[LARTC] Lamer needs help for basic tc setup
Hi fellows, i'm just a newbie to use the cool tc and played around the last 2 weeks. I'm quite confident - in theory - what's possible and the basic difference between the queuing disciplines. We're using a Fedora Core 3 box as Gateway (iptables,tc,iproute2 with NAT). Clients are coming in via eth1 and outgouing traffic (2Mbit/s SDSL) through eth0. So we would like to enable bandwidth limitation per-user, so i just used several scripts (htp from sourceforge,cbq.init ,wondershaper etc). (Each client: Downstream max 128kbit/s, Upstream max 90kbit/s) Shaping is working fine if i mark this specific source with a iptables rule, but as soon i apply multiple different source ip's to mark it within the same queue, all are sharing my limitation and i thought each of them will get the rate-limiting. Example firewall rule: $IPTABLES -t mangle -A FORWARD -s ! 10.0.0.30 -d 10.0.0.30 -j MARK --set-mark 1 #downstream $IPTABLES -t mangle -A FORWARD -s 10.0.0.30 -j MARK --set-mark 2 #upstream I also tried the u23 matching within tc, but same effect, i'm also not sure if i can use this kind of matching in a nat environment ? I'm really done, no ideas what i'm doing wrong ! BTW: Anyone using tcng on FC3 and kernel 2.6x :-) My tc output: * ### eth0: queueing disciplines qdisc cbq 1: rate 2Mbit (bounded,isolated) prio no-transmit qdisc tbf 90: parent 1:90 rate 90Kbit burst 10Kb lat 444.4ms ### eth0: traffic classes class cbq 1: root rate 2Mbit (bounded,isolated) prio no-transmit class cbq 1:90 parent 1: leaf 90: rate 90Kbit (bounded) prio 5 class tbf 90:1 parent 90: ### eth0: filtering rules filter parent 1: protocol ip pref 200 fw filter parent 1: protocol ip pref 200 fw handle 0x2 classid 1:90 ### eth1: queueing disciplines qdisc cbq 1: rate 10Mbit (bounded,isolated) prio no-transmit qdisc tbf 128: parent 1:128 rate 128Kbit burst 10Kb lat 312.5ms ### eth1: traffic classes class cbq 1: root rate 10Mbit (bounded,isolated) prio no-transmit class cbq 1:128 parent 1: leaf 128: rate 128Kbit (bounded) prio 5 class tbf 128:1 parent 128: ### eth1: filtering rules filter parent 1: protocol ip pref 200 fw filter parent 1: protocol ip pref 200 fw handle 0x1 classid 1:128 ### eth2: queueing disciplines qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 THANKS for any hints Cheers Geri ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Shaping incoming bandwidth
Hello Everyone, i'm having problem in limiting bandwith on my external interface in the server. i'm having a network here which is online via a linux server with cbq compiled in kernel. i'm having eth0 as internal network card, eth 1 as external network card my internet bandwith line is 8kbps on eth1 i want to limit this 8kbps to 4kbps at eth1 and no shaping on eth0 i tried earlier this with cbq.init script... but all in vain. i don wanna compile kernel for htb support... i think i wud have to use tc and ingress qdisc can anyody help with the commands help out .-- RegardsAnkur JainFate determines who comes into our lives ... Heart determines who stays... ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] nesting htbs
On Fri, 10 Jun 2005 00:02:42 +0100
Andy Furniss [EMAIL PROTECTED] wrote:
Edward Smith wrote:
Hello all,
I am running a coop satellite link for my aviation company here in
Iraq. (silly blog www.stardotstar.org). I am running tc with htb
with good success so far. I am working on improving it though and
need some help. Currently I have just 4 classes, syn/ack/ping,
webchat, http, and then other. We are really happy with how this has
improved our ability to call home from our rooms and do video chat.
However, I would like to do a better job of making sure that each
IP is getting a fair share because it seems like sometimes one video
or audio chat bullies another one into slowing down and one guy is
having a great video and audio feed while someone elses audio only is
suffering. I've seen some references to wrr and also to making a
class for each IP. There doesn't seem to be much current documention
on wrr, so I'm trying to set up nested htbs. Here are my questions:
1. Which makes more sense, to nest my 4 classes of traffic inside of a
class for each IP, or to make a class for each IP in each of my 4
classes. I'm leaning towards the latter so that someones web traffic
can't borrow from the interactive traffic classes.
I would do the latter also. I would have just one interactive class and
give it a rate that is say 3/4 of the ceil, the bulk classes can still
borrow the unused.
2. I've done a test, and can't get any traffic into the nested
classes. Here is my code:
#1:20 LOW DELAY--CHAT DATA
#includes the minimize delay FW TOS
tc class add dev ${UPDEV} parent 1:1 classid 1:20 htb rate 200kbit
ceil ${UPCEIL}kbit burst 6k prio 1
tc filter add dev ${UPDEV} protocol ip parent 1: pref 20 u32\
match ip tos 0x10 0xff flowid 1:20
tc filter add dev ${UPDEV} protocol ip parent 1: pref 21 handle 5 fw
classid 1:20
tc filter add dev ${UPDEV} protocol ip parent 1: pref 21 handle 6 fw
classid 1:20
so marking is thing that i need for limiting NATed uploads to internet ?
when limiting downloads i do not need marking ?
am i right ?
--
*Dariusz 'tdi' Dwornikowski | Gentoo | admin at pozman.pl |
*[JID]:[EMAIL PROTECTED]|[gg]:2266034|[IRC]:[EMAIL PROTECTED] |
*[MAIL]:[EMAIL PROTECTED]|[WWW]:www.tdi.pozman.pl |
*Serwery,administracja,webapps - www.ProAdmin.com.pl |
*Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F |
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Multiple gateways
Hello, Since I could not figure out my previous problem, let me ask in a different way. I have 3 networks inside my LAN. They are 172.16.55.0/24 , 172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as an alias. I also have 2 uplinks to different ISPs. One of them is leased line and the other one is ADSL. One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1 and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3. I am trying to split my internal networks to these two providers. So, iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE This is what I am trying to set up. I also looked at the lartc.org and tried to implement split access. ip route add default scope global nexthop via 81.8.124.17 dev eth1 weight 1 nexthop via 172.18.10.2 dev eth3 weight 1 This command works if I ping from the linux router itself. It chooses a path and successfully returns ping results. But the NAT does not work. I got a message; MASQUERADE : Route sent us somewhere else. What would be the solution to this problem? Best Regards, ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Multiple gateways
Hi! I had a similar problem, two internal networks and two links. I had to apply the patch at http://www.ssi.bg/~ja/routes-2.4.29-9.diff. It seems the packets got a source address while masquerading and when they are routed outbound the source address doesn't match the link address. MAYBE, just MAYBE, the problem can also be solved if you use SNAT instead of MASQUERADING. I hope this helps. Edésio On Fri, Jun 10, 2005 at 03:54:30PM +0300, aristo7514 aristo7514 wrote: Hello, Since I could not figure out my previous problem, let me ask in a different way. I have 3 networks inside my LAN. They are 172.16.55.0/24 , 172.16.56.0/24 and 172.16.57.0/24 respectively. They all use eth0 as an alias. I also have 2 uplinks to different ISPs. One of them is leased line and the other one is ADSL. One of my uplink is 81.8.120.18/30 with gateway 81.8.120.17 on eth1 and the other one is 172.18.10.30/24 with gateway 172.18.10.2 on eth3. I am trying to split my internal networks to these two providers. So, iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE iptables -t nat -A POSTROUTING -s 172.16.56.0/24 -i eth3 -j MASQUERADE iptables -t nat -A POSTROUTING -s 172.16.55.0/24 -i eth1 -j MASQUERADE This is what I am trying to set up. I also looked at the lartc.org and tried to implement split access. ip route add default scope global nexthop via 81.8.124.17 dev eth1 weight 1 nexthop via 172.18.10.2 dev eth3 weight 1 This command works if I ping from the linux router itself. It chooses a path and successfully returns ping results. But the NAT does not work. I got a message; MASQUERADE : Route sent us somewhere else. What would be the solution to this problem? Best Regards, ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Grief can take care of itself, but to get the full value of a joy you must have somebody to divide it with. -- Mark Twain ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] HTB lended and borrowed
Running tc -s class show dev eth1 against an HTB qdisc results in the output of class summaries similar to this: class htb 1:10 parent 1:1 leaf 10: prio 0 rate 15bit ceil 1466Kbit burst 2Kb cburst 2Kb Sent 158641651 bytes 771351 pkt (dropped 0, overlimits 0 requeues 0) rate 8064bit 7pps backlog 0b 0p requeues 0 lended: 680985 borrowed: 90366 giants: 0 tokens: 173443 ctokens: 17746 Does anyone know the units of measurement for the reported lended and borrowed values? -- Emmet Ford Lancer Insurance Company +1 516.431.4441 Ext. 3233 [EMAIL PROTECTED] === The information contained in this communication may be confidential, is intended only for the use of the recipient(s) named above, and may be legally privileged. You are hereby notified that any dissemination, distribution or copying of this communication and any of its contents or attachments is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this message and please delete this message from all computers and servers. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HTB lended and borrowed
They are in terms of number of packets and I think the packet size would be set by the mtu specified in htb. I am not very sure though :) On 6/10/05, Emmet Ford [EMAIL PROTECTED] wrote: Running tc -s class show dev eth1 against an HTB qdisc results in the output of class summaries similar to this: class htb 1:10 parent 1:1 leaf 10: prio 0 rate 15bit ceil 1466Kbit burst 2Kb cburst 2Kb Sent 158641651 bytes 771351 pkt (dropped 0, overlimits 0 requeues 0) rate 8064bit 7pps backlog 0b 0p requeues 0 lended: 680985 borrowed: 90366 giants: 0 tokens: 173443 ctokens: 17746 Does anyone know the units of measurement for the reported lended and borrowed values? -- Emmet Ford Lancer Insurance Company +1 516.431.4441 Ext. 3233 [EMAIL PROTECTED] === The information contained in this communication may be confidential, is intended only for the use of the recipient(s) named above, and may be legally privileged. You are hereby notified that any dissemination, distribution or copying of this communication and any of its contents or attachments is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this message and please delete this message from all computers and servers. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HTB lended and borrowed
On Fri, Jun 10, 2005 at 09:42:47AM -0400, Emmet Ford wrote: class htb 1:10 parent 1:1 leaf 10: prio 0 rate 15bit ceil 1466Kbit burst 2Kb cburst 2Kb Sent 158641651 bytes 771351 pkt (dropped 0, overlimits 0 requeues 0) rate 8064bit 7pps backlog 0b 0p requeues 0 lended: 680985 borrowed: 90366 giants: 0 tokens: 173443 ctokens: 17746 Does anyone know the units of measurement for the reported lended and borrowed values? packets -- Emmet Ford Lancer Insurance Company +1 516.431.4441 Ext. 3233 [EMAIL PROTECTED] -- _,-=._ /|_/| `-.} `=._,.-=-._., @ @._, `._ _,-. ) _,.-' `G.m-^m`m'Dmytro O. Redchuk ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] RTNETLINK answers: File exists
how can i get rid of that ?? i do del roots before scripting. -- *Dariusz 'tdi' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:[EMAIL PROTECTED]|[gg]:2266034|[IRC]:[EMAIL PROTECTED] | *[MAIL]:[EMAIL PROTECTED]|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] testing techniques for checking the effectiveness of changes made to sch_gred.c
Hi,
I have made some changes to the file sch_gred.c to modify the GRED
queueing discipline to support the following features:
1) The first virtual queue should get absolute priority while
dequeueing (not caring if the others get starved)
2) While in equalise mode and with RIO mode enabled, the packets in
the first virtual queue should not be counted for calculating the
qave.
I want to confirm if the changes made by me are really effective. I
would be grateful if someone could let me know about any testing
techniques that can be followed for confirming that the changes are
really effective.
It would be great if someone could also let me know if the logic that
I have applied to effect these changes is correct.
My logic is as follows:
1) Since the process deals with dequeueing, i have to make changes to
gred_dequeue only. If t-tab[0] != 0 then we dequeue the packet
otherwise do not dequeue it.
2)
if (t-eqp t-grio) {
for (i=0;it-DPs;i++) {
if ((!t-tab[i]) || (i==q-DP) || (i==0))
continue;
if ((t-tab[i] != q)
(PSCHED_IS_PASTPERFECT(t-tab[i]-qidlestart)))
qave +=t-tab[i]-qave;
}
Regards,
Rahul
--
--
The fear you let build up in your mind is worse than the situation
that actually exists
from who moved my cheese
-
Rahul Hari
Senior Under Grad. Student,
Department of CSE,
ITBHU,
Varanasi.
Ph: +91-9845347020
[EMAIL PROTECTED]
--
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] RTNETLINK answers: File exists
Dariusz Dwornikowski wrote: how can i get rid of that ?? i do del roots before scripting. del ingress? -- gypsy ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
