* traffic shapping with squid in the middle
@ 2010-11-18 16:14 Landy Landy
2010-11-18 17:46 ` Marek Kierdelewicz
0 siblings, 1 reply; 2+ messages in thread
From: Landy Landy @ 2010-11-18 16:14 UTC (permalink / raw)
To: netfilter
Hello.
This is my first post to the list.
I've been experiencing some problems trying to shape our network bandwidth. We have a gw with squid doing the contents cache and would like to assign each client a fair bw trying to avoid sluggish connections.
I am able to throttle the speed to our desire: 512/128 if I stop squid and take it out of the picture. But, we need it. Now, when squid is in the middle of things I can only control the download speed with on the mangle -A POSTROUTING chain marking some packet for the user based on ip address and doing:
//download
$iptables -t mangle -A POSTROUTING -d 172.16.100.132 -j MARK --set-mark 1099
$iptables -t mangle -A POSTROUTING -d 172.16.100.132 -j RETURN
$tc class add dev eth1 parent 2:107 classid 2:1099 htb rate 737kbit ceil 832kbit prio 3
$tc filter add dev eth1 parent 2:0 protocol ip prio 3 handle 1099 fw classid 2:1099
$tc qdisc add dev eth1 parent 2:1099 handle 597: sfq perturb 2
// upload
$iptables -t mangle -A PREROUTING -s 172.16.100.132 -j MARK --set-mark 1018
$iptables -t mangle -A PREROUTING -s 172.16.100.132 -j RETURN
$tc class add dev eth0 parent 1:26 classid 1:1018 htb rate 100kbit ceil 128kbit prio 3
$tc filter add dev eth0 parent 1:0 protocol ip prio 3 handle 1018 fw classid 1:1018
$tc qdisc add dev eth0 parent 1:1018 handle 516: sfq perturb 2
Squid's access pools is not an option.
I've been trying to get this working for a while now but, can't get it. Please guide me to where I can find a light at the end of the tunnel since, that's how I feel: Have no way out.
Thanks in advanced for your help.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: traffic shapping with squid in the middle
2010-11-18 16:14 traffic shapping with squid in the middle Landy Landy
@ 2010-11-18 17:46 ` Marek Kierdelewicz
0 siblings, 0 replies; 2+ messages in thread
From: Marek Kierdelewicz @ 2010-11-18 17:46 UTC (permalink / raw)
To: Landy Landy; +Cc: netfilter
>Hello.
Hi,
>I've been experiencing some problems trying to shape our network
>bandwidth. We have a gw with squid doing the contents cache and would
>like to assign each client a fair bw trying to avoid sluggish
>connections.
>...
>I've been trying to get this working for a while now but, can't get it.
>Please guide me to where I can find a light at the end of the tunnel
>since, that's how I feel: Have no way out.
You can use IFB [1] to shape upload traffic before it's "eaten" by
squid. Do this:
tc qdisc add dev eth1 ingress
tc filter add dev eth1 protocol ip parent ffff: prio 4 u32 match ip \
dst 0.0.0.0/0 flowid :1 action mirred egress redirect dev ifb0
... and now you can shape upload traffic on ifb0. Solution would work
ok with or without squid in the middle.
With this solution you won't be able to use mark based shaping
(prerouting marking is done after ingress shaping). You'll have to use
u32 tc classifier [2].
Good luck!
[1] http://www.linuxfoundation.org/collaborate/workgroups/networking/ifb
[2] http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.adv-filter.u32.html
Best regards,
Marek
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-11-18 17:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-18 16:14 traffic shapping with squid in the middle Landy Landy
2010-11-18 17:46 ` Marek Kierdelewicz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).