Re: [LARTC] htb2 - htb3 problems
I need to switch from htb2 to htb3, because of speed issues (for me, htb2 is unable to handle more then 100mbit duplex with ~550 classes), kernel profiling shows htb_dequeue_prio at 1st place with 3x isolation. So, I've moved from 2.4.19 to 2.4.25 kernel (hi-pac for classification/marking and htb3 for queueing), and traffic rate drop from 100 to 20mbit. What can be wrong? The only change I see is htb2 - htb3 Hello, I suppose the drop you see is CPU bound ? Did you profiled it again ? Both HTB algorithms are very different so that one can expect different behavior with different data/rules. But I can admit that this 5x drop is rather big and unfortunate. devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] hashing
On Tue, 6 Apr 2004 [EMAIL PROTECTED] wrote: Hi i have 2 class C 80.97.103.0/24 and 81.180.12.0/24 but i dont konw how to set hashing tables for HTB tc add dev eth0 parent 1: prio 0 handle 1: protocol ip u32 divisor 256 tc add dev eth0 parent 1: prio 0 protocol ip u32 match src 80.97.103.0/24 hashkey mask 0x00FF at 12 link 1: but i want 2 hashkey for 80.97.103.0/24 and for 81.180.12.0/24 can somebody help me ? tc filter add dev eth0 parent 1: prio 0 handle 1: protocol ip u32 divisor 256 tc finlter add dev eth0 parent 1: prio 0 protocol ip u32 match src 80.97.103.0/24 hashkey mask 0x00FF at 12 link 103: tc filter add dev eth0 parent 1: prio 0 protocol ip u32 match src 81.180.12.0/24 hashkey mask 0x00FF at 12 link 12: # Create filters for every ip # for 80.97.103.0/24 tc filter add dev eth0 parent 1: protocol ip u32 ht 103:2: flowid 1:2 tc filter add dev eth0 parent 1: protocol ip u32 ht 103:3: flowid 1:3 ... tc filter add dev eth0 parent 1: protocol ip u32 ht 103:fe: flowid 1:254 # now for 81.180.12.0/24 tc filter add dev eth0 parent 1: protocol ip u32 ht 12:2: flowid 1:402 tc filter add dev eth0 parent 1: protocol ip u32 ht 12:3: flowid 1:403 ... tc filter add dev eth0 parent 1: protocol ip u32 ht 12:fe: flowid 1:654 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ --- Catalin(ux aka Dino) BOIE catab at deuroconsult.ro ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] htb2 - htb3 problems
devik ([EMAIL PROTECTED]) wrote: I suppose the drop you see is CPU bound ? Did you profiled it again ? No, CPU is about times more in idle state in htb3, and 5x lowest data rate. AFAIK, htb3 scheduler is faster, so that is the reason of moving to htb3. ok then it is config issue probably. you should pin it down to smallest possible number of classes for test (say up to 5 classes) and then use tc -s show class ... to see internal statistics. Look for classes with small (or negative) tokens or ctokens - these are in throttling state and are slowing throughtput - then think if it is ok .. ok I'm creating root with 200Mbit and parent with 10Mbit/1Mbit class htb 1:5500 parent 1:2 leaf 5500: prio 0 quantum 131072 rate 10Mbit ceil 12Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 25443954 bytes 17155 pkts (dropped 0, overlimits 0) rate 143050bps 97pps backlog 25p lended: 17130 borrowed: 0 giants: 0 tokens: 335 ctokens: -787 class htb 1:1 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2723bps 49pps lended: 0 borrowed: 0 giants: 0 tokens: 8241 ctokens: 8241 class htb 1:2 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 25406104 bytes 17130 pkts (dropped 0, overlimits 0) rate 144147bps 98pps lended: 0 borrowed: 0 giants: 0 tokens: 8195 ctokens: 8195 class htb 1:3500 parent 1:1 leaf 3500: prio 0 quantum 13107 rate 1Mbit ceil 1Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2739bps 49pps lended: 8712 borrowed: 0 giants: 0 tokens: 12501 ctokens: -294 so, rate is 1,2Mbit and what is meaning of negative ctokens? From data you send one can't decide what's bad. In any case and as I said before, behavioue changed a bit so that results can be a bit different a may need tc script changes. devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Michael Vasilenko ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] htb2 - htb3 problems
Michael Vasilenko ([EMAIL PROTECTED]) wrote: devik ([EMAIL PROTECTED]) wrote: I suppose the drop you see is CPU bound ? Did you profiled it again ? No, CPU is about times more in idle state in htb3, and 5x lowest data rate. AFAIK, htb3 scheduler is faster, so that is the reason of moving to htb3. ok then it is config issue probably. you should pin it down to smallest possible number of classes for test (say up to 5 classes) and then use tc -s show class ... to see internal statistics. Look for classes with small (or negative) tokens or ctokens - these are in throttling state and are slowing throughtput - then think if it is ok .. ok I'm creating root with 200Mbit and parent with 10Mbit/1Mbit and qdisc stats (I have sfq attached to each leaf htb class): qdisc sfq 5500: quantum 1514b limit 128p flows 128/1024 perturb 5sec Sent 52611108 bytes 35988 pkts (dropped 0, overlimits 0) backlog 22p qdisc sfq 3500: quantum 1514b limit 128p flows 128/1024 perturb 5sec Sent 1004864 bytes 18073 pkts (dropped 0, overlimits 0) qdisc htb 1: r2q 10 default 2500 direct_packets_stat 130 ver 3.13 Sent 53627322 bytes 54191 pkts (dropped 0, overlimits 89908) backlog 22p class htb 1:5500 parent 1:2 leaf 5500: prio 0 quantum 131072 rate 10Mbit ceil 12Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 25443954 bytes 17155 pkts (dropped 0, overlimits 0) rate 143050bps 97pps backlog 25p lended: 17130 borrowed: 0 giants: 0 tokens: 335 ctokens: -787 class htb 1:1 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2723bps 49pps lended: 0 borrowed: 0 giants: 0 tokens: 8241 ctokens: 8241 class htb 1:2 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 25406104 bytes 17130 pkts (dropped 0, overlimits 0) rate 144147bps 98pps lended: 0 borrowed: 0 giants: 0 tokens: 8195 ctokens: 8195 class htb 1:3500 parent 1:1 leaf 3500: prio 0 quantum 13107 rate 1Mbit ceil 1Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2739bps 49pps lended: 8712 borrowed: 0 giants: 0 tokens: 12501 ctokens: -294 so, rate is 1,2Mbit and what is meaning of negative ctokens? From data you send one can't decide what's bad. In any case and as I said before, behavioue changed a bit so that results can be a bit different a may need tc script changes. devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Michael Vasilenko -- Michael Vasilenko ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] htb2 - htb3 problems
I see you have cburst 0 ! It is not allowed and is described in docs. What was commands to create the classes ? --- Martin Devera aka devik Linux kernel QoS/HTB maintainer http://luxik.cdi.cz/~devik/ On Tue, 6 Apr 2004, Michael Vasilenko wrote: devik ([EMAIL PROTECTED]) wrote: I suppose the drop you see is CPU bound ? Did you profiled it again ? No, CPU is about times more in idle state in htb3, and 5x lowest data rate. AFAIK, htb3 scheduler is faster, so that is the reason of moving to htb3. ok then it is config issue probably. you should pin it down to smallest possible number of classes for test (say up to 5 classes) and then use tc -s show class ... to see internal statistics. Look for classes with small (or negative) tokens or ctokens - these are in throttling state and are slowing throughtput - then think if it is ok .. ok I'm creating root with 200Mbit and parent with 10Mbit/1Mbit class htb 1:5500 parent 1:2 leaf 5500: prio 0 quantum 131072 rate 10Mbit ceil 12Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 25443954 bytes 17155 pkts (dropped 0, overlimits 0) rate 143050bps 97pps backlog 25p lended: 17130 borrowed: 0 giants: 0 tokens: 335 ctokens: -787 class htb 1:1 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2723bps 49pps lended: 0 borrowed: 0 giants: 0 tokens: 8241 ctokens: 8241 class htb 1:2 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 25406104 bytes 17130 pkts (dropped 0, overlimits 0) rate 144147bps 98pps lended: 0 borrowed: 0 giants: 0 tokens: 8195 ctokens: 8195 class htb 1:3500 parent 1:1 leaf 3500: prio 0 quantum 13107 rate 1Mbit ceil 1Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2739bps 49pps lended: 8712 borrowed: 0 giants: 0 tokens: 12501 ctokens: -294 so, rate is 1,2Mbit and what is meaning of negative ctokens? From data you send one can't decide what's bad. In any case and as I said before, behavioue changed a bit so that results can be a bit different a may need tc script changes. devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Michael Vasilenko ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] htb2 - htb3 problems
devik ([EMAIL PROTECTED]) wrote: I see you have cburst 0 ! It is not allowed and is described in docs. What was commands to create the classes ? /sbin/tc.3 qdisc add dev eth0 root handle 1:0 htb default 2500 r2q 100 /sbin/tc.3 class add dev eth0 parent 1:0 classid 1:1 htb rate 200mbit ceil 200mbit quantum 20 /sbin/tc.3 class add dev eth0 parent 1:0 classid 1:2 htb rate 200mbit ceil 200mbit quantum 20 /sbin/tc.3 class add dev eth0 parent 1:1 classid 1:3500 htb rate 10Mbit ceil 10Mbit burst 2048b cburst 1 /sbin/tc.3 qdisc add dev eth0 parent 1:3500 handle 3500: sfq perturb 5 /sbin/tc.3 class add dev eth0 parent 1:2 classid 1:5500 htb rate 20Mbit ceil 20Mbit burst 2048b cburst 1 quantum 6 /sbin/tc.3 qdisc add dev eth0 parent 1:5500 handle 5500: sfq perturb 5 /sbin/tc.3 filter add dev eth0 parent 1:0 protocol ip prio 50 handle 3500 fw classid 1:3500 /sbin/tc.3 filter add dev eth0 parent 1:0 protocol ip prio 50 handle 5500 fw classid 1:5500 tc.3 -V tc utility, iproute2-ss020116 On Tue, 6 Apr 2004, Michael Vasilenko wrote: devik ([EMAIL PROTECTED]) wrote: I suppose the drop you see is CPU bound ? Did you profiled it again ? No, CPU is about times more in idle state in htb3, and 5x lowest data rate. AFAIK, htb3 scheduler is faster, so that is the reason of moving to htb3. ok then it is config issue probably. you should pin it down to smallest possible number of classes for test (say up to 5 classes) and then use tc -s show class ... to see internal statistics. Look for classes with small (or negative) tokens or ctokens - these are in throttling state and are slowing throughtput - then think if it is ok .. ok I'm creating root with 200Mbit and parent with 10Mbit/1Mbit class htb 1:5500 parent 1:2 leaf 5500: prio 0 quantum 131072 rate 10Mbit ceil 12Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 25443954 bytes 17155 pkts (dropped 0, overlimits 0) rate 143050bps 97pps backlog 25p lended: 17130 borrowed: 0 giants: 0 tokens: 335 ctokens: -787 class htb 1:1 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2723bps 49pps lended: 0 borrowed: 0 giants: 0 tokens: 8241 ctokens: 8241 class htb 1:2 root rate 200Mbit ceil 200Mbit burst 263690b/8 mpu 0b cburst 263690b/8 mpu 0b level 7 Sent 25406104 bytes 17130 pkts (dropped 0, overlimits 0) rate 144147bps 98pps lended: 0 borrowed: 0 giants: 0 tokens: 8195 ctokens: 8195 class htb 1:3500 parent 1:1 leaf 3500: prio 0 quantum 13107 rate 1Mbit ceil 1Mbit burst 2Kb/8 mpu 0b cburst 0b/8 mpu 0b level 0 Sent 482570 bytes 8712 pkts (dropped 0, overlimits 0) rate 2739bps 49pps lended: 8712 borrowed: 0 giants: 0 tokens: 12501 ctokens: -294 so, rate is 1,2Mbit and what is meaning of negative ctokens? From data you send one can't decide what's bad. In any case and as I said before, behavioue changed a bit so that results can be a bit different a may need tc script changes. devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Michael Vasilenko ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Michael Vasilenko ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] medir trafico
hola listeros! existe algun script webScript, proyecto, herramienta o lo que sea, que sirva para medir el trafico total de una lan, como para hacer reportes mensuales por host ? necesito hacer algo asi: hostTrafico/mes - 192.168.1.x1x Bytes 192.168.1.x2x Bytes 192.168.1.x3x Bytes 192.168.1.x4x Bytes ese seria un reporte a efectuar el ultimo dia de cada mes... saludos y gracias !!! mac ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] medir trafico
bandwidthd.sf.net - Original Message - From: ThE LinuX_KiD [EMAIL PROTECTED] To: lartc [EMAIL PROTECTED] Sent: Tuesday, April 06, 2004 3:59 PM Subject: [LARTC] medir trafico hola listeros! existe algun script webScript, proyecto, herramienta o lo que sea, que sirva para medir el trafico total de una lan, como para hacer reportes mensuales por host ? necesito hacer algo asi: host Trafico/mes - 192.168.1.x1 x Bytes 192.168.1.x2 x Bytes 192.168.1.x3 x Bytes 192.168.1.x4 x Bytes ese seria un reporte a efectuar el ultimo dia de cada mes... saludos y gracias !!! mac ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Can I give more bandwidth to a specific URL
On Tuesday 06 April 2004 05:17, Martin A. Brown wrote: snip If you are just starting out with traffic control under Linux, I strongly recommend learning and using tcng from the beginning. The control language offered by tcng (although technical) is much more like English or human language than the more arcane tc syntax. Here are some starting points for learning about tcng [4] [5]. (Lest there be any doubt, you will need tc, from iproute2, as well as tcng.) Speaking of TCNG, I read through the various guides and I still can't figure out how I am supposed to be using tcsim. While I can get it to output information and graph it, the output does not mean anything to me. I was expecting output similar to what appears on the HTB author's Web site, since that means a lot more to me. What is tcsim telling me exactly? Thanks! snip -Martin [0] http://lartc.org/ [1] http://www.docum.org/ [2] http://www.docum.org/stef.coene/qos/faq/cache/ [3] http://tldp.org/HOWTO/Traffic-Control-HOWTO/ [4] http://tldp.org/HOWTO/Traffic-Control-tcng-HTB-HOWTO/ [5] http://linux-ip.net/gl/tcng/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Routing problem
Hi Pereira, i have one firewall/gateway server with two interfaces and a routing problem (?). eth0: external interface eth1: internal interface. Both ip address are valid. Anyone can help me to find where is the problem? I think it´s a routing problem, but i don´t know where it is... Has your ISP placed routing entries for eth1 IP via eth0 IP ? Are they on the same subnets ? If you do a traceroute from the internet, you should see your hops hit eth0 (and then if everything was working, hit eth1) Of course. IP_FORWARDING is enable for a long time. I assume you've also turned it on in /proc/sys/net/ipv4/ip_forward ? -- ~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear - A CyberGuard Company ---ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliancesweb: http://www.snapgear.com ~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Routing problem
I installed gated to resolve my routing problem. It wa s a RIP problem. Thanks a lot, Mauricio. Em 07 Apr 2004, Damion de Soto escreveu: Hi Pereira, i have one firewall/gateway server with two interfaces and a routing problem (?). eth0: external interface eth1: internal interface. Both ip address are valid. Anyone can help me to find where is the problem? I think it´s a routing problem, but i don´t know where it is... Has your ISP placed routing entries for eth1 IP via eth0 IP ? Are they on the same subnets ? If you do a traceroute from the internet, you should see your hops hit eth0 (and then if everything was working, hit eth1) Of course. IP_FORWARDING is enable for a long time. I assume you've also turned it on in /proc/sys/net/ipv4/ip_forward ? -- ~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- _ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Routing problem
Anyone knows a pdf, text, html that explains how /etc/gateway, or gated.conf works? I installed gated, configured rip1 and now is working, but i want to know everything about... Thanks any help, _ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] cant get FAIL-OVER to work...
Hi all. Im having a problem that isdriving me crazy. I cant get link fail-over to work in my RedHat9 Linux. I have two ADSL lines exactly the same speed, and im doing NAT with the linux box. Whenever the first line (eth2 in my case) goes down, i run abash script that i made to change the default route to the backup line (eth0). eth1 is my internal network. I want to be able to make the linux box do that for me. I already triedmany load balancing sites, but still cant figure it out. I just gave up today, and i want to know if any good soul would help me to make it work by getting into my Redhat box using SSH. Thanks a lot everyone. My ICQ is: 3794264 My MSN is: [EMAIL PROTECTED] Cristiano Soares
Re: [LARTC] cant get FAIL-OVER to work...
Hi Cristiano, Hi all. Im having a problem that is driving me crazy. I cant get link fail-over to work in my RedHat9 Linux. ---snip- I want to be able to make the linux box do that for me. I already tried many load balancing sites, but still cant figure it out. I just gave up today, and i want to know if any good soul would help me to make it work by getting into my Redhat box using SSH. Thanks a lot everyone. I'm sure quite a few people might like to ssh to your Redhat box. I don't know how you can make sure they're good souls though. If you provided some more details as to exactly what's going wrong, then perhaps someone could help you fix it yourself and not compromise the security of your system. -- ~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear - A CyberGuard Company ---ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliancesweb: http://www.snapgear.com ~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/