[LARTC] Re: Queries

[LARTC] Re: Queries

[Stef Coene]

On Wednesday 30 January 2002 05:01, Arindam Haldar wrote:
> hi all,
> hi stef,
>
> stef i went thru the site www.docum.org & would really like to thank u
> on one part--->monitor.pl.. :-).. havent tried it yestreday but will
> today when i find time but reading it i know that ... :-)
> 1) comming accros 2 one of the pages -->
> www.docum.org/stef.coene/qos/tests/cbq/splitting/weight/splitting-weight.ht
>ml ..i saw these 4 lines & got curious 2know y ur sending pkts with mark of
> 1 & 2 to both classes 10:2 & 20:10 ?..wont there b confusion 2 what rulesse
> 2b applied?
> tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid
> 10:2
> tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid
> 10:2
> tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid
> 20:10
> tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid
> 20:20
The filters are attached to different parents.  So when a packets enters 10:, 
it's matched.  If it has mark 1 it's sended to class 10:2.  But qdisc 20: is 
attached to 10:2 so the packet is matched to the filter that puts the packet 
in 20:10.  This test was to see how you have to attach the filters.  But it's 
not recommended to use more then 1 qdisc in your setup.

> 2) our linux box does managemnt of public lan(office ) & pvt
> lan(cable)--by ip's.. sucess with public ips, marking & using tc filter
> is sucessful but not true with pvt ips (10 series, marking part!).. to
> let u know better here is what we did with public ip..
>  iptables -t mangle -A PREROUTING -i eth1 -s <a.b.c.0/26> -d
> <a.b.e.0/25> -j MARK --set-mark 90
>  iptables -t mangle -A PREROUTING -i eth0 -d <a.b.c.0/26> -s
> <a.b.e.0/25> -j MARK --set-mark 91
>  the tc commands
>  tc filter add dev eth0 parent 1:105 pfifo limit 2
>  tc filter add dev eth1 parent 2:105 pfifo limit 2
> This works fine--tested with different traffic loads of download&
> upload.
> BUT with lan on eth4 which has pvt ip range(10series) vr not sucesful.
> the problem is how to make sure that the pkts detination for 10.0.0.0/8
> should be marked as they r MASQUERADEd. so i trired to mark with
> FORWARD/OUTPUT/POSTROUTING but unsuccesful. tc -s class.... etc command
> doesnt show any data being passed thru the class while iptables -nvL -t
> mangle shows pkts r being marked & passing thru.
>
> 3) do we need to reset/restart the iptables script when iproute script
> is reapplied or vice versa ?
Nop.

Stef

-- 

stef.coene@docum.org
 More QOS info : http://www.docum.org/
 Title : "Using Linux as bandwidth manager"
     
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

[LARTC] Re: Queries

[Arindam Haldar]

hi again !
thanx for ur mail.

Stef Coene wrote:
> On Wednesday 30 January 2002 05:01, Arindam Haldar wrote:
> > hi all,
> > hi stef,
> > stef i went thru the site www.docum.org & would really like to thank u
> > on one part--->monitor.pl.. :-).. havent tried it yestreday but will
> > today when i find time but reading it i know that ... :-)
> > 1) comming accros 2 one of the pages -->
> > www.docum.org/stef.coene/qos/tests/cbq/splitting/weight/splitting-weight.ht
> >ml ..i saw these 4 lines & got curious 2know y ur sending pkts with mark of
> > 1 & 2 to both classes 10:2 & 20:10 ?..wont there b confusion 2 what rulesse
> > 2b applied?
> > tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid
> > 10:2
> > tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid
> > 10:2
> > tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid
> > 20:10
> > tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid
> > 20:20
> The filters are attached to different parents.  So when a packets enters 10:,
> it's matched.  If it has mark 1 it's sended to class 10:2.  But qdisc 20: is
> attached to 10:2 so the packet is matched to the filter that puts the packet
> in 20:10.  This test was to see how you have to attach the filters.  But it's
> not recommended to use more then 1 qdisc in your setup.
> 
> > 2) our linux box does managemnt of public lan(office ) & pvt
> > lan(cable)--by ip's.. sucess with public ips, marking & using tc filter
> > is sucessful but not true with pvt ips (10 series, marking part!).. to
> > let u know better here is what we did with public ip..
> >  iptables -t mangle -A PREROUTING -i eth1 -s <a.b.c.0/26> -d
> > <a.b.e.0/25> -j MARK --set-mark 90
> >  iptables -t mangle -A PREROUTING -i eth0 -d <a.b.c.0/26> -s
> > <a.b.e.0/25> -j MARK --set-mark 91
> >  the tc commands
> >  tc filter add dev eth0 parent 1:105 pfifo limit 2
> >  tc filter add dev eth1 parent 2:105 pfifo limit 2
> > This works fine--tested with different traffic loads of download&
> > upload.
> > BUT with lan on eth4 which has pvt ip range(10series) vr not sucesful.
> > the problem is how to make sure that the pkts detination for 10.0.0.0/8
> > should be marked as they r MASQUERADEd. so i trired to mark with
> > FORWARD/OUTPUT/POSTROUTING but unsuccesful. tc -s class.... etc command
> > doesnt show any data being passed thru the class while iptables -nvL -t
> > mangle shows pkts r being marked & passing thru.
have u tried with using private ips as described above in any of ur
experiments? i am really curious to know how i can mark pkts comming on
eth0(internet) tracelling thru eth4(pvt Lan).basically wanting to have a
effective filter/routing/bandwidth usage. for eg i want to give ftp/imap
a more bandwidth for local pc(private ip) to our local server having
public ip.
> >
> > 3) do we need to reset/restart the iptables script when iproute script
> > is reapplied or vice versa ?
> Nop.
i need one more help guidance on setting of web enabled badwidth
utilisation u have described in ur site. i will be really thankful if u
can tell me how i can implement it. im not into perl that makes things a
bit difficult for me though i ma trying to.
> 
> Stef
> --
> 
> stef.coene@docum.org
>  More QOS info : http://www.docum.org/
>  Title : "Using Linux as bandwidth manager"
> 
thanx in advance
arindam

-- 
Arindam Haldar
Systems & Network
Digital 2 Virtual ISP Pvt Ltd.
Vadodara, Gujarat  INDIA
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

[LARTC] Re: Queries

[Stef Coene]

> i need one more help guidance on setting of web enabled badwidth
> utilisation u have described in ur site. i will be really thankful if u
> can tell me how i can implement it. im not into perl that makes things a
> bit difficult for me though i ma trying to.
For those who are interested, I created some perl script to process the tc 
output.  Currently, it takes the packets/bytes sended by a class/qdisc and 
makes some graphs with it. You can find it on www.docum.org under "GUI".  
They use RRDs.pm so you have to install rrdtool (apt-get install librrds-perl 
on a Debian based system).

I want to extend the scripts, but for now, they just create some nice looking 
graphs.  But help is appreciated :-)  
I'm still writing the pages and hopely I can update them tonight.

Stef

-- 

stef.coene@docum.org
 More QOS info : http://www.docum.org/
 Title : "Using Linux as bandwidth manager"
     
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/