* [RFC NETFILTER 0/4]: rate estimator target/match for load-based routing
@ 2007-11-25 17:11 Patrick McHardy
2007-11-25 17:15 ` Jan Engelhardt
0 siblings, 1 reply; 3+ messages in thread
From: Patrick McHardy @ 2007-11-25 17:11 UTC (permalink / raw)
To: Netfilter Development Mailinglist
These patches add a new RATEEST target for rate estimation and
a new rateest match to match on the estimated rates. The RATEEST
target uses gen_estimator for rate estimation, so it has the
same constraints as TC rate estimators. The rateest match supports
multiple different modes:
- comparing the estimated rate from a rate estimator against
given bps/pps values
- comparing the difference of given bps/pps values to the
measure rate against another set of given values
- comparing the bps/pps values of two rate estimators
- comparing the difference of two given bps/pps values to
the estimated rates
The first and third mode should be obvious, the second and
third one can be used to compare "free bandwidth". I'm using
it like this to route outgoing FTP data connections over two
different internet connections based on the available bandwidth.
# measure used bandwidth on eth0/ppp0:
iptables -t mangle -A POSTROUTING -o eth0 \
-j RATEEST --rateest-name eth0 \
--rateest-interval 250ms \
--rateest-ewma 0.5s
iptables -t mangle -A POSTROUTING -o ppp0 \
-j RATEEST --rateest-name ppp0 \
--rateest-interval 250ms \
--rateest-ewma 0.5s
iptables -t mangle -N BALANCE
iptables -t mangle -A PREROUTING -s <ftp-server> -j BALANCE
# route based on available bandwidth
iptables -t mangle -A BALANCE -m helper --helper ftp \
-m connmark --mark 0x0 \
-m rateest --rateest-delta \
--rateest1 eth0 \
--rateest-bps1 2.5mbit \
--rateest-gt \
--rateest2 ppp0 \
--rateest-bps2 2mbit \
-j CONNMARK --set-mark 0x1
iptables -t mangle -A BALANCE -m helper --helper ftp \
-m connmark --mark 0x0 \
-m rateest --rateest-delta \
--rateest1 ppp0 \
--rateest-bps1 2mbit \
--rateest-gt \
--rateest2 eth0 \
--rateest-bps2 2.5mbit \
-j CONNMARK --set-mark 0x2
iptables -t mangle -A BALANCE -j CONNMARK --restore-mark
For explanation: eth0 has an upstream bandwidth of 2.5mbit, ppp0
2mbit. It computes the difference between the estimated rates and
the available maximum (== free bandwidth) and chooses the line
with more free bandwidth. The only downside is that the estimator
needs some time to adjust to changed conditions, so when one
transfer finishes and another one starts directly afterwards and
both lines are idle besides the transfer, it will usually go to
the other line. I don't think this can be done any better using
this method, but suggestions for improvement are welcome of
course.
PS: the libxt_rateest.c part needs some minor work in the ->save
function, so no need to point that one out, all other bugs are
real bugs :)
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [RFC NETFILTER 0/4]: rate estimator target/match for load-based routing
2007-11-25 17:11 [RFC NETFILTER 0/4]: rate estimator target/match for load-based routing Patrick McHardy
@ 2007-11-25 17:15 ` Jan Engelhardt
2007-11-25 17:17 ` Patrick McHardy
0 siblings, 1 reply; 3+ messages in thread
From: Jan Engelhardt @ 2007-11-25 17:15 UTC (permalink / raw)
To: Patrick McHardy; +Cc: Netfilter Development Mailinglist
On Nov 25 2007 18:11, Patrick McHardy wrote:
>
> # route based on available bandwidth
> iptables -t mangle -A BALANCE -m helper --helper ftp \
> -m connmark --mark 0x0 \
> -m rateest --rateest-delta \
> --rateest1 eth0 \
> --rateest-bps1 2.5mbit \
> --rateest-gt \
> --rateest2 ppp0 \
> --rateest-bps2 2mbit \
> -j CONNMARK --set-mark 0x1
>
Ah gotcha. I smell an implicit -m conntrack --ctstate NEW :-)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [RFC NETFILTER 0/4]: rate estimator target/match for load-based routing
2007-11-25 17:15 ` Jan Engelhardt
@ 2007-11-25 17:17 ` Patrick McHardy
0 siblings, 0 replies; 3+ messages in thread
From: Patrick McHardy @ 2007-11-25 17:17 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: Netfilter Development Mailinglist
Jan Engelhardt wrote:
> On Nov 25 2007 18:11, Patrick McHardy wrote:
>> # route based on available bandwidth
>> iptables -t mangle -A BALANCE -m helper --helper ftp \
>> -m connmark --mark 0x0 \
>> -m rateest --rateest-delta \
>> --rateest1 eth0 \
>> --rateest-bps1 2.5mbit \
>> --rateest-gt \
>> --rateest2 ppp0 \
>> --rateest-bps2 2mbit \
>> -j CONNMARK --set-mark 0x1
>>
> Ah gotcha. I smell an implicit -m conntrack --ctstate NEW :-)
Right, that would be easier to read. It a left-over from a
previous attempt where I used periodic rebalancing by resetting
the mark to 0x0. Still thinking about something like that for
the case that a connection is routed over the slower line and
the faster one gets free.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-11-25 17:18 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-11-25 17:11 [RFC NETFILTER 0/4]: rate estimator target/match for load-based routing Patrick McHardy
2007-11-25 17:15 ` Jan Engelhardt
2007-11-25 17:17 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).