* [LARTC] Setting up CBQ
2001-04-05 6:07 [LARTC] Setting up CBQ Daniel Camacho
@ 2001-04-10 1:51 ` Daniel Camacho
2001-04-10 2:01 ` Daniel Camacho
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Daniel Camacho @ 2001-04-10 1:51 UTC (permalink / raw)
To: lartc
Hi all,
We will be having a couple co-location customers in a few months and would
like to start work on how to throttle bandwidth per co-located customer needs
and requirements. I have download and read the Linux 2.4 Advanced Routing
HOWTO, but I still could not digest the whole thing clearly.
Could anyone of you gurus run-down the steps I need to effectively configure
or put together a QoS box? My box will be a Pentium 233 with 128M of RAM
and 4 interface cards. Is this a sufficient setup? Thanks for you help.
Daniel
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread* [LARTC] Setting up CBQ
2001-04-05 6:07 [LARTC] Setting up CBQ Daniel Camacho
2001-04-10 1:51 ` Daniel Camacho
@ 2001-04-10 2:01 ` Daniel Camacho
2001-04-19 9:20 ` Stef Coene
2001-04-20 6:17 ` Stef Coene
3 siblings, 0 replies; 5+ messages in thread
From: Daniel Camacho @ 2001-04-10 2:01 UTC (permalink / raw)
To: lartc
Hi all,
We will be having a couple co-location customers in a few months and would
like to start work on how to throttle bandwidth per co-located customer needs
and requirements. I have download and read the Linux 2.4 Advanced Routing
HOWTO, but I still could not digest the whole thing clearly.
Could anyone of you gurus run-down the steps I need to effectively configure
or put together a QoS box? My box will be a Pentium 233 with 128M of RAM
and 4 interface cards. Is this a sufficient setup? Thanks for you help.
Daniel
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] Setting up CBQ
2001-04-05 6:07 [LARTC] Setting up CBQ Daniel Camacho
2001-04-10 1:51 ` Daniel Camacho
2001-04-10 2:01 ` Daniel Camacho
@ 2001-04-19 9:20 ` Stef Coene
2001-04-20 6:17 ` Stef Coene
3 siblings, 0 replies; 5+ messages in thread
From: Stef Coene @ 2001-04-19 9:20 UTC (permalink / raw)
To: lartc
The setup :
T1 eth0 |---------| eth1 /---
--------------| LINUX |-----<HUB>---- company offices (private
addresses)
1536kbps |---------| \---
192KBps | eth2
| DMZ (mail, web, ...)
| 1.2.3.0/24
The DMZ-zone needs to have at least 256kbps (32KBps)
Let's asume you have 3 company offices :
- 10.10.10.0/24
- 10.10.20.0/24
- 10 10.30.0/24
Each office has a maximum of 128kbps (16KBps)
Let's do it for the downstream direction of your T1 line :
<cut>
#!/bin/sh
OPTION="allot 1514 maxburst 20 avpkt 1000 prio 4"
DEV="dev eth0"
# First we have to throttle the total bandwidth of eth0 (10mbps) to
192KBps (I don't know it's the correct speed of a T1 line)
tc qdisc del $DEV root handle 10:
tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate
192kbps $OPTION isolated bounded
tc qdisc add $DEV parent 10:2 handle 20: cbq bandwidth 192kbps allot
1514 avpkt 1000
# DMZ needs at least 16kbps so the rest is 192kbps for the offices (160
+ 32 = 192 ! ! !) :
tc class add $DEV parent 20: classid 20:10 cbq bandwidth 192kbps rate
32kbps $OPTION
tc qdisc add $DEV parent 20:10 handle 210: cbq bandwidth 32kbps allot
1514 avpkt 1000
tc class add $DEV parent 20: classid 20:20 cbq bandwidth 192kbps rate
160kbps $OPTION
tc qdisc add $DEV parent 20:20 handle 220: cbq bandwidth 160kbps allot
1514 avpkt 1000
# qdisc 220 contains the office. For each office we need a new class
and I attache a tbf qdisc to limit the bandwidth :
tc class add $DEV parent 220: classid 220:10 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:10 handle 2210: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2210: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
tc class add $DEV parent 220: classid 220:20 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:20 handle 2220: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2220: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
tc class add $DEV parent 220: classid 220:30 cbq bandwidth 160kbps rate
16kbps $OPTION
tc qdisc add $DEV parent 220:30 handle 2230: cbq bandwidth 16kbps
allot 1514 avpkt 1000
tc qdisc add $DEV parent 2230: tbf rate 16kbps buffer 20Kb/8 limit
15Kb
# Now we have to say wich traffic belongs to wich class. We use
ipchains (or netfilter for kernel 2.4) to mark the packets. Each class
has his mark : (Notic I mark the office packets on the input of eth1.
When you use NAT, you can't say at the ouput of eth2 what's coming from
where.)
ipchains -A input -i eth1 -p tcp -d 10.10.10.0/24 -m 1 # Office 1
ipchains -A input -i eth1 -p tcp -d 10.10.20.0/24 -m 2 # Office 2
ipchains -A input -i eth1 -p tcp -d 10.10.30.0/24 -m 3 # Office 3
ipchains -A input -i eth2 -p tcp -d 1.2.3.0/24 -m 4 # DMZ
# Putting the packets in the rigth classes :
tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 3 fw classid
10:2
tc filter add $DEV parent 10: protocol ip prio 3 handle 4 fw classid
10:2
tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 3 fw classid
20:20
tc filter add $DEV parent 20: protocol ip prio 3 handle 4 fw classid
20:10
tc filter add $DEV parent 220: protocol ip prio 3 handle 1 fw classid
220:10
tc filter add $DEV parent 220: protocol ip prio 3 handle 2 fw classid
220:20
tc filter add $DEV parent 220: protocol ip prio 3 handle 3 fw classid
220:30
</cut>
That's all. I copy/pasted it to a file and I had no errors, so I
suppose I made no error. You can adapt these lines to your needs. You
can play with the different rates as long as ( sum (sub_class_rates) <parent_class_rate ).
For the upstream direction, you can of course using the same setup to
throttle the output bandwidth of eth1 and eth2. But you can't use them
together : you can't say that eth2 needs allways 75% of upstream of the
T1.
Staf
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [LARTC] Setting up CBQ
2001-04-05 6:07 [LARTC] Setting up CBQ Daniel Camacho
` (2 preceding siblings ...)
2001-04-19 9:20 ` Stef Coene
@ 2001-04-20 6:17 ` Stef Coene
3 siblings, 0 replies; 5+ messages in thread
From: Stef Coene @ 2001-04-20 6:17 UTC (permalink / raw)
To: lartc
Daniel Camacho wrote:
>
> Stef,
>
> Thank you so much for having to go through all this. I also want to know
> what do I need to enable in the kernel to have this working. I'm using
> 2.4 kernel.
No problem, just cut-and-past from one of my scripts. Realy, if you
wanna learn about, take a few PC's, put Linux on them and try ot out.
For fast setup, download my scripts (see link below) and adabt them to
your needs like I did in my previous mail.
Enable everything in the kernel (as module or build-in). You can find
it as the last option in submenu "Networking Options".
>
> I'm a little confused to your following statement. Do you mean I can't
> throttle incoming bandwidth at the same time as the outgoing bandwidth?
>
> >For the upstream direction, you can of course using the same setup to
> >throttle the output bandwidth of eth1 and eth2. But you can't use them
> >together : you can't say that eth2 needs allways 75% of upstream of the
> >T1.
You can control outgoing bandwidth. But when you are looking at the
upstream traffic, the data to the DMZ-zone is going out on the eth2 NIC
and the data to the office is going out on the eth1 NIC. You can
control the data that's going out on ONE NIC, but you can't manage the
data together. You can't say that the outgoing data on eth2 has to be
at least 75% of the data that's going out on NIC eth1. There's no way
you can manage the two NIC's together. You can try to control the
incoming data on NIC eth0 (with a few patches, you can do this with QOS,
but I never tried), but when you use NAT, you don't know wich data
coming in on NIC eth0 is going out on wich NIC because they are all
coming in to the ip-adres of NIC eth0.
Hop you understand what I'm trying to say.
--
Staf
More QOS info : http://users.belgacom.net/staf/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
^ permalink raw reply [flat|nested] 5+ messages in thread