From: Stef Coene <stafke@iname.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Setting up CBQ
Date: Thu, 19 Apr 2001 09:20:41 +0000 [thread overview]
Message-ID: <marc-lartc-98767225407471@msgid-missing> (raw)
In-Reply-To: <marc-lartc-98645080606855@msgid-missing>
The setup :
T1 eth0 |---------| eth1 /---
--------------| LINUX |-----<HUB>---- company offices (private
addresses)
1536kbps |---------| \---
192KBps | eth2
| DMZ (mail, web, ...)
| 1.2.3.0/24
The DMZ-zone needs to have at least 256kbps (32KBps)
Let's asume you have 3 company offices :
- 10.10.10.0/24
- 10.10.20.0/24
- 10 10.30.0/24
Each office has a maximum of 128kbps (16KBps)
Let's do it for the downstream direction of your T1 line :
<cut>
#!/bin/sh
OPTION="allot 1514 maxburst 20 avpkt 1000 prio 4"
DEV="dev eth0"
# First we have to throttle the total bandwidth of eth0 (10mbps) to
192KBps (I don't know it's the correct speed of a T1 line)
tc qdisc del $DEV root handle 10:
tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate
192kbps $OPTION isolated bounded
tc qdisc add $DEV parent 10:2 handle 20: cbq bandwidth 192kbps allot
1514 avpkt 1000
# DMZ needs at least 16kbps so the rest is 192kbps for the offices (160
+ 32 = 192 ! ! !) :
tc class add $DEV parent 20: classid 20:10 cbq bandwidth 192kbps rate
32kbps $OPTION
tc qdisc add $DEV parent 20:10 handle 210: cbq bandwidth 32kbps allot
1514 avpkt 1000
tc class add $DEV parent 20: classid 20:20 cbq bandwidth 192kbps rate
160kbps $OPTION
tc qdisc add $DEV parent 20:20 handle 220: cbq bandwidth 160kbps allot
1514 avpkt 1000
# qdisc 220 contains the office. For each office we need a new class
and I attache a tbf qdisc to limit the bandwidth :
tc class add $DEV parent 220: classid 220:10 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:10 handle 2210: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2210: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
tc class add $DEV parent 220: classid 220:20 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:20 handle 2220: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2220: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
tc class add $DEV parent 220: classid 220:30 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:30 handle 2230: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2230: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
# Now we have to say wich traffic belongs to wich class. We use
ipchains (or netfilter for kernel 2.4) to mark the packets. Each class
has his mark : (Notic I mark the office packets on the input of eth1.
When you use NAT, you can't say at the ouput of eth2 what's coming from
where.)
ipchains -A input -i eth1 -p tcp -d 10.10.10.0/24 -m 1 # Office 1
ipchains -A input -i eth1 -p tcp -d 10.10.20.0/24 -m 2 # Office 2
ipchains -A input -i eth1 -p tcp -d 10.10.30.0/24 -m 3 # Office 3
ipchains -A input -i eth2 -p tcp -d 1.2.3.0/24 -m 4 # DMZ
# Putting the packets in the rigth classes :
tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 3 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 4 fw classid
10:2
tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 3 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 4 fw classid
20:10
tc filter add $DEV parent 220: protocol ip prio 3 handle 1 fw classid
220:10
tc filter add $DEV parent 220: protocol ip prio 3 handle 2 fw classid
220:20
tc filter add $DEV parent 220: protocol ip prio 3 handle 3 fw classid
220:30
</cut>
That's all. I copy/pasted it to a file and I had no errors, so I
suppose I made no error. You can adapt these lines to your needs. You
can play with the different rates as long as ( sum (sub_class_rates) <parent_class_rate ).
For the upstream direction, you can of course using the same setup to
throttle the output bandwidth of eth1 and eth2. But you can't use them
together : you can't say that eth2 needs allways 75% of upstream of the
T1.
Staf
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
next prev parent reply other threads:[~2001-04-19 9:20 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-05 6:07 [LARTC] Setting up CBQ Daniel Camacho
2001-04-10 1:51 ` Daniel Camacho
2001-04-10 2:01 ` Daniel Camacho
2001-04-19 9:20 ` Stef Coene [this message]
2001-04-20 6:17 ` Stef Coene
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-98767225407471@msgid-missing \
--to=stafke@iname.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.