Re: [LARTC] linux router and HA
On Fri, Mar 19, 2004 at 12:09:11PM -0800, Daniel Chemko wrote: > I played with failover from heatbeat with this. > > It seemed to do everything you're looking for. Make sure that you have > [...] Thanks for all responses. I will give a try all hearbeat-like solutions. But to make the problem simpler: once I pulled out all cords from working router and put them into the failover router ("manual takeover" ;-)) But all servers I was watching, had in their arp cache arps from the old router. How can I force them to use the new arp addresses ? I have read e.g. about fake but it let me takeover only one IP address. Any tool useful in 4-NICs-router environment ? przemol ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] multipath routing
I have a private lan that is connected to the world via 3 dsl lines. I put up a linux box that handles all the dsl lines, lan gateway and all is working well...until...one of the dsl lines goes down. My routing table is: x.x.x.x dev ppp0 proto kernel scope link src x.x.x.x x.x.x.x dev ppp1 proto kernel scope link src x.x.x.x x.x.x.x dev ppp2 proto kernel scope link src x.x.x.x 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1 255.255.255.0/24 dev eth0 scope link 169.254.0.0/16 dev eth0 scope link 127.0.0.0/8 dev lo scope link default equalize nexthop via x.x.x.x dev ppp0 weight 1 nexthop via x.x.x.x dev ppp1 weight 1 nexthop via x.x.x.x dev ppp2 weight 1 When one of the dsl lines has trouble (temporarily looses sync, etc), the kernel takes the entire default route out until the line comes back up. When the line comes up, it puts a single default route back in instead of the multipath route. If I can make it so the multipath route is maintained even when one of the dsl lines goes down, that would be great. Is there a way to have just one of the hops removed from the default multipath while the line is down and then reinserted back in as a hop in the multipath route? Thanks for any input. -Chris Do you have the stateful firewall settings in your script? According to nano.txt http://www.ssi.bg/~ja/nano.txt "At least for netfilter (not sure for ipfwadm/ipchains), the firewall must be stateful. This can be done by: iptables -t filter -N keep_state iptables -t filter -A keep_state -m state --state RELATED,ESTABLISHED \ -j ACCEPT iptables -t filter -A keep_state -j RETURN iptables -t nat -N keep_state iptables -t nat -A keep_state -m state --state RELATED,ESTABLISHED \ -j ACCEPT iptables -t nat -A keep_state -j RETURN and calling this at the beginning of the script: iptables -t nat -A PREROUTING -j keep_state iptables -t nat -A POSTROUTING -j keep_state iptables -t nat -A OUTPUT -j keep_state iptables -t filter -A INPUT -j keep_state iptables -t filter -A FORWARD -j keep_state iptables -t filter -A OUTPUT -j keep_state "
[LARTC] multipath routing
I have a private lan that is connected to the world via 3 dsl lines. I put up a linux box that handles all the dsl lines, lan gateway and all is working well...until...one of the dsl lines goes down. My routing table is: x.x.x.x dev ppp0 proto kernel scope link src x.x.x.x x.x.x.x dev ppp1 proto kernel scope link src x.x.x.x x.x.x.x dev ppp2 proto kernel scope link src x.x.x.x 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1 255.255.255.0/24 dev eth0 scope link 169.254.0.0/16 dev eth0 scope link 127.0.0.0/8 dev lo scope link default equalize nexthop via x.x.x.x dev ppp0 weight 1 nexthop via x.x.x.x dev ppp1 weight 1 nexthop via x.x.x.x dev ppp2 weight 1 When one of the dsl lines has trouble (temporarily looses sync, etc), the kernel takes the entire default route out until the line comes back up. When the line comes up, it puts a single default route back in instead of the multipath route. If I can make it so the multipath route is maintained even when one of the dsl lines goes down, that would be great. Is there a way to have just one of the hops removed from the default multipath while the line is down and then reinserted back in as a hop in the multipath route? Thanks for any input. -Chris ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] r2q
Ok, in order to conclude: is OK next table ? QUANTUM values for HTB: RATE --- QUANTUM -- 8k --> set QUANTUM = 1500 16k --> Quantum is automatic by HTB algorithm 32k --> Quantum is automatic by HTB algorithm 64k --> Quantum is automatic by HTB algorithm 256k --> Quantum is automatic by HTB algorithm 512k --> set QUANTUM = 15000 -- each with r2q=1 Also, I set r2q=1 on root class, in order to support diferentes rates. Thank you! andres. -> -Mensaje original- -> De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] -> nombre de Roy -> Enviado el: Martes, 23 de Marzo de 2004 12:13 p.m. -> Para: lartc -> Asunto: Re: [LARTC] r2q -> -> -> I newer saw warning mesage about quantum too big. -> but probably it is ok to have ANY quantum which is greater than mtu. -> -> probabaly you shpuld not set quantum to 1500 if it is 5 by defaul, -> unless you want to lower that class priority very much. -> -> but so high quantums can make trafic very bursty. -> so you may set that quantum to 15000 for better result. -> -> this will make these classes priority proportion as 1 to 10 ( 1 packet of -> spare trafic for slow class to 10 packets for fast class) -> -> - Original Message - -> From: "ThE LinuX_KiD" <[EMAIL PROTECTED]> -> To: "lartc" <[EMAIL PROTECTED]> -> Cc: "Roy" <[EMAIL PROTECTED]> -> Sent: Monday, March 22, 2004 8:50 PM -> Subject: RE: [LARTC] r2q -> -> -> > -> > Thank you, Roy ! -> > -> > I've setted quantum to 1500 when: -> > -> > quantum = rate / r2q < 1500 -> > -> > and error logs are stopped. -> > -> > In other hand, I get a new warning message: -> > -> > '"'HTB: quantum of class is BIG. Consider r2q change'"' -> > -> > because, some rates are about 1500kbits, then with -> > above formula quantum is about 192000 > 6 -> > -> > But, I can't change r2q, then I put '"'quantum 55000'"' -> > on this rules, and error has been fixed. -> > -> > Is correct the value '"'quantum 55000'"' ? -> > Or I must put mtu (1500) value for quantum ? -> > -> > Thank you! -> > -> > Andres. -> > -> > -> > -> > -> > -> > -> > -> > -> > -> -> > -> -> > -> No, -> > -> leave mtu unchanged, or you risk to have problems with some dumb -> servers. -> > -> just set qantum to 1500, for each rule when it is lower than mtu -> > -> bu default -> > -> -> > -> (quantum = rate (bytes) / r2q) this formula is used by tc -> to calculate -> > -> default quantum -> > -> you do not need to use it. -> > -> -> > -> -> > -> - Original Message - -> > -> From: '"'ThE LinuX_KiD'"' <[EMAIL PROTECTED]> -> > -> To: '"'lartc'"' <[EMAIL PROTECTED]> -> > -> Sent: Saturday, March 20, 2004 10:17 PM -> > -> Subject: RE: [LARTC] r2q -> > -> -> > -> -> > -> > -> > -> > -> > -> > -> > -> > -> > -> > Rate=8 Kbits/s = 1 Kbyte/s = 1024 Bytes -> > -> > r2q=1 -> > -> > -> > -> > quantum = 1024/1. -> > -> > -> > -> > Then Quantum = 1024 -> > -> > -> > -> > But MTU=1500=> MTU > Quantum -> > -> > -> > -> > Must I set MTU to 1024 -> > -> > -> > -> > Thank you! -> > -> > -> > -> > Andres. -> > -> > -> > -> > -> > -> > -> > -> > -> Simply set quantum manualy, -> > -> > -> now quantum = rate / r2q -> > -> > -> set quantum to one mtu ( 1500 bytes) -> > -> > -> -> > -> > -> Remember that quantum affects priority -> > -> > -> bigger quantum means higer priority. -> > -> > -> -> > -> > -> -> > -> > -> - Original Message - -> > -> > -> From: ''"''ThE LinuX_KiD''"'' <[EMAIL PROTECTED]> -> > -> > -> To: ''"''lartc''"'' <[EMAIL PROTECTED]> -> > -> > -> Sent: Friday, March 19, 2004 11:20 PM -> > -> > -> Subject: [LARTC] r2q -> > -> > -> -> > -> > -> -> > -> > -> > Hi... -> > -> > -> > -> > -> > -> > I'm working with HTB, and have a question... -> > -> > -> > -> > -> > -> > what happen if I create a class of '''"'''8kbit'''"''' ?? -> > -> > -> > -> > -> > -> > I get a log : -> > -> > -> > -> > -> > -> > '''"'''HTB: quantum of class is small. Consider r2q -> > change'''"''' -> > -> > -> > -> > -> > -> > but, my r2q=1 I can't reduce that variable... -> > -> > -> > -> > -> > -> > how must I procced ? -> > -> > -> > -> > -> > -> > Thank you! -> > -> > -> > mac -> > -> > -> > ___ -> > -> > -> > LARTC mailing list / [EMAIL PROTECTED] -> > -> > -> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: -> > -> http://lartc.org/ -> > -> > -> > -> > -> > -> ___ -> > -> > -> LARTC mailing list / [EMAIL PROTECTED] -> > -> > -> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: -> > http://lartc.org/ -> > > -> -> > > ___ -> > > LARTC mailing list / [EMAIL PROTECTED] -> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___
Re: [LARTC] r2q
I newer saw warning mesage about quantum too big. but probably it is ok to have ANY quantum which is greater than mtu. probabaly you shpuld not set quantum to 1500 if it is 5 by defaul, unless you want to lower that class priority very much. but so high quantums can make trafic very bursty. so you may set that quantum to 15000 for better result. this will make these classes priority proportion as 1 to 10 ( 1 packet of spare trafic for slow class to 10 packets for fast class) - Original Message - From: "ThE LinuX_KiD" <[EMAIL PROTECTED]> To: "lartc" <[EMAIL PROTECTED]> Cc: "Roy" <[EMAIL PROTECTED]> Sent: Monday, March 22, 2004 8:50 PM Subject: RE: [LARTC] r2q > > Thank you, Roy ! > > I've setted quantum to 1500 when: > > quantum = rate / r2q < 1500 > > and error logs are stopped. > > In other hand, I get a new warning message: > > '"'HTB: quantum of class is BIG. Consider r2q change'"' > > because, some rates are about 1500kbits, then with > above formula quantum is about 192000 > 6 > > But, I can't change r2q, then I put '"'quantum 55000'"' > on this rules, and error has been fixed. > > Is correct the value '"'quantum 55000'"' ? > Or I must put mtu (1500) value for quantum ? > > Thank you! > > Andres. > > > > > > > > > -> > -> > -> No, > -> leave mtu unchanged, or you risk to have problems with some dumb servers. > -> just set qantum to 1500, for each rule when it is lower than mtu > -> bu default > -> > -> (quantum = rate (bytes) / r2q) this formula is used by tc to calculate > -> default quantum > -> you do not need to use it. > -> > -> > -> - Original Message - > -> From: '"'ThE LinuX_KiD'"' <[EMAIL PROTECTED]> > -> To: '"'lartc'"' <[EMAIL PROTECTED]> > -> Sent: Saturday, March 20, 2004 10:17 PM > -> Subject: RE: [LARTC] r2q > -> > -> > -> > > -> > > -> > > -> > > -> > Rate=8 Kbits/s = 1 Kbyte/s = 1024 Bytes > -> > r2q=1 > -> > > -> > quantum = 1024/1. > -> > > -> > Then Quantum = 1024 > -> > > -> > But MTU=1500=> MTU > Quantum > -> > > -> > Must I set MTU to 1024 > -> > > -> > Thank you! > -> > > -> > Andres. > -> > > -> > > -> > > -> > -> Simply set quantum manualy, > -> > -> now quantum = rate / r2q > -> > -> set quantum to one mtu ( 1500 bytes) > -> > -> > -> > -> Remember that quantum affects priority > -> > -> bigger quantum means higer priority. > -> > -> > -> > -> > -> > -> - Original Message - > -> > -> From: ''"''ThE LinuX_KiD''"'' <[EMAIL PROTECTED]> > -> > -> To: ''"''lartc''"'' <[EMAIL PROTECTED]> > -> > -> Sent: Friday, March 19, 2004 11:20 PM > -> > -> Subject: [LARTC] r2q > -> > -> > -> > -> > -> > -> > Hi... > -> > -> > > -> > -> > I'm working with HTB, and have a question... > -> > -> > > -> > -> > what happen if I create a class of '''"'''8kbit'''"''' ?? > -> > -> > > -> > -> > I get a log : > -> > -> > > -> > -> > '''"'''HTB: quantum of class is small. Consider r2q > change'''"''' > -> > -> > > -> > -> > but, my r2q=1 I can't reduce that variable... > -> > -> > > -> > -> > how must I procced ? > -> > -> > > -> > -> > Thank you! > -> > -> > mac > -> > -> > ___ > -> > -> > LARTC mailing list / [EMAIL PROTECTED] > -> > -> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: > -> http://lartc.org/ > -> > -> > > -> > -> ___ > -> > -> LARTC mailing list / [EMAIL PROTECTED] > -> > -> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: > http://lartc.org/ > > -> > > ___ > > LARTC mailing list / [EMAIL PROTECTED] > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] How to limit the Upload speed for an specific IP?
If traffic is outbound to another interface, limit the traffic on that interface. If traffic is destined to local, you will need either ingress policing or IMQ(www.linuximq.net). Rubens On Mon, 22 Mar 2004, Morten Kramer wrote: > Hello, > > I want to limit the upload speed for the eth0 Interface for an specific IP. > > I used the following script, but its only limits the DOWNLOAD speed.But i want to > limit both! > > DEV='eth0' > tc qdisc add dev $DEV root handle 1: cbq avpkt 1000 bandwidth 768kbit > tc class add dev $DEV parent 1: classid 1:1 cbq rate 100kbit allot 1500 prio 5 > bounded isolated > tc filter add dev $DEV parent 1: protocol ip prio 16 u32 match ip dst 192.168.0.2 > flowid 1:1 > > > Greetz > > > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] RE: How to limit the Upload speed for an specific IP?
Message: 1 This is how I am marking and limiting both download and upload speeds for IP ranges. Maybe you can get some ideas from this: http://www.geocities.com/jame_sj/ Hello, I want to limit the upload speed for the eth0 Interface for an specific = IP. I used the following script, but its only limits the DOWNLOAD speed.But = i want to limit both! DEV=3D'eth0' tc qdisc add dev $DEV root handle 1: cbq avpkt 1000 bandwidth 768kbit tc class add dev $DEV parent 1: classid 1:1 cbq rate 100kbit allot 1500 = prio 5 bounded isolated tc filter add dev $DEV parent 1: protocol ip prio 16 u32 match ip dst = 192.168.0.2 flowid 1:1 Greetz ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: LARTC digest, Vol 1 #1647 - 2 msgs
[EMAIL PROTECTED] wrote: > --__--__-- > > Message: 1 > From: "Morten Kramer" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Date: Mon, 22 Mar 2004 21:00:14 +0100 > Subject: [LARTC] How to limit the Upload speed for an specific IP? > > This is a multi-part message in MIME format. > > --=_NextPart_000_0255_01C41050.ABDECCF0 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Hello, > > I want to limit the upload speed for the eth0 Interface for an specific = > IP. > > I used the following script, but its only limits the DOWNLOAD speed.But = > i want to limit both! > > DEV=3D'eth0' > tc qdisc add dev $DEV root handle 1: cbq avpkt 1000 bandwidth 768kbit > tc class add dev $DEV parent 1: classid 1:1 cbq rate 100kbit allot 1500 = > prio 5 bounded isolated > tc filter add dev $DEV parent 1: protocol ip prio 16 u32 match ip dst = > 192.168.0.2 flowid 1:1 > Hello, If you change "dst" into "src", you can control outgoing traffic rate..., I think. -- Masanao Yasui mailto:[EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/