* [LARTC] Bandwidth limiting problem
[not found] <marc-lartc-98373938216792@msgid-missing>
@ 2000-10-18 9:45 ` bert
2000-10-18 12:57 ` bert
1 sibling, 0 replies; 2+ messages in thread
From: bert @ 2000-10-18 9:45 UTC (permalink / raw)
To: lartc
<PRE>On Wed, Oct 18, 2000 at 09:34:30AM +0200, Fredrik Rambris wrote:
><i> Daniel Bergqvist wrote:
</I>><i> >
</I>><i> > It works fine for me. Have you compiled the kernel with all QoS settings on?
</I>><i>
</I>><i> Darn. I forgot the u32 rate esitmator... it works fine now. One thing
</I>><i> that the HOWTO doesn't really tell is if the upstream and downstream is
</I>><i> 128kbit+128kbit or 128kbit/128kbit (they share the same bandwidth).
</I>
It does tell you. Unless you use the ingress policer, you only limit
*outgoing* data on an interface. So if you want to limit both up and
downstream, you need 2 interfaces, and 2 sets of rules.
You can also use the ingress policer but that's a bit after the fact, as the
HOWTO says 'like throwing away half the letters you receive, in the hope
that people will stop sending you them'.
Regards,
bert hubert
><i>
</I>><i>
</I>><i> > > -----Ursprungligt meddelande-----
</I>><i> > > Från: <A HREF="mailto:boost@lxmul01aspm.admera.local">boost@lxmul01aspm.admera.local</A>
</I>><i> > > [mailto:<A HREF="mailto:boost@lxmul01aspm.admera.local">boost@lxmul01aspm.admera.local</A>]För Fredrik Rambris
</I>><i> > >
</I>><i> > > tc qdisc add dev eth0 root handle 10: cbq bandwidth 100Mbit avpkt 1000
</I>><i> > >
</I>><i> > > tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 10Mbit \
</I>><i> > > rate 100Mbit allot 1514 weight 1Mbit prio 8 maxburst 20 avpkt 1000
</I>><i> > >
</I>><i> > > tc class add dev eth0 parent 10:1 classid 10:100 cbq bandwidth 100Mbit \
</I>><i> > > rate 128kbit allot 1514 weight 80Kbit prio 5 maxburst 20 avpkt 1000 \
</I>><i> > > bounded
</I>><i> > >
</I>><i> > > tc qdisc add dev eth0 parent 10:100 sfq quantum 1514b perturb 15
</I>><i> > >
</I>><i> > > tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip \
</I>><i> > > dst 192.168.3.0/24 flowid 10:100
</I>><i> >
</I>><i> > _______________________________________________
</I>><i> > LARTC mailing list / <A HREF="mailto:LARTC@mailman.ds9a.nl">LARTC@mailman.ds9a.nl</A>
</I>><i> > <A HREF="http://mailman.ds9a.nl/mailman/listinfo/lartc">http://mailman.ds9a.nl/mailman/listinfo/lartc</A> HOWTO: <A HREF="http://ds9a.nl/2.4Routing/">http://ds9a.nl/2.4Routing/</A>
</I>><i>
</I>><i> --
</I>><i> Admera Solution Provider AB
</I>><i> Tel: 0733-850 814
</I>><i> Position: 55°36´13N 13°03´36E
</I>Content-Description: Card for Fredrik Rambris
--
PowerDNS Versatile DNS Services
Trilab The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
</PRE>
^ permalink raw reply [flat|nested] 2+ messages in thread* [LARTC] Bandwidth limiting problem
[not found] <marc-lartc-98373938216792@msgid-missing>
2000-10-18 9:45 ` [LARTC] Bandwidth limiting problem bert
@ 2000-10-18 12:57 ` bert
1 sibling, 0 replies; 2+ messages in thread
From: bert @ 2000-10-18 12:57 UTC (permalink / raw)
To: lartc
<PRE>On Wed, Oct 18, 2000 at 01:39:56PM +0200, Fredrik Rambris wrote:
><i> > You can also use the ingress policer but that's a bit after the fact, as the
</I>><i> > HOWTO says 'like throwing away half the letters you receive, in the hope
</I>><i> > that people will stop sending you them'.
</I>><i>
</I>><i> I could live with that (if it works). In the shaping example in the
</I>><i> howto. How would ingress be implemented? What's the syntax?
</I>
See the dDoS example in the HOWTO, it installs an ingress policer on SYN
packets. I tried it at home and had some problems, tc gave an error, but
perhaps I lack features in the kernel.
Regards,
bert hubert
--
PowerDNS Versatile DNS Services
Trilab The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
</PRE>
^ permalink raw reply [flat|nested] 2+ messages in thread