From mboxrd@z Thu Jan 1 00:00:00 1970 From: Sander thrill12@gmx.net Date: Fri, 05 Jan 2001 03:52:54 +0000 Subject: [LARTC] traffic shaping Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org 
That is my internet-interface ;) It is quite simple:

-the packets enter eth0
-then they are marked by ipchains
-then they enter eth1 and thus the 128kbit class I made
-and then they are balanced

Sander

At 21:27 4-1-01 +0100, you wrote:
>Is eth1 your lan of inet interface?
>
>Thnx,
>Wouter
>
>----- Original Message -----
>From: "Sander" <thrill12@gmx.net>
>To: "Wouter Smit" <wouter@smit.dhs.org>
>Cc: <lartc@mailman.ds9a.nl>
>Sent: Thursday, January 04, 2001 7:17 PM
>Subject: Re: [LARTC] traffic shaping
>
>
> > At 13:22 4-1-01 +0100, you wrote:
> > >Hello,
> > >
> > >I'm trying to limit all outgoing traffic by means of TC. With six
>students
> > >we are connected through the server (Debian 2.2 kernel 2.2.18) with a
> > >cablemodem. When one person uploads (usually with full bandwidth
>available
> > >15KB/s) none of the others can make use of the internet because no
>requests
> > >for information can be send.
> > >
> > >So, i want to limit the maximum individual upload to 5KB/s so this doesnt
> > >disturb others useing the internet.
> > >
> > >Situation:
> > >
> > >Server: 192.168.1.1
> > >Clients: 192.168.1.2 - 192.168.1.7
> > >eth0: LAN
> > >eth1: Cablemodem
> > >
> > >Below is what I came up with myself but it doesnt seem to work. Also when
>do
> > >i activate this rules? pre- of post configuring interfaces?
> > >
> > >Thnx,
> > >Wouter Smit
> > >
> > >------------------------------------------------
> > >#!/bin/sh
> > >
> > >TC="/sbin/tc"
> > >IF="eth1"
> > >
> > >echo Configure queueing discipline
> > >$TC qdisc add dev $IF root handle 10: cbq bandwidth 120Kbit avpkt 1000
> > >
> > >echo Configure root class
> > >$TC class add dev $IF parent 10:0 classid 10:1 cbq bandwidth 120Kbit rate
>\
> > >  120Kbit allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000
> > >
> > >echo Configure class divisions
> > >$TC class add dev $IF parent 10:1 classid 10:100 cbq bandwidth 120Kbit
>rate
> > >\
> > >   40Kbit allot 1514 weight 4Kbit prio 5 maxburst 20 avpkt 1000 bounded
> > >
> > >echo Configure queue management
> > >$TC qdisc add dev $IF parent 10:100 sfq perturb 15 quantum 1514
> > >
> > >echo Configure which packets belong to which class
> > >$TC filter add dev $IF parent 10:0 protocol ip prio 25 u32 match ip src \
> > >   192.168.1.0/24 flowid 10:100
> >
> > We have the exact same situation, so here is our configuration script,
>with
> > a little tweaking you should be able to implement it. Most important is
> > that you MARK the packets that enter the router with ipchains.
> >
> > # setup packetforwarding
> > /sbin/ipchains -P forward DENY
> > # here we mark the packets with -m
> > /sbin/ipchains -A forward -s 192.168.0.1/32 -j MASQ -m 0x1
> > /sbin/ipchains -A forward -s 192.168.0.4/32 -j MASQ -m 0x4
> > /sbin/ipchains -A forward -s 192.168.0.3/32 -j MASQ -m 0x3
> > /sbin/ipchains -A forward -s 192.168.0.6/32 -j MASQ -m 0x6
> > /sbin/ipchains -A forward -s 192.168.0.7/32 -j MASQ -m 0x7
> > /sbin/ipchains -A forward -s 192.168.0.10/32 -j MASQ -m 0xa
> > # eliminate spoofing
> > /sbin/ipchains -A forward -i $extip -s 192.168.0.0/24 -d 0.0.0.0/0 -j DENY
> >
> > #root device for upstream, divided in various subclasses to more or less
> > guarantee a fair loadbalancing (see below..)
> > /usr/bin/tc qdisc add dev eth1 root handle 1: cbq bandwidth 128Kbit avpkt
>1000
> > /usr/bin/tc class add dev eth1 parent 1:0 classid 1:1 cbq bandwidth
>128Kbit
> > rate 128Kbit \
> > allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000
> > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:2 cbq bandwidth
>128Kbit
> > rate 64Kbit \
> > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000
> > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:3 cbq bandwidth
>128Kbit
> > rate 64Kbit \
> > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000
> >
> > # configure ip 1 here for 40 kbit (to ensure fairnes..) WITH borrowing
> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:11 cbq bandwidth
> > 128Kbit rate 40Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
> > /usr/bin/tc qdisc add dev eth1 parent 1:11 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 1
>fw
> > classid 1:11
> > #192.168.0.3
> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:13 cbq bandwidth
> > 128Kbit rate 40Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
> > /usr/bin/tc qdisc add dev eth1 parent 1:13 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 3
>fw
> > classid 1:13
> > #192.168.0.4
> > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:14 cbq bandwidth
> > 128Kbit rate 35Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2
> > /usr/bin/tc qdisc add dev eth1 parent 1:14 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 4
>fw
> > classid 1:14
> > #192.168.0.6
> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:16 cbq bandwidth
> > 128Kbit rate 40Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
> > /usr/bin/tc qdisc add dev eth1 parent 1:16 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 6
>fw
> > classid 1:16
> > #192.168.0.7
> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:17 cbq bandwidth
> > 128Kbit rate 40Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
> > /usr/bin/tc qdisc add dev eth1 parent 1:17 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 7
>fw
> > classid 1:17
> > #192.168.0.10
> > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:20 cbq bandwidth
> > 128Kbit rate 40Kbit \
> > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3
> > /usr/bin/tc qdisc add dev eth1 parent 1:20 sfq quantum 1514b perturb 15
> > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 10
> > fw classid 1:20
> >
> > So we now have 1 root class of 128 kbit, two subclasses of 64 kbit, each
>of
> > those subclass serving 3 people.
> > The 40kbit per person thing was done with one purpose: when 1 person
>starts
> > the upload, and another person kicks in, the first person still gets
> > 128Kbit - 40Kbit and the second one gets that 40 Kbit. This is more then
> > one would get when we would simply divide 128Kbit by 6. I don't yet know
> > how to get the loadbalancing system to divide the space evenly (1
> > person8 Kbit, 2 persons = 64Kbit, 3CKbit etc..), but haven't come up
> > with a solution yet.
> >
> > Sander