related activities )
> CLASS B = 40kbps  ( reserved for PPTP-VPN access incoming and outgoing)

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Chandrashekhar Joshi]

[-- Attachment #1: Type: text/plain, Size: 646 bytes --]

yes it is 64kbps (actually it is 256kbits so i suppose that works out to 
64kbps right)

thanks
regards /shekhar

Martin Devera wrote:

>I have not too much time to read it just now. But just wondering
>if you really want 64kbps or rather 64kbit ?
>devik
>
>On Mon, 14 Jan 2002, Chandrashekhar Joshi wrote:
>
>>hi,
>>
>>i am trying to have bandwidth shaping on my linux router.
>>i have a 64kbps link, on which i want to restrict the link use for http
>>
>....
>
>>MAIN LINK  = 64kbps
>>CLASS A = 24kbps  (for HTTP/ FTP and other internet related activities )
>>CLASS B = 40kbps  ( reserved for PPTP-VPN access incoming and outgoing)
>>
>
>
>
>


[-- Attachment #2: Type: text/html, Size: 1098 bytes --]

Re: [LARTC] am i on the right track ?

[Martin Devera]

I don't understand it .. 256kbit = 32kbps. Why
do you use 64kbps !?

On Mon, 14 Jan 2002, Chandrashekhar Joshi wrote:

> yes it is 64kbps (actually it is 256kbits so i suppose that works out to 
> 64kbps right)
> 
> thanks
> regards /shekhar
> 
> Martin Devera wrote:
> 
> >I have not too much time to read it just now. But just wondering
> >if you really want 64kbps or rather 64kbit ?
> >devik
> >
> >On Mon, 14 Jan 2002, Chandrashekhar Joshi wrote:
> >
> >>hi,
> >>
> >>i am trying to have bandwidth shaping on my linux router.
> >>i have a 64kbps link, on which i want to restrict the link use for http
> >>
> >....
> >
> >>MAIN LINK  = 64kbps
> >>CLASS A = 24kbps  (for HTTP/ FTP and other internet related activities )
> >>CLASS B = 40kbps  ( reserved for PPTP-VPN access incoming and outgoing)
> >>
> >
> >
> >
> >
> 
> 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Rob Kaper]

On Monday 14 January 2002 13:52, Martin Devera wrote:
> I don't understand it .. 256kbit = 32kbps. Why
> do you use 64kbps !?

No, 256kbit is 256kb/s is 32KB/s.

Lowercase means bits, uppercase means bytes.

Rob
-- 
Rob Kaper - rkaper@ism.nl
    phone - +31 10 2436060
      fax - +31 10 2436066
     cell - +31 64 7114454

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Martin Devera]

Are sure ? I'm speaking in tc terms ..

On Mon, 14 Jan 2002, Rob Kaper wrote:

> On Monday 14 January 2002 13:52, Martin Devera wrote:
> > I don't understand it .. 256kbit = 32kbps. Why
> > do you use 64kbps !?
> 
> No, 256kbit is 256kb/s is 32KB/s.
> 
> Lowercase means bits, uppercase means bytes.
> 
> Rob
> -- 
> Rob Kaper - rkaper@ism.nl
>     phone - +31 10 2436060
>       fax - +31 10 2436066
>      cell - +31 64 7114454
> 
> 
> 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Rob Kaper]

On Monday 14 January 2002 14:01, Martin Devera wrote:
> Are sure ? I'm speaking in tc terms ..

Hm, I'm speaking in human terms. ;-)

It's what I (and most others) would expect anyway.

> > No, 256kbit is 256kb/s is 32KB/s.

Rob
-- 
Rob Kaper - rkaper@ism.nl
    phone - +31 10 2436060
      fax - +31 10 2436066
     cell - +31 64 7114454

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Martin Devera]

> On Monday 14 January 2002 14:01, Martin Devera wrote:
> > Are sure ? I'm speaking in tc terms ..
> 
> Hm, I'm speaking in human terms. ;-)

I know. I don't assume that Joshi is fool so that I don't
try to explain him difference between bit and byte.

I wrote the mail because kbit and kbps are different
terms in tc and despite being in FAQ users still don't
understand it.
devik

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Chandrashekhar Joshi]

[-- Attachment #1: Type: text/plain, Size: 403 bytes --]

hi,
yes it was a small oops in calculation, (or was it a big one  :-)  ) but 
back to the main theme are my rulesets correct ???

shekhar


Rob Kaper wrote:

>On Monday 14 January 2002 14:01, Martin Devera wrote:
>
>>Are sure ? I'm speaking in tc terms ..
>>
>Hm, I'm speaking in human terms. ;-)
>
>It's what I (and most others) would expect anyway.
>
>>>No, 256kbit is 256kb/s is 32KB/s.
>>>
>
>Rob
>

[-- Attachment #2: Type: text/html, Size: 1055 bytes --]

[LARTC] Am I on the right Track?

[Sahil Gupta - NET4U]

Hi there,
Is it possible to somehow have a fairly basic routing level in order to
forward packets from eth1 to eth0?  Simply using "route"?

I have a Cisco that has a local network IP.  It is on eth0 interface.  I
have a Switch on eth1.  I want to supply eth1 with a Real World IP which
comes through the Cisco.

Any guidance available?

I assigned 10.0.0.2 on eth0 and 210.54.149.189 on eth1.
then I did this:
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1 dev eth0
route add -net 210.54.149.160 netmask 255.255.255.224 gw 10.0.0.1 (which
says network unreachable)

Could someone please tell me how I could solve this?

Regards,

Sahil Gupta
NET4U Limited

------------------------------------
      NET4U -- www.net4u.co.nz      
 Home of the new - $24.95 128k ADSL
Nationwide Internet Service Provider
------------------------------------

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

RE: [LARTC] Am I on the right Track?

[Brendan Alderslade]

Sahil,

I'm assuming your network looks like this (appologies for bad ascii
graphics):


              10.0.0.0/24               210.54.149.160/27
NET---[cisco]---------------[linux box]-----LAN/DMZ

Is that correct?

If so, your cisco needs to route 210.54.149.160/27 via 10.0.0.2 (eth0 on the
linux box), and your Linux box needs a default route via 10.0.0.1 so traffic
goes out via the cisco (if that is your default route!)

And that's it. There is no reason to add a route to the 210.54.149.160/27
range on the Linux box because it is directly connected to eth1.



> -----Original Message-----
> From: Sahil Gupta - NET4U [mailto:sahil@sahil.net.nz] 
> Sent: Tuesday, January 15, 2002 12:39 PM
> To: lartc@mailman.ds9a.nl
> Subject: [LARTC] Am I on the right Track?
> 
> 
> Hi there,
> Is it possible to somehow have a fairly basic routing level 
> in order to forward packets from eth1 to eth0?  Simply using "route"?
> 
> I have a Cisco that has a local network IP.  It is on eth0 
> interface.  I have a Switch on eth1.  I want to supply eth1 
> with a Real World IP which comes through the Cisco.
> 
> Any guidance available?
> 
> I assigned 10.0.0.2 on eth0 and 210.54.149.189 on eth1.
> then I did this:
> route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1 dev 
> eth0 route add -net 210.54.149.160 netmask 255.255.255.224 gw 
> 10.0.0.1 (which says network unreachable)
> 
> Could someone please tell me how I could solve this?
> 
> Regards,
> 
> Sahil Gupta
> NET4U Limited
> 
> ------------------------------------
>       NET4U -- www.net4u.co.nz      
>  Home of the new - $24.95 128k ADSL
> Nationwide Internet Service Provider
> ------------------------------------
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl 
> http://mailman.ds9a.nl/mailman/listinfo/lartc > HOWTO: 
> http://ds9a.nl/lartc/
> 
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

Re: [LARTC] am i on the right track ?

[Martin Devera]

Yes is seems to be.

On Mon, 14 Jan 2002, Chandrashekhar Joshi wrote:

> hi,
> yes it was a small oops in calculation, (or was it a big one  :-)  ) but 
> back to the main theme are my rulesets correct ???
> 
> shekhar
> 
> 
> Rob Kaper wrote:
> 
> >On Monday 14 January 2002 14:01, Martin Devera wrote:
> >
> >>Are sure ? I'm speaking in tc terms ..
> >>
> >Hm, I'm speaking in human terms. ;-)
> >
> >It's what I (and most others) would expect anyway.
> >
> >>>No, 256kbit is 256kb/s is 32KB/s.
> >>>
> >
> >Rob
> >
> 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/