My hfsc rule ..
tc qdisc add dev eth2 handle 1: root hfsc
iptables -t mangle -N ms-all
iptables -t mangle -N ms-all-chains
iptables -t mangle -N ms-prerouting
iptables -t mangle -A PREROUTING -j ms-prerouting
iptables -t mangle -A ms-prerouting -j CONNMARK --restore-mark
iptables -t mangle -A ms-prerouting -p udp --dport 4444 -j MARK --set-mark 1
iptables -t mangle -A ms-prerouting -p udp -m multiport --dports
1755,5005,1024:4443,4445:5500 -j MARK --set-mark 1
iptables -t mangle -A ms-prerouting -p tcp --dport 23 -j MARK --set-mark 1
iptables -t mangle -A ms-prerouting -p tcp -m multiport --dports
20,21,5001:5004,5006:5100 -j MARK --set-mark 2
iptables -t mangle -A ms-prerouting -p tcp --dport 80 -j MARK --set-mark 2
iptables -t mangle -A ms-prerouting -j CONNMARK --save-mark
iptables -t mangle -A FORWARD -o eth2 -j ms-all
iptables -t mangle -A POSTROUTING -o eth2 -j ms-all-chains
tc class add dev eth2 parent 1: classid 1:1 hfsc sc m2 10000kbit
tc filter add dev eth2 parent 1:0 protocol all u32 match u32 0 0 classid 1:1
tc class add dev eth2 parent 1:1 classid 1:11 hfsc ls m2 3500kbit ul m2
10000kbit
iptables -t mangle -N ms-chain-eth2-1:11
iptables -t mangle -A ms-all-chains -m mark --mark 1 -j ms-chain-eth2-1:11
iptables -t mangle -A ms-all -o eth2 -j ms-chain-eth2-1:11
tc class add dev eth2 parent 1:11 classid 1:111 hfsc rt m1 3500kbit d 10s m2
200kbit ls m2 3500kbit ul m2 3500kbit
tc qdisc add dev eth2 handle 111: parent 1:111 sfq
iptables -t mangle -A ms-chain-eth2-1:11 -p udp --dport 4444 -j CLASSIFY
--set-class 1:111
iptables -t mangle -A ms-chain-eth2-1:11 -p udp --dport 4444 -j RETURN
tc class add dev eth2 parent 1:11 classid 1:112 hfsc rt m1 3500kbit d 10s m2
1300kbit ls m2 3500kbit ul m2 3500kbit
tc qdisc add dev eth2 handle 112: parent 1:112 sfq
iptables -t mangle -A ms-chain-eth2-1:11 -p udp -m multiport --dports
1755,5005,1024:4443,4445:5500 -j CLASSIFY --set-class 1:112
iptables -t mangle -A ms-chain-eth2-1:11 -p udp -m multiport --dports
1755,5005,1024:4443,4445:5500 -j RETURN
tc class add dev eth2 parent 1:11 classid 1:113 hfsc rt m1 3500kbit d 10s m2
1500kbit ls m2 3500kbit ul m2 3500kkbit
tc qdisc add dev eth2 handle 113: parent 1:113 sfq
iptables -t mangle -A ms-chain-eth2-1:11 -p tcp --dport 23 -j CLASSIFY
--set-class 1:113
iptables -t mangle -A ms-chain-eth2-1:11 -p tcp --dport 23 -j RETURN
tc class add dev eth2 parent 1:11 classid 1:199 hfsc rt m1 3500kbit d 10s m2
500kbit ls m2 3500kbit ul m2 3500kbit
tc qdisc add dev eth2 handle 199: parent 1:199 sfq
iptables -t mangle -A ms-chain-eth2-1:11 -j CLASSIFY --set-class 1:199
iptables -t mangle -A ms-chain-eth2-1:11 -j RETURN
tc class add dev eth2 parent 1:1 classid 1:12 hfsc ls m2 7500kbit ul m2
10000kbit
iptables -t mangle -N ms-chain-eth2-1:12
iptables -t mangle -A ms-all-chains -m mark --mark 2 -j ms-chain-eth2-1:12
iptables -t mangle -A ms-all -o eth2 -j ms-chain-eth2-1:12
tc class add dev eth2 parent 1:12 classid 1:121 hfsc ls m2 3500kbit ul m2
7500kbit
tc qdisc add dev eth2 handle 121: parent 1:121 sfq
iptables -t mangle -A ms-chain-eth2-1:12 -p tcp -m multiport --dports
20,21,5001:5004,5006:5100 -j CLASSIFY --set-class 1:121
iptables -t mangle -A ms-chain-eth2-1:12 -p tcp -m multiport --dports
20,21,5001:5004,5006:5100 -j RETURN
tc class add dev eth2 parent 1:12 classid 1:122 hfsc ls m2 3500kbit ul m2
7500kbit
tc qdisc add dev eth2 handle 122: parent 1:122 sfq
iptables -t mangle -A ms-chain-eth2-1:12 -p tcp --dport 80 -j CLASSIFY
--set-class 1:122
iptables -t mangle -A ms-chain-eth2-1:12 -p tcp --dport 80 -j RETURN
tc class add dev eth2 parent 1:12 classid 1:299 hfsc rt m1 3500kbit d 10s m2
500kbit ls m2 500kbit ul m2 7500kbit
tc qdisc add dev eth2 handle 299: parent 1:299 sfq
iptables -t mangle -A ms-chain-eth2-1:12 -j CLASSIFY --set-class 1:299
iptables -t mangle -A ms-chain-eth2-1:12 -j RETURN
I have got a big problem, I don’t know my rule are wrong?? My rule are like this
Root
Real time class Non-real time class
#interior class
(Voip ,MMS, Telnet, default) (HTTP FTP default) #leaf class
My setting rate in each class is
Real time class guarantee rate: 3500kbit max rate: 10000kbit
VoIP guarantee rate: 200kbit max rate: 3500kbit
MMS guarantee rate: 1300kbit max rate: 3500kbit
Telnet guarantee rate: 1500kbit max rate: 3500kbit
Default guarantee rate: 500kbit max rate: 3500kbit
Non Real time class
HTTP guarantee rate: 7500kbit max rate: 10000kbit
FTP guarantee rate: 3500kbit max rate: 7500kbit
Default guarantee rate: 3500kbit max rate: 7500kbit
I need to input traffic with so very load to shaper about 10Mbit by traffic
generator but nomatter I try to change input rate by decrease rate from 10Mbit
until input rate less than all of guarantee rate in each class, the result is
after about 10s all input traffic are error (can’t send anymore traffic)
First, I think, it must relative with percentage between TCP
and UDP about If it have a lot UDP, TCP may be lost because request time out
and need to retransmission again (it make overflow of network load so much in
incoming queue and at last it full and can’t sent anymore traffic to shaper.
So nomatter I try to decrease rate down until 2Mbit, all are
die. And My last choice is input traffic with rate same as each rate in all
class so .. after 10s ,can’t input traffic anymore So Is it true about HFSC
can’t manage traffic that very load about 10Mbit???
Second, I’m doubt about level in hierarchical rule are the
factor for happen so much delay? In my lab, I’m compare between 2 level (root
and leaf class) and input traffic all about 600Kbit … the result is ok but if I
change to 3 level (root interior and leaf class) after 10s, it down and can’t
send anymore
So my question
1. Is my rule are setting wrong?? About parameter or filter iptable (but
after I test this filter iptable with htb , it’s ok and very good)
2. Is it true about HFSC can’t manage traffic load more than 1Mbit ??
3. I have a lot question but I don’t know what is wrong? My rule or hfsc
can’t manage load traffic
thank you
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
