Re: [LARTC] shaping passive ftp traffic
I coud possibly help but I'm using tc + htb and dont know anything about wondershaper. If you want a script I could do it for you. - Original Message - From: nix4me [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 21, 2004 2:42 AM Subject: [LARTC] shaping passive ftp traffic Hi, I have tried unsuccesfully to limit my ftp server send speed in linux. I have an ipcop linux firewall/router with 2 nics. 1 nic (eth1) is connected to a 3mbit/384Kbit cable connection and the other (eth0) a switch. Behind it i have a suse linux box and a windows box. On the suse box i run proftpd. I need to shape my passive ftp send speed to 34KBytes because if it is maxed out at 45K it slows down all surfing on the entire network. I have tried running wondershaper-htb on the ipcop firewall and it limits my upload speed, but it still seems to slow down everything else a little bit. I notice a slow www experience however my ping times are good. Is there a simple way to just put a limit on the traffic coming from the passive ports (5-51000) from my proftpd computer? I just want to set a limit on ftp and not affect anything else. I have looked at all the documentation and I must admit that I dont understand any of it. It all seems to be too complicated for my needs. I hope someone out there is doing what I am trying to do. Thanks, Mark ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] shaping passive ftp traffic
Have you tried limiting the maximum outgoing bandwidth in proftpd itself? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, July 21, 2004 10:25 AM To: lartc; nix4me Subject: Re: [LARTC] shaping passive ftp traffic I coud possibly help but I'm using tc + htb and dont know anything about wondershaper. If you want a script I could do it for you. - Original Message - From: nix4me [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 21, 2004 2:42 AM Subject: [LARTC] shaping passive ftp traffic Hi, I have tried unsuccesfully to limit my ftp server send speed in linux. I have an ipcop linux firewall/router with 2 nics. 1 nic (eth1) is connected to a 3mbit/384Kbit cable connection and the other (eth0) a switch. Behind it i have a suse linux box and a windows box. On the suse box i run proftpd. I need to shape my passive ftp send speed to 34KBytes because if it is maxed out at 45K it slows down all surfing on the entire network. I have tried running wondershaper-htb on the ipcop firewall and it limits my upload speed, but it still seems to slow down everything else a little bit. I notice a slow www experience however my ping times are good. Is there a simple way to just put a limit on the traffic coming from the passive ports (5-51000) from my proftpd computer? I just want to set a limit on ftp and not affect anything else. I have looked at all the documentation and I must admit that I dont understand any of it. It all seems to be too complicated for my needs. I hope someone out there is doing what I am trying to do. Thanks, Mark ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] shaping passive ftp traffic
No i didnt but I've seen that is possible to get ftp into one class and rest traffic to the other class while using tc + htb. My traffic shaping is done by ip. Have you tried limiting the maximum outgoing bandwidth in proftpd itself? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, July 21, 2004 10:25 AM To: lartc; nix4me Subject: Re: [LARTC] shaping passive ftp traffic I coud possibly help but I'm using tc + htb and dont know anything about wondershaper. If you want a script I could do it for you. - Original Message - From: nix4me [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 21, 2004 2:42 AM Subject: [LARTC] shaping passive ftp traffic Hi, I have tried unsuccesfully to limit my ftp server send speed in linux. I have an ipcop linux firewall/router with 2 nics. 1 nic (eth1) is connected to a 3mbit/384Kbit cable connection and the other (eth0) a switch. Behind it i have a suse linux box and a windows box. On the suse box i run proftpd. I need to shape my passive ftp send speed to 34KBytes because if it is maxed out at 45K it slows down all surfing on the entire network. I have tried running wondershaper-htb on the ipcop firewall and it limits my upload speed, but it still seems to slow down everything else a little bit. I notice a slow www experience however my ping times are good. Is there a simple way to just put a limit on the traffic coming from the passive ports (5-51000) from my proftpd computer? I just want to set a limit on ftp and not affect anything else. I have looked at all the documentation and I must admit that I dont understand any of it. It all seems to be too complicated for my needs. I hope someone out there is doing what I am trying to do. Thanks, Mark ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] : HTB - Really Big problem
I've found that i have messagess like this in /var/log/messages: Jul 20 20:11:26 (none) last message repeated 9 times Jul 20 20:11:30 (none) kernel: NET: 173 messages suppressed. Jul 20 20:11:30 (none) kernel: dst cache overflow Jul 20 20:12:59 (none) kernel: NET: 14 messages suppressed. - Original Message - From: [EMAIL PROTECTED] To: lartc [EMAIL PROTECTED] Sent: Tuesday, July 20, 2004 6:28 PM Subject: Re: [LARTC] Fw: HTB - Really Big problem Here are the stats. If you want full stats please write then i'll send as attachment but it is 0,5MB. tc qdisc show qdisc sfq 3: dev eth0 quantum 1514b perturb 10sec qdisc sfq 138: dev eth0 quantum 1514b perturb 10sec qdisc sfq 53: dev eth0 quantum 1514b perturb 10sec qdisc sfq 54: dev eth0 quantum 1514b perturb 10sec qdisc sfq 140: dev eth0 quantum 1514b perturb 10sec qdisc sfq 137: dev eth0 quantum 1514b perturb 10sec .. qdisc sfq 11: dev eth0 quantum 1514b perturb 10sec qdisc sfq 10: dev eth0 quantum 1514b perturb 10sec qdisc sfq 9: dev eth0 quantum 1514b perturb 10sec qdisc htb 2: dev eth0 r2q 1 default 4 direct_packets_stat 0 qdisc sfq 3: dev eth1 quantum 1514b perturb 10sec qdisc sfq 138: dev eth1 quantum 1514b perturb 10sec . qdisc sfq 10: dev eth1 quantum 1514b perturb 10sec qdisc sfq 9: dev eth1 quantum 1514b perturb 10sec qdisc htb 1: dev eth1 r2q 1 default 2 direct_packets_stat 2 EOF tc filter show dev eth1: filter parent 1: protocol ip pref 49151 u32 filter parent 1: protocol ip pref 49151 u32 fh 831: ht divisor 1 filter parent 1: protocol ip pref 49151 u32 fh 831::800 order 2048 key ht 831 bkt 0 flowid 1:3 match c0a80502/ at 16 filter parent 1: protocol ip pref 49151 u32 fh 830: ht divisor 1 filter parent 1: protocol ip pref 49151 u32 fh 830::800 order 2048 key ht 830 bkt 0 flowid 1:138 match 3e57c18a/ at 16 filter parent 1: protocol ip pref 49151 u32 fh 82f: ht divisor 1 filter parent 1: protocol ip pref 49151 u32 fh 82f::800 order 2048 key ht 82f bkt 0 flowid 1:53 match c0a80235/ at 16 filter parent 1: protocol ip pref 49151 u32 fh 82e: ht divisor 1 filter parent 1: protocol ip pref 49151 u32 fh 82e::800 order 2048 key . #many lines filter parent 1: protocol ip pref 49152 u32 fh 802: ht divisor 1 filter parent 1: protocol ip pref 49152 u32 fh 802::800 order 2048 key ht 802 bkt 0 flowid 1:11 match c0a8010b/ at 16 filter parent 1: protocol ip pref 49152 u32 fh 801: ht divisor 1 filter parent 1: protocol ip pref 49152 u32 fh 801::800 order 2048 key ht 801 bkt 0 flowid 1:10 match c0a8010a/ at 16 filter parent 1: protocol ip pref 49152 u32 fh 800: ht divisor 1 filter parent 1: protocol ip pref 49152 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:9 match c0a80109/ at 16 tc filter show dev eth0: tc filter show dev eth0 filter parent 2: protocol ip pref 1 fw filter parent 2: protocol ip pref 1 fw handle 0x3 classid 2:3 filter parent 2: protocol ip pref 1 fw handle 0x8 classid 2:8 filter parent 2: protocol ip pref 1 fw handle 0x9 classid 2:9 filter parent 2: protocol ip pref 1 fw handle 0xa classid 2:10 filter parent 2: protocol ip pref 1 fw handle 0xb classid 2:11 filter parent 2: protocol ip pref 1 fw handle 0xc classid 2:12 filter parent 2: protocol ip pref 1 fw handle 0xf classid 2:15 filter parent 2: protocol ip pref 1 fw handle 0x11 classid 2:17 ...#many lines filter parent 2: protocol ip pref 1 fw handle 0x97 classid 2:151 filter parent 2: protocol ip pref 1 fw handle 0x98 classid 2:152 filter parent 2: protocol ip pref 1 fw handle 0xbd classid 2:189 tc class show dev eth1: class htb 1:11 parent 1:1 leaf 11: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:22 parent 1:1 leaf 22: prio 0 rate 17Kbit ceil 250Kbit burst 1620b ... class htb 1:189 parent 1:1 leaf 189: prio 0 rate 17Kbit ceil 128Kbit burst 1620b cburst 1762b class htb 1:1 root rate 900Kbit ceil 900Kbit burst 2751b cburst 2751b class htb 1:10 parent 1:1 leaf 10: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:23 parent 1:1 leaf 23: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:32 parent 1:1 leaf 32: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:54 parent 1:1 leaf 54: prio 0 rate 17Kbit ceil 64Kbit burst 1620b cburst 1680b class htb 1:2 parent 1:1 prio 0 rate 10Kbit ceil 10Kbit burst 1611b cburst 1611b class htb 1:20 parent 1:1 leaf 20: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:64 parent 1:1 leaf 64: prio 0 rate 17Kbit ceil 250Kbit burst 1620b class htb 1:59 parent 1:1 leaf 59: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b class htb 1:58 parent 1:1 leaf 58: prio 0 rate 17Kbit ceil 250Kbit burst 1620b cburst 1919b tc class show dev eth0: class htb 2:11 parent 2:1 leaf 11: prio 0 rate 15Kbit ceil 100Kbit burst 1618b cburst 1727b class htb 2:22 parent 2:1 leaf 22: prio 0 rate
[LARTC] tc script stopped working
I've used tc in the past for shaping, upon learning of tcng, I redid my config, and load it using tcc. I thought this was great, as the new script is much easier to maintain, and is so much simpler. The new script was working for about a week, then it stopped working. I now get this error: can't dump subexpression (if_u32.c, unsupported offset sequence - please try to reorder matches) []--[offset]--[==]--[]--[access]-- (none) | | | |+ 0 | | | |` 16 | | | `--- 65535 | | ` 22 | `[]--[]--[access]-- (none) | | |+ 0 | | |` 8 | | `--- 15 | ` 2 `[]--[==]--[]--[access]-- (none) | | |+ 1 | | |` 8 | | `--- 16 | ` 16 ` class 1:a I'm not sure when or why it stopped working, but I have a habit of doing apt-get update;apt-get upgrade on debian unstable and not paying attention to what gets updated.. so I may have gotten a new version of tcng without realizing it. Anyway, to get to the point, it is not obvious to me which line is causing the trouble from that error message. Without knowing which line to focus on, its hard for me to proceed with troubleshooting. Could any of you who are more familiar with tcng help me with this error? Thanks, Jason ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc script stopped working
On Wednesday 21 July 2004 16:54, [EMAIL PROTECTED] wrote: I've used tc in the past for shaping, upon learning of tcng, I redid my config, and load it using tcc. I thought this was great, as the new script is much easier to maintain, and is so much simpler. The new script was working for about a week, then it stopped working. I now get this error: can't dump subexpression (if_u32.c, unsupported offset sequence - please try to reorder matches) This is due to an unresolved bug that is now simply fatal to encounter. (It failed silently before.) You're matching for something, like a tcp_ACK flag, before doing something like an ip_len match. Since the latter comes first in the packet, you need to match for it first in your configuration. At least, that's what I recall the correct solution was. snip I'm not sure when or why it stopped working, but I have a habit of doing apt-get update;apt-get upgrade on debian unstable and not paying attention to what gets updated.. so I may have gotten a new version of tcng without realizing it. You did. You may wish to install apt-listchanges to view the full changelog for each package when you do an `apt-get upgrade` in the future. Anyway, to get to the point, it is not obvious to me which line is causing the trouble from that error message. Without knowing which line to focus on, its hard for me to proceed with troubleshooting. It's some line where you match into the header for some TCP, et al. option and then later try to match some IP header option. Could any of you who are more familiar with tcng help me with this error? Thanks, Jason ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] kernel assertion error
I'm running 2.6.7 + (julian's multi-path patch) + IMQ (imq2+beta6) and I got the following on my console while doing some stress testing: KERNEL: assertion (tp-retrans_out == 0) failed at net/ipv4/tcp_input.c (1827) I don't know what I would do to try to reproduce this condition; it only appeared once. tcp_input.c sounds deep enough to scare me off from looking ... So, I wonder if this error has any significance to anyone listening on the list, and what, if anything, I should do about it. Thanks -- Glen Mabey -- ** Glen W. Mabey [EMAIL PROTECTED] http://mabeys.homelinux.com/glen/ ** ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] list archive anomaly
At the list archive page (http://mailman.ds9a.nl/pipermail/lartc/) there is an amazing message from the future: the year 2032 (q1). Not that I know anything about mailman, but someone might want to maintain that. -- ** Glen W. Mabey [EMAIL PROTECTED] http://mabeys.homelinux.com/glen/ ** ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/