[LARTC] TC on a Masqued Machine

["streeterk" <streeterk@w2h.net>]

[-- Attachment #1: Type: text/plain, Size: 3887 bytes --]

I have a single DSL connection I share with 7 computers and wish to divide the bandwidth.  I will be adding another one later and hope to divide the traffic and re-route to one if the other fails, but that is a nother project.  The connection is 384/128.  I am able to control the downstream traffic, but the upstream traffic has proven to be more challenging.  It seems that the Masquerading takes place between adapters, so all the traffic to the outbound adapter appears to be from the same IP.  I can control the traffic if I specify the IP of the outbound adapter, but reference to the LAN address has no affect.  Here is a summary of my setup

eth1  (internet)
|
eth0 (LAN)
|
Switch
|
Comp1-Comp2-Comp3-etc.

I tried to filter the outbound traffic on eth0 by adding subclasses for outbound traffic to eth1 and filtering by src but I could not seem to get that to work either.  

Here is my latest effort:

#Down

tc qdisc add dev eth0 root handle 10: cbq bandwidth 100Mbit avpkt 1000

tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 200 avpkt 1000 bounded

tc class add dev eth0 parent 10:1 classid 10:100 cbq bandwidth 384Kbit rate 256Kbit allot 1514 weight 12Kbit prio 5 maxburst 20 avpkt 1000 bounded

tc class add dev eth0 parent 10:1 classid 10:200 cbq bandwidth 384Kbit rate 90Kbit allot 1514 weight 12Kbit prio 5 maxburst 20 avpkt 1000 bounded    
                                                                  

tc qdisc add dev eth0 parent 10:1 sfq quantum 1514b perturb 15

tc qdisc add dev eth0 parent 10:100 sfq quantum 1514b perturb 15

tc qdisc add dev eth0 parent 10:200 sfq quantum 1514b perturb 15


tc filter add dev eth0 parent 10:0 protocol ip prio 25 u32 match ip src 192.168.0.10 flowid 10:1

tc filter add dev eth0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.0.2 flowid 10:100

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip dst 192.168.0.3 flowid 10:200

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip dst 192.168.0.14 flowid 10:200

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip dst 192.168.0.15 flowid 10:200

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip dst 192.168.0.20 flowid 10:200

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip dst 192.168.0.0/24 flowid 10:200


# Up

tc class add dev eth0 parent 10:1 classid 10:300 cbq bandwidth 128Kbit rate 96Kbit allot 1514 weight 9Kbit prio 5 maxburst 20 avpkt 1000 bounded

tc class add dev eth0 parent 10:1 classid 10:400 cbq bandwidth 128Kbit rate 16Kbit allot 1514 weight 3Kbit prio 5 maxburst 20 avpkt 1000 bounded


tc qdisc add dev eth0 parent 10:300 sfq quantum 1514b perturb 15

tc qdisc add dev eth0 parent 10:400 sfq quantum 1514b perturb 15


tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.1 flowid 10:400

tc filter add dev eth0 parent 10:0 protocol ip prio 25 u32 match ip src 192.168.0.2 flowid 10:300

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.3 flowid 10:400

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.14 flowid 10:400

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.15 flowid 10:400

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.20 flowid 10:400 

tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src 192.168.0.0/24 flowid 10:400 



I would also be very interested in documentation that clearly defines the commands and variables.  For example. what is prio and what is the significance of it's value as with weight and maxburst.   Can I filter on src and dst on the same line? 

Thanks,

Kurt

[-- Attachment #2: Type: text/html, Size: 6637 bytes --]