All of lore.kernel.org
 help / color / mirror / Atom feed
From: rubens@etica.net
To: lartc@vger.kernel.org
Subject: Re: [LARTC] tcng issue
Date: Fri, 21 Nov 2003 13:43:16 +0000	[thread overview]
Message-ID: <marc-lartc-106942230628474@msgid-missing> (raw)
In-Reply-To: <marc-lartc-106936752611870@msgid-missing>



> Well--I was going to write a short answer, which would have said something
> like "look at the parent of the filters".  But...that wouldn't have helped
> much.  So here's a long-winded message about your config file and
> situation.

Thanks for writing the long version...

> I'm going to guess that your configuration for device eth1 looks something
> like this:

Your guess is amazingly identical to original config file...

>   - Is this similar to your config file?  (I only had your processed
>     tc output to examine, so I may have gotten it wrong.)

Similar as a twin.

>   - Do you really want to put ( ssh ) and ( ip_tos_delay ) in the same
>     class?  Or did you meant to put ( ssh and ip_tos_delay ) in this
>     class?  Just curious....

Yes, I want... but the main reason behind migrating to tcc is trying to
make the traffic control semantics to appear. The obscure tc syntax makes
it very hard to know what policy is really in place.


>   - Why do you use "not_tcp_incoming"?  Are you trying to prioritize the
>     ACKs?  If so, just use "if tcp_ACK".  (Which leads to the next
>     question...)

Will change that.

>   - It looks to me as though eth1 must be on the internal interface of a
>     router with a few servers inside.  Is this accurate?  If you are
>     trying to shape your outbound connectivity, you may wish to review
>     the rules for shaping [0].

Nope. eth1 is the external interface, and is connected to a xDSL
modem/router; there are no servers inside, only workstations, but the
machine which is doing traffic control is also a mail server reachable
from the outside. IMQ is used to get ingress traffic from eth1 in order to
apply traffic control to it.



>   [ important (key, in fact), but repetitive prefix
>     "tc filter add dev eth1 parent 1:1 protocol all prio 1"
>     snipped ]
>
>   tc filter add dev eth1 parent 1:1 protocol all prio 1 ...
>
> They are all attached to the object 1:1, which means that they won't get
> called directly by a packet needing to be dequeued!  Your filters are
> there, though, and you'll be able to see that they are indeed installed if
> you examine the filters on object 1:1, as follows:
>
>   tc filter show dev eth1 parent 1:1

Here they are, lost in space...


> Frankly, I didn't know how to deal with this "problem" when I first
> started playing with tcng, so I made peace with dsmark, and now I use the
> class selection path construct in my tcng configurations, which makes for
> much less wrangling with tc (the command-line critter).  It's not too hard
> to get a kernel and iproute2 with dsmark [1].

My first draft used class selection path, but I changed it in order to
easy up deployment. My understanding of the tcng docs was that both
constructs were valid... is there a BugZilla for tcng ?

Main issue in requiring dsmark is kernel/tools changes. For one machine it
is not a problem, but for a dozen... and clients don't like getting billed
for something with no direct benefit for them.

Besides legacy issues, I saw that class selection path establishes an
indirection thru set_tc_index. What would be the performance penalty for
such a construct ?

> After you have your dsmark-capable kernel you need only have a "tc" which
> groks dsmark.  Many distributions provide modular dsmark support; you can
> simply type "modprobe sch_dsmark && modprobe cls_tcindex".

We usually rebuild the kernel from original sources... it seems that our
defaults also include modular suport for dsmark.

> Now, try something like the class selection path example [2], and jump for
> joy!  Now you can use language constructs that are far more understandable
> to humans, and let tcng (tcc) do the heavy lifting.

That's the idea.

> Suddenly traffic control isn't hard at all!

It solves syntax issues, but there is the real ones out there...

>  * To others reading this list!  If you post a question about a tcng
>    config, please post your tcng config file.  The tc-style output can
>    easily be generated with a working tcc.  Thank you!

Ooops, I saw few questions regarding tcng and thought it would be a
limitation. May be a tcc CGI would be handy ?


Thanks a lot.


Rubens


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

      parent reply	other threads:[~2003-11-21 13:43 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-11-20 22:12 [LARTC] tcng issue rubens
2003-11-21  5:34 ` Martin A. Brown
2003-11-21 13:43 ` rubens [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-106942230628474@msgid-missing \
    --to=rubens@etica.net \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.