Re: [LARTC] Re: HFSC
Thanks for your answers Patrick. now I'm able to start testing :) btw, i would appreciate if you could send me the documentation u started. Thanks in advance. -- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] TCNG
Hi All,
I'm using TCNG to restrict certain types of traffic to certain ip
addresses using a Linux router, and some masq'd computers behind it.
Unfortunately something like this...
#include "fields.tc" #include "ports.tc"
#define INTERFACE eth1
dev INTERFACE { egress {
/* In class selection path,
the filters come first! DSmark */ class ( $video )
if tcp_sport == 554 ip_dst ==
10.1.1.10; class (
$other ) if 1 ;
/* section in which we
configure the qdiscs and classes */
htb () {
class
( rate 3500kbps, ceil 3500kbps ) {
$video = class ( rate 50kbps,
ceil 50kbps ) { sfq; } ;
$other = class ( rate 1000kbps, ceil 3450kbps ) { sfq; }
;
} }
}}
Doesn't seem to be working...
Any ideas
Thanks.
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Strange tc issue
Rado, I guess the issue centers around every linux box I have shows the pfifo_qdisc when I do an 'ip link show'. But when I do a tc it does not do this. This definitely tells me that tc is not reading the qdiscs properly which also probably means it is not setting them right either. Problem is that is compiles properly and does not give me an errors during build. This is really starting to drive me crazy. Appreciate your help. Thanx, Roy -Original Message- From: Radoslav Kolev [mailto:[EMAIL PROTECTED] Sent: Monday, March 01, 2004 5:03 AM To: Roy Walker Subject: Re: [LARTC] Strange tc issue Hi, Roy! Roy Walker wrote: When the system starts up it already shows a qdisc attached to eth0. This is just in bringing up the interface and not setting any commands with tc: qdisc pfifo_fast 0: dev eth0 [Unknown qdisc, optlen=20] Every interface has a QDISC when it's brought up, and by default this is the pfifo_fast qdisc, which does no shaping but just passes packets to the interface on a First In First Our basis. So this a perfectly normal thing (beast :-) for the Douglas adam fans). The system will work fine in this scenario. It's only when I try to apply any other qdiscs to ANY interface in the system (regardless of whether it is eth0 or not), that I loose all inbound connectivity to the system. It will allow me to connect with tcp outbound, but icmp does not work outbound or inbound. I'm not sure about that, check your iptables configurations. Also old versions of HTB used to drop any traffic not filtered into a class, may be a similar problem. Greetings, Rado winmail.dat
Re: [LARTC] Filters not working
Hy.
The solution I am going to give you might seem strange, but it worked
with me on a project I'm working and hope to release soon.
Scott Gagon wrote:
tc class add dev $TC_DEV parent 1: classid 1:1 htb rate ${TC_UPLINK}kbit burst 6k
# high prio class 1:10:
tc class add dev $TC_DEV parent 1:1 classid 1:10 htb rate ${TC_UPLINK}kbit burst 6k prio 1
Remove the prio from your class configurations, it seem to cause some
strange problems (at least with me, but i can't use the last htb
version, mine is 3.1 something, can't check it now).
Thanks so much! I have to say, this has been a learning experience! :\
Hope it helps.
José Araújo
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: Strange tc issue
Roy Walker wrote: I guess the issue centers around every linux box I have shows the pfifo_qdisc when I do an 'ip link show'. But when I do a tc it does not do this. This definitely tells me that tc is not reading the qdiscs properly which also probably means it is not setting them right either. Problem is that is compiles properly and does not give me an errors during build. This is really starting to drive me crazy. Appreciate your help. The things you say seem partly contradictory, and it is really not clear what is the problem - however, I will give an example of what things do on *my* system so you can spot the discrepancy between your systems. , | ... no configuration ... | shiro:~# ip link show dev eth0 | 7: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 | link/ether 00:30:1b:ae:6a:66 brd ff:ff:ff:ff:ff:ff | shiro:~# tc qdisc show dev eth0 | qdisc pfifo_fast 0: [Unknown qdisc, optlen=20] | shiro:~# tc class show dev eth0 | shiro:~# tc filter show dev eth0 | | ... add a qdisc ... | shiro:~# tc qdisc add dev eth0 root pfifo limit 100 | | ... show configuration again ... | shiro:~# ip link show eth0 | 7: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo qlen 100 | link/ether 00:30:1b:ae:6a:66 brd ff:ff:ff:ff:ff:ff | shiro:~# tc qdisc show dev eth0 | qdisc pfifo 8002: limit 100p | shiro:~# tc class show dev eth0 | shiro:~# tc filter show dev eth0 ` And no loss of connectivity to anywhere, or anything of the likes. If this does not work for you, then there is something seriously wrong either with your kernel or with tc. If this does work for you, I suggest specifying exactly what you commands you are saying that cause your problems - there might be something wrong there. -- Naked ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] how do you rate limit routable traffic without rate limiting LAN protocols like arps and igmp?
I'm rate limiting and prioritizing traffic upstream of a slow wan link using htb, classic wonder shaper type stuff. I'm using the following command for traffic that does not match any of my defined filters: tc qdisc add dev eth0 root handle 1: htb default 50 It appears that local, non-routable traffic like arps and igmp are being snared by this and end-up queued in the lowest priorty queue. I was surprised that non-IP traffic would be effected by IP traffic control. How do I prevent this local, non-routable traffic from being queued? Since it's local, I just want it to go at line rate. I know if I remove the default parameter, traffic not matching any filter is sent over the root queue, but I need to have a defined default. All the literature I've seen only covers tc filters dealing with the protocol IP. I've tried to filter on the arp protocol (I read this works, but not for me), got error messages: I've tried to using u32 matches with negative offsets, but no luck. Sorta relieved that it didn't work, cause it seemed liked a hack. Mike ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] how do you rate limit routable traffic without rate limiting LAN protocols like arps and igmp?
Hi Damion, Hi Michael, It appears that local, non-routable traffic like arps and igmp are being snared by this and end-up queued in the lowest priorty queue. I was surprised that non-IP traffic would be effected by IP traffic control. How are you determining this? I restarted the queues to clear the counts and then ping'ed an unused IP address on the local subnet and counted the unanswered arp requests using tcpdump. I then used tc to show the queue counts and saw the respective counts in the default queue. I changed the default queue and perform the test again and saw the count appear in the new default queue. I'm pretty sure the counts in the default queue were arp requests. All the literature I've seen only covers tc filters dealing with the protocol IP. I've tried to filter on the arp protocol (I read this works, but not for me), got error messages: Yes, linux QoS can't shape sub-IP ARP packets. See the thread [LARTC] tc filter protocol arp question from January this year: http://mailman.ds9a.nl/pipermail/lartc/2004q1/thread.html I saw this thread and had the same problem, but I also came across this link: http://www.docum.org/stef.coene/qos/faq/cache/63.html from [EMAIL PROTECTED] It says: Simple, just use protocol arp in your filters. But it wasn't so simple. I'm really having the opposite problem. I'm trying not to shape arps. -- ~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear - A CyberGuard Company ---ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliancesweb: http://www.snapgear.com ~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
