tc/tcng default config

tc/tcng default config

[Bob Miller]

Hello List,
I saw recently a post go by where it was suggested that it was okay to
use this list to discuss tc related questions.  Well, I have a bunch of
questions, so I am going to take advantage of the offer and ask one of
them.

If I implement something on a firewall using tc and the network goes for
poop, how do I get it back to the default set up?  I have the tcng
package installed from debian repositories.  There is a file in the
examples section of the documentation, but when I try to run tcng on it
gives syntax errors.  I have looked on google for quite some time to
find this answer and come up empty, though I am sure it must be out
there somewhere....

Bob Miller
334-7117/633-3760
http://computerisms.ca
bob@computerisms.ca
Network, Internet, Server,
and Open Source Solutions

Re: tc/tcng default config

[Marek Kierdelewicz]

> Hello List,

Hi Bob,

>If I implement something on a firewall using tc and the network goes
>for poop, how do I get it back to the default set up?

You probably start with adding qdisc:
tc qdisc add dev $IF root handle 1: htb default XX
... then you add classes and filters

You can undo all of this by deleting qdisc:
tc qdisc del dev $IF root

If you use ifb and ingress qdiscs, cleanup may get a bit more
complicated.

Regards,
Marek

Re: tc/tcng default config

[Bob Miller]

On Sun, 2010-04-18 at 23:47 +0200, Marek Kierdelewicz wrote:
> > Hello List,
> 
> Hi Bob,

Marek,
Thank you for the response.
> 
> >If I implement something on a firewall using tc and the network goes
> >for poop, how do I get it back to the default set up?
> 
> You probably start with adding qdisc:
> tc qdisc add dev $IF root handle 1: htb default XX
> ... then you add classes and filters
> 
> You can undo all of this by deleting qdisc:
> tc qdisc del dev $IF root

To say this back to make sure I understand; I do not need to wipe my
configuration and implement a configuration that matches the default
one, rather deleting the top-most parent will delete all the children
and roll back to the way it was originally before I ran any tc commands?
> 
> If you use ifb and ingress qdiscs, cleanup may get a bit more
> complicated.

And this would imply that it is not trivial to overwrite the current
config with a default one?

> 
> Regards,
> Marek
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
Bob Miller
334-7117/633-3760
http://computerisms.ca
bob@computerisms.ca
Network, Internet, Server,
and Open Source Solutions

Re: tc/tcng default config

[Marek Kierdelewicz]

Hi,

>To say this back to make sure I understand; I do not need to wipe my
>configuration and implement a configuration that matches the default
>one, rather deleting the top-most parent will delete all the children
>and roll back to the way it was originally before I ran any tc
>commands?

Yes.

>> If you use ifb and ingress qdiscs, cleanup may get a bit more
>> complicated.
>And this would imply that it is not trivial to overwrite the current
>config with a default one?

If you use ingress qdisc on $IF and redirect incoming traffic to $IFB
and shape traffic on in, then you need to do following for cleanup:

tc qdisc del dev $IF ingress
tc qdisc del dev $IFB root

One piece of advice. There were some problems with kernel stability on
SMP systems doing shaping:
http://lkml.indiana.edu/hypermail/linux/kernel/0711.0/2183.html

From my profesional experience kernels >=2.6.28.10 are not affected.

Regards,
Marek