From: Robert Collier <lists@ossifrage.net>
To: lartc@vger.kernel.org
Subject: [LARTC] Problem with CBQ & Fwmark
Date: Wed, 14 Nov 2001 11:53:36 +0000 [thread overview]
Message-ID: <marc-lartc-100573882423812@msgid-missing> (raw)
Hi I'm trying to use CBQ to limit the outgoing traffic from my
server. The server is colocated on a 10Mb lan, but only has a 64Kbit
bandwidth allocation.
I using kernel 2.4.14 and I am trying to set up a 64K bounded class,
with 4 unbounded-subclassess of 16, 32, 2 & 14K.
This is what I'm using:
iptables -t mangle -F PREROUTING
iptables -t mangle -N mark1
iptables -t mangle -F mark1
iptables -t mangle -A mark1 -j MARK --set-mark 1
iptables -t mangle -N mark2
iptables -t mangle -F mark2
iptables -t mangle -A mark2 -j MARK --set-mark 2
iptables -t mangle -N mark3
iptables -t mangle -F mark3
iptables -t mangle -A mark3 -j MARK --set-mark 3
iptables -t mangle -N mark4
iptables -t mangle -F mark4
iptables -t mangle -A mark4 -j MARK --set-mark 4
iptables -t mangle -N mark5
iptables -t mangle -F mark5
iptables -t mangle -A mark5 -j MARK --set-mark 5
# traffic classification
iptables -t mangle -A PREROUTING -p TCP --sport 20 -j mark1 # ftp-data
iptables -t mangle -A PREROUTING -p TCP --sport 21 -j mark2 # ftp
iptables -t mangle -A PREROUTING -p TCP --sport 25 -j mark5 # smtp-recv
iptables -t mangle -A PREROUTING -p TCP --dport 25 -j mark5 # smtp-send
iptables -t mangle -A PREROUTING -p TCP --sport 80 -j mark3 # http
iptables -t mangle -A PREROUTING -p TCP --sport 110 -j mark5 # pop3
iptables -t mangle -A PREROUTING -p TCP --sport 119 -j mark4 # news-server
iptables -t mangle -A PREROUTING -p TCP --dport 119 -j mark5 # newsfeed in.
iptables -t mangle -A PREROUTING -p TCP --sport 2401 -j mark5 # cvspserver
# Next line is highport traffic (mainly ftp-data again)
iptables -t mangle -A PREROUTING -p TCP --sport 1024:65535 --dport 1024:65535 -j mark1
iptables -t mangle -A PREROUTING -p TCP -j mark5
iptables -t mangle -A PREROUTING -p UDP -j mark5
iptables -t mangle -A PREROUTING -p ICMP -j mark5
iptables -t mangle -A PREROUTING -j mark5
AVPKTt8
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 10: cbq bandwidth 10Mbit avpkt $AVPKT
## Setup Clases
tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 10Mbit rate \
10Mbit allot 1514 weight 1Mbit prio 8 maxburst 20 avpkt $AVPKT
# 64kbit parent class
tc class add dev eth0 parent 10:1 classid 10:200 cbq bandwidth 10Mbit rate \
64Kbit allot 1514 weight 64Kbit prio 5 maxburst 20 avpkt $AVPKT \
bounded
# 16kbit
tc class add dev eth0 parent 10:200 classid 10:250 cbq bandwidth 10Mbit rate \
16Kbit allot 1514 weight 16Kbit prio 5 maxburst 20 avpkt $AVPKT
# 32k
tc class add dev eth0 parent 10:200 classid 10:251 cbq bandwidth 10Mbit rate \
32Kbit allot 1514 weight 32Kbit prio 5 maxburst 20 avpkt $AVPKT
# 2k
tc class add dev eth0 parent 10:200 classid 10:252 cbq bandwidth 10Mbit rate \
2Kbit allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt $AVPKT
# 14k
tc class add dev eth0 parent 10:200 classid 10:253 cbq bandwidth 10Mbit rate \
14Kbit allot 1514 weight 14Kbit prio 5 maxburst 20 avpkt $AVPKT
# Setup queues
tc qdisc add dev eth0 parent 10:200 cbq bandwidth 64Kbit avpkt $AVPKT
tc qdisc add dev eth0 parent 10:250 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:251 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:252 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 10:253 sfq quantum 1514b perturb 15
# Setup filters
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 4 fw classid 10:250
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 3 fw classid 10:251
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 2 fw classid 10:252
tc filter add dev eth0 protocol ip parent 10:0 prio 1 handle 1 fw classid 10:253
I get no errors when setting this up, but somehow my marked packets
are not making it into the queues.
# tc -s qdisc show
qdisc sfq 800f: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800e: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800d: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 800c: dev eth0 quantum 1514b perturb 15sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc cbq 800b: dev eth0 rate 64Kbit (bounded,isolated) prio no-transmit
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 74799 undertime 0
qdisc cbq 10: dev eth0 rate 10Mbit (bounded,isolated) prio no-transmit
Sent 5302106 bytes 7589 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 466 undertime 0
What silly (or not so silly) mistake have I been making?
- Thanks in advance, Robert Collier.
--
Robert Collier
rob@lspace.org
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
reply other threads:[~2001-11-14 11:53 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-100573882423812@msgid-missing \
--to=lists@ossifrage.net \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox