[LARTC] Trafic monitor
Hello ! I use Slackware Linux on a box for routing and SNAT for a small network: |eth0: 80.97.108.1| | | |eth1:192.168.1.1| ..| my network (192.168.1.0/24)| I search for a toolshow-me on real time the trafic made byall/one IPon the interface eth1, somethings simple ;EX: 192.168.1.10 ... x kbit/s 192.168.1.11 ...y kbit/s 192.168.1.12 ...z kbit/s 192.168.1.13 ... x kbit/s 192.168.1.14 ... x kbit/s 192.168.1.15 ... x kbit/s 192.168.1.16 ... x kbit/s 192.168.1.17 ... x kbit/s 192.168.1.18 ... x kbit/s 192.168.1.19 ... x kbit/s ...any ideea ..Thanks!!
[LARTC] How to limit per tcp session ?
Dear folks, I ve fully read lartc.txt document to make sure my question still unexplained in that document. I want to limit per tcp session, how to do that with HTB or CBQ ? Inside lartc.txt, there is an example for full NAT QoS solution, but thats not what i meant. Thanks.. Regards, Rio Martin. -- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Trafic monitor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 16 June 2004 09:51, Ionut Gogu wrote: I search for a tool show-me on real time the trafic made by all/one IPon the interface eth1, somethings simple ; EX: 192.168.1.10 ... x kbit/s 192.168.1.11 ... y kbit/s 192.168.1.12 ... z kbit/s 192.168.1.13 ... x kbit/s 192.168.1.14 ... x kbit/s 192.168.1.15 ... x kbit/s 192.168.1.16 ... x kbit/s 192.168.1.17 ... x kbit/s 192.168.1.18 ... x kbit/s 192.168.1.19 ... x kbit/s I'm working on one _RIGHT_NOW_ and expect it to be usable today. It will be configurable over a webinterface, and will manipulate the iptables using a small setuid C-Program I wrote. (I know, setuid root sucks, but you'll have to make sure noone else on this server can access or run the executable file using the webserver .. that's your job.) It uses ulogd and stores the traffic in a webinterface, it also does update the statistics database once a given limit of traffic has been reached, or a certain timeout has been hit. I might give out a usable version tomorrow, but I cannot guarantee for its bugfreeness. Though, most of the parts are done and they also seem to work the way I want them to. Plus, it won't destroy any already-present firewall setups. - -- Thilo Schulz My public PGP key is available at http://home.bawue.de/~arny/public_key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0CmeZx4hBtWQhl4RAtm6AJ9ZnZGEaqqEVen4bhj2dp3zHQuBXwCg0mLh xUIkFG3likAGC9G4lk4rlxg= =LxT8 -END PGP SIGNATURE- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] How to limit per tcp session ?
Rio Martin wrote: Dear folks, I ve fully read lartc.txt document to make sure my question still unexplained in that document. I want to limit per tcp session, how to do that with HTB or CBQ ? Inside lartc.txt, there is an example for full NAT QoS solution, but thats not what i meant. Yes, I would be interested to hear any ideas on how to do this. Think of running a hosted ASP type box where people can connect from anywhere, but you want to limit each to (say) a max of 5Kbyte/s, perhaps with some burstable excess, but that's optional. Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] HTB theory?
Thanks very much, Devik and Andy, I had seminar today and I think it has some success, and (for now?) I do not feel like having unanswered questions. Dmitry On Sunday 13 June 2004 21:41, Martin Devera [EMAIL PROTECTED] wrote: 1. In order of priority, we satisfy all leaf classes' rates (while the class is ?green?) 2. When the leaf classes' rate is reached (all the leaf classes are ?yellow?), borrow the unused speed from parent classes if they have something to give (if they are not ?red?). In this case, each leaf class is equal to others until their ceil is met or until they will have no parent to borrow from... Or maybe their level matters? In both cases DRR is used to cycle classes to dequeue - this gives us fairness (weighted by quantums). I also think that: 1. Until all leaf classes' rate is met we even do not check anything else (including ceil of parent classes) correct 2. the root queue is unlimited feed for the classes which are attached to it directly yes One think I do not understand neither for SFQ nor for HTB (please explain for both) - how can we maintain fairness in case of differently-sizes packets. As I understand, one packet is atomic unit, and interface is requesting not more and not less than one packet. Now given a quantum for each leaf class in HTB or the same for SQF (are they different in this process?) of 1500 bytes - do they wait for more packets from one subclass (asking it once again in the next turn, of course, if they have nothing to send, we switch to the next...)? And if one subclass is providing 1500 packets in each turn, and another subclass is providing 800-byte packets - will they be equal on the amount of traffic they are allowed to send in case the real channel is smaller than the sum of their effective ceil values? both SFQ and HTB (and CBQ) uses DRR which uses BYTES as count not packets. Look into literature for leaky bucket description. To answer your last mail, cannonical HTB theory (v.3 = latest one) is: http://luxik.cdi.cz/~devik/qos/htb/manual/theory.htm. It is up to date - mainly because algorithm is the same since 2002. (I am preparing for a seminar in which I will tell people how it works, so I need to know this perfectly :))) ) Hmm I have talk at SUCON (http://www.suug.ch/sucon/04/speakers.html#7) so that I'll need to refresh it too :) devik ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] QOS Script difficulty on bridge
I'm playing with the rather excellent QOS script from Alexander Clouter at http://digriz.org.uk/jdg-qos-script/ So far I am really impressed with it - a very impressive example of the power of linux QOS rules (has pretty much everything in it from the LARTC Howto!) However, the instructions hint that for QoS to affect locally generated traffic in a non ethernet bridge setup you must have IMQ. Now, I *DO* have a bridged config (br - eth0 eth1), but I can't see how I can set things up so that traffic from the local machine suffers the effect of the QOS limitations (on download) without using IMQ. More broadly, can *anyone* see how it might be possible to limit the download rate to a local machine running as a bridge, without using IMQ? (err, and not using the policer either, I want an HTB qdisk running on the download traffic - I just want to know if I am missing something obvious about the way the bridge works) Just for reference only the bridge has an ip address, both physical interfaces are anonymous. Thanks for any pointers. Ed W P.S. Anyone using this script on 2.6 with a bridge needs to be aware that the syntax for tc has changed. You can't use tc -i eth0 anymore, you need tc -i br0 -m physdev --physdev-in eth0. And the same for -o. Hope that helps anyone who tries the script out ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] strange problem
hi all, I have strange problem into my network. traffic to one IP goes into exact same intervals and look like drop line and after 10sec and again start connection Traffic is into default HTB rules ( rate/ceil 8kbit) my question is can i prevent from these connect/disconnect values.and is there any docs for already detect problem like my. I use HTB P: 62.73.105.24 IN: 000360 kB Out: 021000 kB IN: 0.12 kB/sOut: 6.84 kB/s IP: 62.73.105.24 IN: 00 kB Out: 00 kB IN: 0.00 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 00 kB Out: 00 kB IN: 0.00 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 000400 kB Out: 021000 kB IN: 0.13 kB/sOut: 6.84 kB/s IP: 62.73.105.24 IN: 62 kB Out: 00 kB IN: 0.02 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 000124 kB Out: 00 kB IN: 0.04 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 000342 kB Out: 021000 kB IN: 0.11 kB/sOut: 6.84 kB/s IP: 62.73.105.24 IN: 62 kB Out: 00 kB IN: 0.02 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 00 kB Out: 018000 kB IN: 0.00 kB/sOut: 5.86 kB/s IP: 62.73.105.24 IN: 000360 kB Out: 003000 kB IN: 0.12 kB/sOut: 0.98 kB/s IP: 62.73.105.24 IN: 00 kB Out: 00 kB IN: 0.00 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 000360 kB Out: 021000 kB IN: 0.12 kB/sOut: 6.84 kB/s IP: 62.73.105.24 IN: 00 kB Out: 00 kB IN: 0.00 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 00 kB Out: 00 kB IN: 0.00 kB/sOut: 0.00 kB/s IP: 62.73.105.24 IN: 000332 kB Out: 019500 kB IN: 0.11 kB/sOut: 6.35 kB/ regards emil __ Do you Yahoo!? Yahoo! Mail is new and improved - Check it out! http://promotions.yahoo.com/new_mail ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] bandwidth shaping based on trafic on other host
Hi Folks, I am a newbie in Qos... I could not find references to my question, then I am asking. This is the network: 192.168.1.2 --+ 192.168.1.3 --+ Router 192.168.1.4 --+ Linux/2.4 192.168.1.5 --+ eth0 eth1 internetprovider1 200.x.x.2 + 200.x.x.3 + 200.x.x.4 + Other network: internetprovider2 - 200.y.y.6 (static IP) The link to internetprovider1 is from 256kbps (min) to 300kbps (max). Link to internetprovider2 is from 128kbps (min) to 150kbps (max). (download and upload rates are the same and are also independent. the link hardware is full-duplex) A few (10) times a day, computers 200.y.y.6 and 200.x.x.3 open a peer-to-peer application (video/audio) that demands 96kbps and they use it for 5 minutes only. Now what I need to do: - When there is no trafic from 200.y.y.6 in the router, all machines can use the network, without any bandwidth limit. - When there is trafic from 200.y.y.6, I want to limit the bandwidth of other hosts to 140kbps to assure the 96kbps to the video/audio connection. Can you give me a hint? Is there any keywords for this feature I need that I can search in google? ? Any howto you can recommend? Thanks, Pedro -- .''`. Pedro Zorzenon Neto [EMAIL PROTECTED] : :' : Debian GNU/Linux | GNU/Hurd: http://www.debian.org `. `'` Debian BR: http://debian-br.alioth.debian.org `- Be Happy! Be FREE! ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] QOS Script difficulty on bridge
On Wednesday 16 June 2004 11:53, Ed Wildgoose wrote: snip Ed W P.S. Anyone using this script on 2.6 with a bridge needs to be aware that the syntax for tc has changed. You can't use tc -i eth0 anymore, you need tc -i br0 -m physdev --physdev-in eth0. And the same for -o. Hope that helps anyone who tries the script out There is no `tc -i` afaik? ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] bandwidth shaping based on trafic on other host
On Wed, Jun 16, 2004 at 03:12:56PM -0300, Pedro Zorzenon Neto wrote: This is the network: 192.168.1.2 --+ 192.168.1.3 --+ Router 192.168.1.4 --+ Linux/2.4 192.168.1.5 --+ eth0 eth1 internetprovider1 200.x.x.2 + 200.x.x.3 + 200.x.x.4 + Maybe the linux router configuration is needed for you to answer my question. Thanks again, Pedro linux router configs: eth0 addr: 192.168.1.1/24 eth1 addr: 200.x.x.1/29 static routes: 192.168.1.0/24 - eth0 200.x.x.2/32 - eth0 200.x.x.3/32 - eth0 200.x.x.4/32 - eth0 200.x.x.5/32 - eth0 200.x.x.0/29 - eth1 0.0.0.0/0 - via gateway 200.x.x.6 provider1 configurations: I have 5 static IPs (200.x.x.1 to 200.x.x.5) The IP 200.x.x.6 is provider IP. The IP 200.x.x.1 provider routes direct to myrouter eth1 The IP 200.x.x.2 to 200.x.x.5 provider routes via gateway 200.x.x.1, that is myrouter. ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] How to limit per tcp session ?
I've been told previously that this was not possible for the current setup (though I'd be happy to be corrected now). I was wondering how one would go about funding such an effort to be added to the current tc? I've heard from several people who would be interested, and it seems that it should be feasible to add to the current tc programs (though I admit ignorance in the simplicity). If there are any kernel/tc developers reading, I'd be interested in finding out what it would take to have this added (as apparently would others). Thanks, Bill On Wed, 16 Jun 2004, Ed Wildgoose wrote: Rio Martin wrote: Dear folks, I ve fully read lartc.txt document to make sure my question still unexplained in that document. I want to limit per tcp session, how to do that with HTB or CBQ ? Inside lartc.txt, there is an example for full NAT QoS solution, but thats not what i meant. Yes, I would be interested to hear any ideas on how to do this. Think of running a hosted ASP type box where people can connect from anywhere, but you want to limit each to (say) a max of 5Kbyte/s, perhaps with some burstable excess, but that's optional. Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- If you do not understand, or cannot read, all directions, cautions and warnings, do not use this product. -- drain cleaner warning label ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Class ID limits
Hey everyone, I had a question about the class id's using the TC command. I'm using a command that looks something like this: tc class add dev eth1 parent 10: classid 10:$variable cbq bandwidth 200Mbit rate 512Kbit allot 1514 prio 5 maxburst 20 avpkt 1000 bounded That's just an example. My problem is I'm guessing the $variable is not allowed to be anything over . I'm getting an error when I run that command with anything over 4 digits as a $variable. The error is: RTNETLINK answers: Invalid argument I've also tried just entering that in at the command prompt and using 1 as the variable and that error shows up. I actually have a few questions. First, am I right in assuming this or is the reason something totally different? And, if I'm right, is there any way around the limit other than creating a new qdisc? I'm trying to use a number we have set up in our database and sometimes it goes into the 5 digit range. Any help would be greatly appreciated. Thanks! Adam Towarnyckyj Network Operations CommSpeed AZ, LLC http://www.commspeed.net/ Phone: 928-772- x131 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] QOS Script difficulty on bridge
Jason Boxman wrote: On Wednesday 16 June 2004 11:53, Ed Wildgoose wrote: snip Ed W P.S. Anyone using this script on 2.6 with a bridge needs to be aware that the syntax for tc has changed. You can't use tc -i eth0 anymore, you need tc -i br0 -m physdev --physdev-in eth0. And the same for -o. Hope that helps anyone who tries the script out There is no `tc -i` afaik? Durr.. I meant iptables -i. Sorry, was thinking about something else. Please sub tc for iptables in the above. Any ideas on how to do this though? Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] QOS Script difficulty on bridge
If eth0 is your interface connected to the Internet, shape outgoing traffic on eth1. This will simulate the effect of limiting download coming thro' eth0 and also shape traffic from the local machine going out to the LAN on eth1. In case you want to limit download from the local machines to nodes on eth0 and eth1, apply QoS on both interfaces. Bridging does not affect or help this in any way. Ethernet interfaces do not need to have IP addresses for QoS to be applied in Linux. I've used htb-init with bridge-nf which has been documented in the LEAF Bering user manual. In case you have any questions, I'll be glad to answer them as the maintainer of that part of the documentation. HTH. Warm regards Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Wildgoose Sent: Wednesday, June 16, 2004 9:23 PM To: [EMAIL PROTECTED] Subject: [LARTC] QOS Script difficulty on bridge I'm playing with the rather excellent QOS script from Alexander Clouter at http://digriz.org.uk/jdg-qos-script/ So far I am really impressed with it - a very impressive example of the power of linux QOS rules (has pretty much everything in it from the LARTC Howto!) However, the instructions hint that for QoS to affect locally generated traffic in a non ethernet bridge setup you must have IMQ. Now, I *DO* have a bridged config (br - eth0 eth1), but I can't see how I can set things up so that traffic from the local machine suffers the effect of the QOS limitations (on download) without using IMQ. More broadly, can *anyone* see how it might be possible to limit the download rate to a local machine running as a bridge, without using IMQ? (err, and not using the policer either, I want an HTB qdisk running on the download traffic - I just want to know if I am missing something obvious about the way the bridge works) Just for reference only the bridge has an ip address, both physical interfaces are anonymous. Thanks for any pointers. Ed W P.S. Anyone using this script on 2.6 with a bridge needs to be aware that the syntax for tc has changed. You can't use tc -i eth0 anymore, you need tc -i br0 -m physdev --physdev-in eth0. And the same for -o. Hope that helps anyone who tries the script out ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/