[LARTC] throttle lan client only
I have the below example working on tagging a "source" and throttling all the clients for traffic control. However, I need to throttle a specific client on the lan side only. The solution could be with or with out the use of iptables, it doesn't matter. this works: eth0=wan eth1=lan --- ### # tag all incoming SYN packets through $DEV as mark value 1 ### iptables --append PREROUTING --in-interface eth0 --table mangle \ --protocol tcp --source download.fedora.redhat.com \ --source-port 1:65535 \ --jump MARK --set-mark 0x1 # install the ingress qdisc on the ingress interface tc qdisc add dev eth0 handle : ingress # utilize ingress qdisc tc filter add dev eth0 parent : protocol ip prio 50 handle \ 0x1 fw police rate 1kbit burst 1500 mtu 9k drop flowid :0x1 --- I have tried several options, some of which were to simply add the --destination option to the iptables statement. Others are a mix of experimental tc cmds. I am not having success. Any help would be most appreciated. Thank You --Karl MailKey: GUINNESS ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Traffic Control Diagnostic Graphing Utility
hi jason, this is the output: tc -s class show dev eth1 class htb 1:11 parent 1:1 prio 1 rate 40Kbit ceil 110Kbit burst 1650b cburst 1739b Sent 1116054 bytes 6654 pkts (dropped 0, overlimits 0) lended: 6654 borrowed: 0 giants: 0 tokens: 256479 ctokens: 98443 class htb 1:1 root rate 110Kbit ceil 110Kbit burst 1739b cburst 1739b Sent 493178799 bytes 2213090 pkts (dropped 0, overlimits 0) rate 6880bps 30pps lended: 1793498 borrowed: 0 giants: 0 tokens: 97512 ctokens: 97512 class htb 1:10 parent 1:1 prio 0 rate 50Kbit ceil 110Kbit burst 1663b cburst 1739b Sent 140 bytes 2 pkts (dropped 0, overlimits 0) lended: 2 borrowed: 0 giants: 0 tokens: 204799 ctokens: 97512 class htb 1:13 parent 1:1 leaf 130: prio 2 rate 10Kbit ceil 110Kbit burst 1611b cburst 1739b rate 6887bps 30pps lended: 412936 borrowed: 1793498 giants: 0 tokens: -1154560 ctokens: 97512 class htb 1:12 parent 1:1 leaf 120: prio 2 rate 10Kbit ceil 110Kbit burst 1611b cburst 1739b Sent 0 bytes 0 pkts (dropped 0, overlimits 0) lended: 0 borrowed: 0 giants: 0 tokens: 1031680 ctokens: 101235 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- tc -s qdisc show dev eth1 qdisc sfq 130: quantum 1514b perturb 10sec Sent 495698153 bytes 2225223 pkts (dropped 506, overlimits 0) backlog 5p qdisc sfq 120: quantum 1514b perturb 10sec Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc htb 1: r2q 10 default 13 direct_packets_stat 0 Sent 496814347 bytes 2231879 pkts (dropped 506, overlimits 347211) backlog 5p qdisc ingress : Sent 1591565024 bytes 8913161 pkts (dropped 0, overlimits 0) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- That's all... many thanks for your help. Magin Jason, i tried to send this msg to your private mail account but your server reject me >>> Remote host said: 550 5.7.1 Rejected: 217.127.143.88 listed at list.dsbl.org is my IP in a black list? how can i remove it from this list ? ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Traffic Control Diagnostic Graphing Utility
hi Jason, and thx for your perl script. but i can't do it work. I can't use perl, so i feel myself an idiot :( the script answer this error: Use of uninitialized value in hash element at polltc_eth1 line 126. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in hash element at polltc_eth1 line 159. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in hash element at polltc_eth1 line 126. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in hash element at polltc_eth1 line 126. Use of uninitialized value in string eq at polltc_eth1 line 159. Use of uninitialized value in string eq at polltc_eth1 line 159. Can't use an undefined value as an ARRAY reference at polltc_eth1 line 327. the Line 126 is: $stats{ $id } = { the line 159 is: if( $type eq "root" ) { and the line 327 is: if( scalar( @{ $child_hash{ $foo } } ) > 0 ) { TIA, Magin Lopez. ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] graphics HTB
Am Wednesday 27 October 2004 15:43 schrieb emo terziev: > how can i generate grafics from output file? The graphics itself are generated by GraphViz. In Gentoo, install it with 'emerge graphviz'. If you have another distro, check if it provides a GraphViz package and install that. Otherwise you can download it directly from http://www.graphviz.org/ Example invocation: ~> tc-graph.pl > eth1.dot ~> dot -Tpng -o eth1.png eth1.dot HTH Andreas ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] graphics HTB
hi Andreas, how can i generate grafics from output file? script dump one big one list ... this is only part of list "3:a390" -> "a390:" [style=bold,color=green]; "3:a391" -> "a391:" [style=bold,color=green]; "3:a392" -> "a392:" [style=bold,color=green]; "3:a393" -> "a393:" [style=bold,color=green]; "3:a394" -> "a394:" [style=bold,color=green]; "3:a395" -> "a395:" [style=bold,color=green]; "3:a396" -> "a396:" [style=bold,color=green]; "3:a397" -> "a397:" [style=bold,color=green]; "3:a398" -> "a398:" [style=bold,color=green]; "3:a399" -> "a399:" [style=bold,color=green]; "3:a400" -> "a400:" [style=bold,color=green]; "3:a401" -> "a401:" [style=bold,color=green]; "4:" -> "4:10" [style=bold,color=red]; "4:10" -> "4:401" [color=black]; "4:10" -> "4:d001" [color=black]; "4:10" -> "4:d002" [color=black]; "4:10" -> "4:d003" [color=black]; On Tue, 26 Oct 2004 17:55:27 +0200, Andreas Klauer <[EMAIL PROTECTED]> wrote: > Am Tuesday 26 October 2004 16:16 schrieb emo terziev: > > Hi > > is it any tool like show.pl by Stef Coene to generate graph with > > classes but for HTB > > Based on show.pl: > http://www.metamorpher.de/files/tc-graph.pl > > Example graph: > http://www.metamorpher.de/files/fairnat.png (big!) > > Use at your own risk only, the script is known to cause kernel panics. > > HTH > Andreas > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Traffic Control Diagnostic Graphing Utility
Hi Jason, I'm trying your script with munin. But I can't make it work. Here you have the error I get: munin-run polltc_eth0 Use of uninitialized value in hash element at /etc/munin/plugins/polltc_eth0 line 126. Use of uninitialized value in string eq at /etc/munin/plugins/polltc_eth0 line 159. Use of uninitialized value in string eq at /etc/munin/plugins/polltc_eth0 line 159. Use of uninitialized value in hash element at /etc/munin/plugins/polltc_eth0 line 126. Use of uninitialized value in string eq at /etc/munin/plugins/polltc_eth0 line 159. Use of uninitialized value in string eq at /etc/munin/plugins/polltc_eth0 line 159. Can't use an undefined value as an ARRAY reference at /etc/munin/plugins/polltc_eth0 line 327. polltc_eth0 is linked to polltc_ as explained in the Readme. And It is modified to point to /sbin/tc. I'm checking polltc_ to see if something else need to be modified. Best regards. Jason Boxman writes: I wrote a Perl script to poll `tc` for traffic control statistics (just bytes presently) for leaf qdiscs. The information is fed to either RRDTool or Munin[2], depending on what parameter is passed to the script. If the option for a RRD database is used, graphs[3][4] are written to disk for each ten second polling interval. If invoked via Munin[2], it handles graphing and samples at five minute intervals. [1] http://ee-staff.ethz.ch/~oetiker/webtools/rrdtool/ [2] http://www.linpro.no/projects/munin/ [3] http://trekweb.com/~jasonb/images/eth0-24-tc.png [4] http://trekweb.com/~jasonb/images/eth0-1-tc.png The aim is to graphically represent bandwidth utilization for each leaf class to help diagnose issues with misclassification, performance, and for long term profiling. The script is available[5] here. The included README explains basic configuration. [5] http://trekweb.com/~jasonb/code/polltc-1.0.tar.gz I hope someone else finds it useful. Comments welcome. -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] graphics HTB
Ok i will try it ... graphics look excactly what i need. Regards Emil On Tue, 26 Oct 2004 17:55:27 +0200, Andreas Klauer <[EMAIL PROTECTED]> wrote: > Am Tuesday 26 October 2004 16:16 schrieb emo terziev: > > Hi > > is it any tool like show.pl by Stef Coene to generate graph with > > classes but for HTB > > Based on show.pl: > http://www.metamorpher.de/files/tc-graph.pl > > Example graph: > http://www.metamorpher.de/files/fairnat.png (big!) > > Use at your own risk only, the script is known to cause kernel panics. > > HTH > Andreas > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Limiting Bandwidth of an ppp interfaces
Hi everyone. I'm working on a problem since some days. I have a linux router with about 100 ppp interfaces. Each interface should bei limited to an individual bandwidth of 1024kbit, 2048kbit or 3096kbit. Up AND downstream. (let's say for example 1024kbit upstream and 1024kbit downstream) The reason for this problem: I have to limit users to their booked bandwidth, because there are hard rules, who is allowed to use which kind of bandwidth. but some users used their 1024kbit login data with an 3096kbit dsl line and of course they got the whole 3mbit bandwidth for downloads/uploads. So i MUST limit the users to a hard limit of bandwidth. no fair dealing or something else. just a hardlimit for bandwidth. User X (pppX) get's 1024kbit of bandwidth. no more nor less. Another problem is, that behind an ppp interface there are some /29 net of ip-adresses. So i am not able to filter by ip address. i have to filter by interface. but i just don't know how to deal with the problem Traffic shaping works only for egress traffic, doesn't it? Did anybody worked on the same problem before or can provide a solution for this? Regards Florian Taeger ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wonder shaper
Am Wednesday 27 October 2004 01:58 schrieb Vicky: > what's difference between wonder shaper and htb/tc? tc is a general traffic control configuration utility. htb is one of the many schedulers (qdiscs). wondershaper is a shell script that executes tc commands to set up traffic shaping with cbq or htb. HTH Andreas ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/