From: Sander thrill12@gmx.net
To: lartc@vger.kernel.org
Subject: [LARTC] traffic shaping
Date: Fri, 05 Jan 2001 03:52:54 +0000 [thread overview]
Message-ID: <marc-lartc-98373940416820@msgid-missing> (raw)
In-Reply-To: <marc-lartc-98373940416818@msgid-missing>
<PRE>That is my internet-interface ;) It is quite simple:
-the packets enter eth0
-then they are marked by ipchains
-then they enter eth1 and thus the 128kbit class I made
-and then they are balanced
Sander
At 21:27 4-1-01 +0100, you wrote:
><i>Is eth1 your lan of inet interface?
</I>><i>
</I>><i>Thnx,
</I>><i>Wouter
</I>><i>
</I>><i>----- Original Message -----
</I>><i>From: "Sander" <<A HREF="mailto:thrill12@gmx.net">thrill12@gmx.net</A>>
</I>><i>To: "Wouter Smit" <<A HREF="mailto:wouter@smit.dhs.org">wouter@smit.dhs.org</A>>
</I>><i>Cc: <<A HREF="mailto:lartc@mailman.ds9a.nl">lartc@mailman.ds9a.nl</A>>
</I>><i>Sent: Thursday, January 04, 2001 7:17 PM
</I>><i>Subject: Re: [LARTC] traffic shaping
</I>><i>
</I>><i>
</I>><i> > At 13:22 4-1-01 +0100, you wrote:
</I>><i> > >Hello,
</I>><i> > >
</I>><i> > >I'm trying to limit all outgoing traffic by means of TC. With six
</I>><i>students
</I>><i> > >we are connected through the server (Debian 2.2 kernel 2.2.18) with a
</I>><i> > >cablemodem. When one person uploads (usually with full bandwidth
</I>><i>available
</I>><i> > >15KB/s) none of the others can make use of the internet because no
</I>><i>requests
</I>><i> > >for information can be send.
</I>><i> > >
</I>><i> > >So, i want to limit the maximum individual upload to 5KB/s so this doesnt
</I>><i> > >disturb others useing the internet.
</I>><i> > >
</I>><i> > >Situation:
</I>><i> > >
</I>><i> > >Server: 192.168.1.1
</I>><i> > >Clients: 192.168.1.2 - 192.168.1.7
</I>><i> > >eth0: LAN
</I>><i> > >eth1: Cablemodem
</I>><i> > >
</I>><i> > >Below is what I came up with myself but it doesnt seem to work. Also when
</I>><i>do
</I>><i> > >i activate this rules? pre- of post configuring interfaces?
</I>><i> > >
</I>><i> > >Thnx,
</I>><i> > >Wouter Smit
</I>><i> > >
</I>><i> > >------------------------------------------------
</I>><i> > >#!/bin/sh
</I>><i> > >
</I>><i> > >TC="/sbin/tc"
</I>><i> > >IF="eth1"
</I>><i> > >
</I>><i> > >echo Configure queueing discipline
</I>><i> > >$TC qdisc add dev $IF root handle 10: cbq bandwidth 120Kbit avpkt 1000
</I>><i> > >
</I>><i> > >echo Configure root class
</I>><i> > >$TC class add dev $IF parent 10:0 classid 10:1 cbq bandwidth 120Kbit rate
</I>><i>\
</I>><i> > > 120Kbit allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000
</I>><i> > >
</I>><i> > >echo Configure class divisions
</I>><i> > >$TC class add dev $IF parent 10:1 classid 10:100 cbq bandwidth 120Kbit
</I>><i>rate
</I>><i> > >\
</I>><i> > > 40Kbit allot 1514 weight 4Kbit prio 5 maxburst 20 avpkt 1000 bounded
</I>><i> > >
</I>><i> > >echo Configure queue management
</I>><i> > >$TC qdisc add dev $IF parent 10:100 sfq perturb 15 quantum 1514
</I>><i> > >
</I>><i> > >echo Configure which packets belong to which class
</I>><i> > >$TC filter add dev $IF parent 10:0 protocol ip prio 25 u32 match ip src \
</I>><i> > > 192.168.1.0/24 flowid 10:100
</I>><i> >
</I>><i> > We have the exact same situation, so here is our configuration script,
</I>><i>with
</I>><i> > a little tweaking you should be able to implement it. Most important is
</I>><i> > that you MARK the packets that enter the router with ipchains.
</I>><i> >
</I>><i> > # setup packetforwarding
</I>><i> > /sbin/ipchains -P forward DENY
</I>><i> > # here we mark the packets with -m
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.1/32 -j MASQ -m 0x1
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.4/32 -j MASQ -m 0x4
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.3/32 -j MASQ -m 0x3
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.6/32 -j MASQ -m 0x6
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.7/32 -j MASQ -m 0x7
</I>><i> > /sbin/ipchains -A forward -s 192.168.0.10/32 -j MASQ -m 0xa
</I>><i> > # eliminate spoofing
</I>><i> > /sbin/ipchains -A forward -i $extip -s 192.168.0.0/24 -d 0.0.0.0/0 -j DENY
</I>><i> >
</I>><i> > #root device for upstream, divided in various subclasses to more or less
</I>><i> > guarantee a fair loadbalancing (see below..)
</I>><i> > /usr/bin/tc qdisc add dev eth1 root handle 1: cbq bandwidth 128Kbit avpkt
</I>><i>1000
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:0 classid 1:1 cbq bandwidth
</I>><i>128Kbit
</I>><i> > rate 128Kbit \
</I>><i> > allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:2 cbq bandwidth
</I>><i>128Kbit
</I>><i> > rate 64Kbit \
</I>><i> > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:3 cbq bandwidth
</I>><i>128Kbit
</I>><i> > rate 64Kbit \
</I>><i> > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000
</I>><i> >
</I>><i> > # configure ip 1 here for 40 kbit (to ensure fairnes..) WITH borrowing
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:11 cbq bandwidth
</I>><i> > 128Kbit rate 40Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:11 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 1
</I>><i>fw
</I>><i> > classid 1:11
</I>><i> > #192.168.0.3
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:13 cbq bandwidth
</I>><i> > 128Kbit rate 40Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:13 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 3
</I>><i>fw
</I>><i> > classid 1:13
</I>><i> > #192.168.0.4
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:14 cbq bandwidth
</I>><i> > 128Kbit rate 35Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:14 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 4
</I>><i>fw
</I>><i> > classid 1:14
</I>><i> > #192.168.0.6
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:16 cbq bandwidth
</I>><i> > 128Kbit rate 40Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:16 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 6
</I>><i>fw
</I>><i> > classid 1:16
</I>><i> > #192.168.0.7
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:17 cbq bandwidth
</I>><i> > 128Kbit rate 40Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:17 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 7
</I>><i>fw
</I>><i> > classid 1:17
</I>><i> > #192.168.0.10
</I>><i> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:20 cbq bandwidth
</I>><i> > 128Kbit rate 40Kbit \
</I>><i> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
</I>><i> > /usr/bin/tc qdisc add dev eth1 parent 1:20 sfq quantum 1514b perturb 15
</I>><i> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 10
</I>><i> > fw classid 1:20
</I>><i> >
</I>><i> > So we now have 1 root class of 128 kbit, two subclasses of 64 kbit, each
</I>><i>of
</I>><i> > those subclass serving 3 people.
</I>><i> > The 40kbit per person thing was done with one purpose: when 1 person
</I>><i>starts
</I>><i> > the upload, and another person kicks in, the first person still gets
</I>><i> > 128Kbit - 40Kbit and the second one gets that 40 Kbit. This is more then
</I>><i> > one would get when we would simply divide 128Kbit by 6. I don't yet know
</I>><i> > how to get the loadbalancing system to divide the space evenly (1
</I>><i> > person\x128 Kbit, 2 persons = 64Kbit, 3CKbit etc..), but haven't come up
</I>><i> > with a solution yet.
</I>><i> >
</I>><i> > Sander
</I>
</PRE>
next prev parent reply other threads:[~2001-01-05 3:52 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-01-04 12:22 [LARTC] traffic shaping Wouter
2001-01-04 18:17 ` Sander
2001-01-05 3:52 ` Sander [this message]
2001-01-05 11:42 ` Wouter
2001-01-05 13:56 ` Junus
2001-01-05 13:56 ` Junus
2001-01-06 9:25 ` [LARTC] Traffic shaping Bruno
2001-01-07 13:54 ` Junus
2001-12-25 12:15 ` [LARTC] Traffic Shaping Sahil Gupta - NET4U
2001-12-25 12:27 ` bert hubert
2001-12-25 12:33 ` Sahil Gupta - NET4U
2001-12-25 12:34 ` Sahil Gupta - NET4U
2001-12-25 12:42 ` bert hubert
2002-01-22 4:52 ` [LARTC] traffic shaping Antonis Lazaridis
2002-01-22 7:44 ` Martin Devera
2002-01-23 8:23 ` Martin Devera
2002-01-23 9:42 ` Antonis Lazaridis
2002-01-23 9:51 ` Martin Devera
2002-01-25 8:11 ` Antonis Lazaridis
2002-01-26 23:00 ` Martin Devera
2002-01-27 1:21 ` Re[2]: " Will Lotto
2002-01-27 8:47 ` Stef Coene
2002-02-08 5:17 ` Antonis Lazaridis
2002-02-08 17:22 ` Riaz Mahmood
2006-10-04 20:45 ` Roberto Scattini
2007-05-06 20:14 ` [LARTC] Traffic Shaping Rangi Biddle
2007-05-07 8:25 ` AW: " Simo
2007-05-07 18:06 ` Rangi Biddle
2007-05-08 3:16 ` Rangi Biddle
2007-10-24 18:37 ` [LARTC] Traffic shaping Mohammad Shakir
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-98373940416820@msgid-missing \
--to=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.