Hi Japp, Eric.
After reading your suggestions, I tried to tune up my shorewall 'tcstart' and 'tcrules'. I set UPLINK to 200 kbit and DOWNLINK to 2700kbit as my Comcast has 3.0M download, 256Kbps upload. Here is how I modified the original wondershaper and tcrules as below
1 - Add 'ceil' parameters to the classes, e.g.
tc class add dev $DEV parent 1: classid 1:1 htb rate $(($UPLINK))kbit ceil $(($UPLINK))kbit burst 6k
# high prio class 1:10:
tc class add dev $DEV parent 1:1 classid 1:10 htb rate $(($UPLINK))kbit \ ceil $(($UPLINK))kbit burst 6k prio 1
so my output of 'tc class show dev eth0' is
class htb 1:1 root rate 200Kbit ceil 200Kbit burst 6143b cburst 1855b
class htb 1:10 parent 1:1 leaf 10: prio 1 rate 200Kbit ceil 200Kbit burst 6143b cburst 1855b
class htb 1:20 parent 1:1 leaf 20: prio 2 rate 180Kbit ceil 180Kbit burst 6143b cburst 1829b
class htb 1:30 parent 1:1 leaf 30: prio 2 rate 160Kbit ceil 160Kbit burst 6143b cburst 1803b
2 - Add FW mark into those classes
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 2 handle 2 fw classid 1:20
tc filter add dev eth0 parent 1:0 protocol ip prio 3 handle 3 fw classid 1:30
3 - My vonage is on separate 'eth3' and it uses UDP (a lot of ports) so my rules in 'tcrules' are
#MARK SOURCE DEST PROTO PORT(S) CLIENT USER 1 eth3 0.0.0.0/0 udp - - 2 eth1,eth2 0.0.0.0/0 tcp 80,443 - 3 0.0.0.0/0 0.0.0.0/0 tcp 21
Could you please let me know if my rules make any sense?
---
Then I asked a friend to initiate about 15 FTPs, all getting the Bering ISO (around 40M). It seems to work as I can still talk with him on the phone, while my access to the Internet is crawling.
But again because all FTPs came from one machine so it is not a very good test as my friend's bandwidth is just a residential ADSL. Also I lloked at the count then I see something like below. I do not see any borrowed values and not sure if it is a bad sign.
Your suggestions are appreciated.
'tc -s class show dev eth0'
class htb 1:1 root rate 200Kbit ceil 200Kbit burst 6143b cburst 1855b Sent 99465998 bytes 395941 pkts (dropped 0, overlimits 0) rate 2840bps 51pps lended: 0 borrowed: 0 giants: 0 tokens: 195072 ctokens: 57856
class htb 1:10 parent 1:1 leaf 10: prio 1 rate 200Kbit ceil 200Kbit burst 6143b cburst 1855b
Sent 49831860 bytes 348338 pkts (dropped 0, overlimits 0)
rate 2801bps 50pps
lended: 348338 borrowed: 0 giants: 0
tokens: 195072 ctokens: 57856
class htb 1:20 parent 1:1 leaf 20: prio 2 rate 180Kbit ceil 180Kbit burst 6143b cburst 1829b
Sent 49634138 bytes 47603 pkts (dropped 0, overlimits 0)
rate 38bps
lended: 47603 borrowed: 0 giants: 0
tokens: 215892 ctokens: 62506
class htb 1:30 parent 1:1 leaf 30: prio 2 rate 160Kbit ceil 160Kbit burst 6143b cburst 1803b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 245760 ctokens: 72159
-----------------
"Jaap Eldering" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
On Wed, Sep 29, 2004 at 03:53:13PM +0200, Erich Titl wrote:>
Indeed. Only difference is that the '$(( ))' is handled by the shell itself, but 'expr' is an external command. This is only evaluated at startup however, so doesn't affect performance.
About the '$[ ]': I don't know where it comes from, but it's not default bash syntax either. I also replaced it by '$(( ))' arith. evaluation.
> I do not have anything in 'tcrules' yet. So far there is no error > and it seems that something happens because it slowed down my > downloading significantly. I tried to download a 15-M file from Sun > and with 'tcstart' present, I got about 2K/sec, whereas if I remove > 'tcstart' and restart shorewall, I got 100K/sec. I will try to > refine the script soon. By the way, is there any way to test the > wonderscript and tell if it works the way we want it to?
Maybe a stupid question, but have you set the DOWNLINK and UPLINK variables in the wondershaper script correctly?
Anyways, I recall something strange about the units being used by 'tc'. I myself have the rates specified in Kbits/sec and in the calls to 'tc' have the rates followed by 'Kbit' (with capital K).
You might also look at what tc says the outgoing rate is with the command 'tc class show dev $DEV'.
Jaap Eldering
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
