From: Stef Coene <stef.coene@docum.org>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Reviewing my shaping strategy
Date: Tue, 01 Apr 2003 18:06:15 +0000 [thread overview]
Message-ID: <marc-lartc-104922045915260@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104918764609144@msgid-missing>
On Tuesday 01 April 2003 10:58, Roché Compaan wrote:
> Hi everybody
>
> I've been using htb to shape traffic successfully for quite a while now
> but I am wondering if it can be improved in some ways.
There is not much to say about it. I think your script is ok. But, you have
a low prio class for ssh. If that class is overlimited (there is more
traffic then the configured rate), the latency for that class will raise a
lot.
There is not so much you can do to prevent this. You can use policers in
filters, or make sure you don't put bulk traffic in that low prio class.
> # Company 1 (2, 3 has the same classes)
> tc class add dev eth1 parent 1:1 classid 1:21 htb \
> rate 62kbit ceil 192kbit prio 1
> # Class for SSH
> tc class add dev eth1 parent 1:21 classid 1:210 htb \
> rate 32kbit ceil 192kbit prio 0
> # The rest
> tc class add dev eth1 parent 1:21 classid 1:211 htb \
> rate 30kbit ceil 192kbit prio 1
>
> # ACK bit filter
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip protocol 6 0xff \
> match u8 0x05 0x0f at 0 \
> match u16 0x0000 0xffc0 at 2 \
> match u8 0x10 0xff at 33 \
> flowid 1:10
>
> # I don't know if this one is correct????
> # SYN bit filter
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip protocol 6 0xff \
> match u8 0x02 0x0f at 0 \
> flowid 1:10
>
> # DNS filter
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip dport 53 0xffff \
> match ip protocol 17 0xff \
> flowid 1:10
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip sport 53 0xffff \
> match ip protocol 17 0xff \
> flowid 1:10
>
> # Company1 Filters (2, 3 has the same filters)
> # Filter for SSH
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip dst X.Y.Z \
> match ip dport 22 0xffff \
> match ip protocol 6 0xff \
> flowid 1:210
> # Filter for the rest
> tc filter add dev eth1 parent 1: protocol ip prio 10 u32 \
> match ip dst X.Y.Z \
> flowid 1:211
>
> If you think the above can be improved in any way or see obvious gaps in
> my shaping strategy please let me know.
>
> One final question I have. If one uses the u32 filter does the mask get
> XOR'ed or AND'ed with the incoming packet. Is there any easy way to
> calculate the mask?
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2003-04-01 18:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-01 8:58 [LARTC] Reviewing my shaping strategy Roché Compaan
2003-04-01 18:06 ` Stef Coene [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-104922045915260@msgid-missing \
--to=stef.coene@docum.org \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.