[LARTC] imq + htb
Hi, i am running imq + htb on my router , the situation is like this eth0 = uplink to my provider eth1 = 1st customer eth2 = 2nd customer eth3 = 3th customer eth0 has limit 512 and i want to share this between eth1 eth2 and eth3 , but not working , this is the script i used, \\\ #!/bin/sh PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin iptables -t mangle -F 2>/dev/null iptables -t mangle -X 2>/dev/null iptables -t mangle -N markov iptables -t mangle -I PREROUTING -j markov iptables -t mangle -N markov2 iptables -t mangle -I POSTROUTING -j markov2 tc qdisc del dev imq0 root >/dev/null 2>&1 tc qdisc del dev imq1 root >/dev/null 2>&1 #bring up the imq0 ip link set dev imq0 up #marking of incoming from eth1,eth2,eth3 iptables -t mangle -A markov -i eth1 -j MARK --set-mark 1 iptables -t mangle -A markov -i eth2 -j MARK --set-mark 2 iptables -t mangle -A markov -i eth3 -j MARK --set-mark 3 #forward it to imq0 iptables -t mangle -A PREROUTING -i eth1 -j IMQ --todev 0 iptables -t mangle -A PREROUTING -i eth2 -j IMQ --todev 0 iptables -t mangle -A PREROUTING -i eth3 -j IMQ --todev 0 tc qdisc add dev imq0 root handle 10: htb default 20 tc class add dev imq0 parent 10: classid 10:2 \ htb rate 512Kbit ceil 512Kbit # #class for eth1 tc class add dev imq0 parent 10:2 classid 10:21 htb rate 128Kbit ceil 512Kbit # mark tc filter add dev imq0 parent 10:2 protocol ip prio 1 handle 1 fw classid 10:21 tc qdisc add dev imq0 parent 10:21 sfq perturb 15 ### # class for eth2 tc class add dev imq0 parent 10:2 classid 10:22 htb rate 128Kbit ceil 512Kbit #mark tc filter add dev imq0 parent 10:2 protocol ip prio 1 handle 2 fw classid 10:22 tc qdisc add dev imq0 parent 10:22 sfq perturb 15 # # class for eth3 tc class add dev imq0 parent 10:2 classid 10:23 htb rate 128Kbit ceil 512Kbit #mark tc filter add dev imq0 parent 10:2 protocol ip prio 1 handle 3 fw classid 10:23 tc qdisc add dev imq0 parent 10:23 sfq perturb 15 ## ## # outgoing traffic to eth1,eth2,eth3 #bring up imq1 ip link set dev imq1 up #make marks iptables -t mangle -A markov2 -o eth1 -j MARK --set-mark 21 iptables -t mangle -A markov2 -o eth2 -j MARK --set-mark 22 iptables -t mangle -A markov2 -o eth3 -j MARK --set-mark 23 #forward it to imq1 iptables -t mangle -A POSTROUTING -o eth1 -j IMQ --todev 1 iptables -t mangle -A POSTROUTING -o eth2 -j IMQ --todev 1 iptables -t mangle -A POSTROUTING -o eth3 -j IMQ --todev 1 tc qdisc add dev imq1 root handle 10: htb default 20 tc class add dev imq1 parent 10: classid 10:2 htb rate 512Kbit ceil 512Kbit ## # class for eth1 tc class add dev imq1 parent 10:2 classid 10:21 htb rate 128Kbit ceil 512Kbit # mark tc filter add dev imq1 parent 10:2 protocol ip prio 1 handle 21 fw classid 10:21 tc qdisc add dev imq1 parent 10:21 sfq perturb 15 # class for eth2 tc class add dev imq1 parent 10:2 classid 10:22 htb rate 128Kbit ceil 512Kbit #mark tc filter add dev imq1 parent 10:2 protocol ip prio 1 handle 22 fw classid 10:22 tc qdisc add dev imq1 parent 10:22 sfq perturb 15 # #class for eth3 tc class add dev imq1 parent 10:2 classid 10:23 htb rate 128Kbit ceil 512Kbit #mark tc filter add dev imq1 parent 10:2 protocol ip prio 1 handle 23 fw classid 10:23 tc qdisc add dev imq1 parent 10:23 sfq perturb 15 ## ## But the traffic is unshaped, i think maybe somethink wrong with the filters becouse if i do tc -s class show dev imq0 or imq1 while uploading or downloading traffic doesnt get to right class. If i take look in iptables -t mangle -L -n -v the packets are marked well OUTPUT OF tc -s class show dev imq0 class htb 10:22 parent 10:2 leaf 8026: prio 0 rate 128000bit ceil 512000bit burst 1615b cburst 1.625Kb Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 0 borrowed: 0 giants: 0 tokens: 103424 ctokens: 26624 class htb 10:23 parent 10:2 leaf 8027: prio 0 rate 128000bit ceil 512000bit burst 1615b cburst 1.625Kb Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 lended: 0 borrowed: 0 giants: 0 tokens: 103424 ctokens: 26624 \ PARTIAL OUTPUT of iptables -t mangle -L -n -v Chain markov (1 references) pkts bytes target prot opt in out source destination 96 8578 MARK all -- eth1 * 0.0.0.0/0 0.0.0.0/0 MARK set 0x1 25004 36M MARK all -- eth2
Re: [LARTC] ip route add default mpath (rr| drr|random|wrandom)...
> > 2.6.14-rc2 comes with fixes for > > CONFIG_IP_ROUTE_MULTIPATH_CACHED, > > but i declare that my routing patches are not >compatible with this > > feature, until someone proves that both features > work together. > > Ok. I just wanted to know what are your patches supposed to do. I as far > as i know they help when i have multiply links attached to one interface - > for example 3 dsl modems attached to one switch and this switch to 1 > ethernet port in the serwer. > Can these patches do something more? In the previous mail i wrote that i'm not using patches from http://www.ssi.bg/~ja/ but actually i am. I was doing various experiments and finally ended with the patched kernel. But forgotten it ;) And this configuartion worked fine: kernel with patches from http://www.ssi.bg/~ja/ and with CONFIG_IP_ROUTE_MULTIPATH_CACHED=n. Kernel without these patches also works but not so good. Do not work or work bad: ftp, https, online communicators. I've not tested it too much but if it is true than i know now what these patches do. The route is not changed too fast so given connection to the remote serwer is always with the same route (isp, dsl, interface - so with the same source address). This is especially needed if login is required. Krzysiek -- Tak niesamowity CZAT... >>> http://link.interia.pl/f18ba ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Ceil Rate
You didn't set a ceil for 1:10, you only set a rate. when no ceil is specified, a subclass will borrow past its rate max if it can. You should use: tc class add dev eth1 parent 1:1 classid 1:10 htb rate 64kbit ceil 64kbit quantum 1501 And then it would use 64kbit as a hard cap, only going past it for short bursts when trying to maintain 64kbit as the average (cburst paramater can control this, but shouldn't be neccasary). - JodyOn 9/30/05, [EMAIL PROTECTED] <[EMAIL PROTECTED] > wrote:tc class add dev eth1 parent 1:1 classid 1:10 htb rate 64kbit quantum 1501 The problem is I often find the rate exceeding the ceil which is 64kbit for 1:10 when I ran this command:tc -s show class dev eth1I'm also using a script that captures the output of the above command andfeeds it to rrdtool to plot a graph of the usage and it also shows that the bandwidth being utilised exceeds 64kbit.How can ensure that this doesn't happen? Where did I go wrong with myconfig?Any help would be appreciated.Thanks.___ LARTC mailing listLARTC@mailman.ds9a.nlhttp://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] [ANNOUNCE] iproute2 version (050929)
There is an new minor update to iproute2 utilities available: http://developer.osdl.org/dev/iproute2/download/iproute2-050929.tar.gz Also, this (and future) releases are now signed, for key info read: http://developer.osdl.org/dev/iproute2/signature.html [Stephen Hemminger] Fix uninitialized memory and leaks Add -batch option to ip. Update to 2.6.14 headers [Arnaldo] Integrate support for DCCP into 'ss' [Mike Frysinger] Fix build issues with netem tables (parallel make and HOSTCC) [Eric Dumazet] Fix lnstat : First column should not be summed -- Stephen Hemminger <[EMAIL PROTECTED]> OSDL http://developer.osdl.org/~shemminger ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] two link
> if you cold send it to me... thanks.. :D It's actually pretty easy -- you just need to specify that all traffic going out that particular interface should be NATted. The only consideration, if you know you need to do NAT, is whether to use SNAT or MASQUERADE. Again, these are untested and off the top of my head. If you have a static IP: iptables -t nat -A POSTROUTING -j SNAT --to-source $LINK2_IP If you have a dynamic IP: iptables -t nat -A POSTROUTING -j MASQUERADE See the iptables manpage for why MASQUERADE should be used for dynamic IPs. -Corey ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Dequeue
Hi, Does the 'tc' tool show dequeue statistics? If so what switches does one use to see this. If not which is the best way to see these statistics? Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Ceil Rate
Hi all, I just recently began using HTB to try and manage bandwidth for my network. This is the script I'm using: /sbin/iptables -t mangle -A FORWARD -o eth1 -s ! 192.168.244.2 -j MARK --set-mark 53 tc qdisc add dev eth1 root handle 1: htb default 20 tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit burst 131072k quantum 59000 tc class add dev eth1 parent 1:1 classid 1:10 htb rate 64kbit quantum 1501 tc class add dev eth1 parent 1:1 classid 1:20 htb rate 1kbit ceil 100mbit burst 131072k quantum 1600 tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 53 fw flowid 1:10 The problem is I often find the rate exceeding the ceil which is 64kbit for 1:10 when I ran this command: tc -s show class dev eth1 I'm also using a script that captures the output of the above command and feeds it to rrdtool to plot a graph of the usage and it also shows that the bandwidth being utilised exceeds 64kbit. How can ensure that this doesn't happen? Where did I go wrong with my config? Any help would be appreciated. Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] ip route add default mpath (rr| drr|random|wrandom)...
Hello. Thank you for your answer > 2.6.14-rc2 comes with fixes for > CONFIG_IP_ROUTE_MULTIPATH_CACHED, > but i declare that my routing patches are not >compatible with this > feature, until someone proves that both features > work together. Ok. I just wanted to know what are your patches supposed to do. I as far as i know they help when i have multiply links attached to one interface - for example 3 dsl modems attached to one switch and this switch to 1 ethernet port in the serwer. Can these patches do something more? So ip ... mpath ... is broken at present? > Regards Regards too Krzysiek -- Tak niesamowity CZAT... >>> http://link.interia.pl/f18ba ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] need help on multiple isp routing
Hi the best way to do is Source route Routing and Masq hare - Original Message - From: "Anonymous" <[EMAIL PROTECTED]> To: "LARTC" Sent: Friday, September 30, 2005 1:05 PM Subject: Re: [LARTC] need help on multiple isp routing thank you very much for your reply! i've red your article even it mention a 50x50 multipath load ballance (am i right?) solution which is not exactly what i need. now i begin to realize how wrong i was. but i need more like a "split" kind of access with 2 different ISPs - 1 ISP for just 1 PC (192.168.0.16), and then another ISP for all the other clients (192.168.0.0/26). anyway your article is kinda helpfull. i don't give up on split access idea, even i already spent 3 days of my 6 day vacation trying to configure it. i still have 3 days more! :) - Original Message - From: "hareram" <[EMAIL PROTECTED]> To: "Anonymous" <[EMAIL PROTECTED]>; Sent: Friday, September 30, 2005 9:20 AM Subject: Re: [LARTC] need help on multiple isp routing Hi This Link may help you http://linux.com.lb/wiki/index.pl?node=Load%20Balancing%20Across%20Multiple%20Links hare - Original Message - From: "Anonymous" <[EMAIL PROTECTED]> To: Sent: Thursday, September 29, 2005 2:53 PM Subject: [LARTC] need help on multiple isp routing here's my network layout ppp0 (ADSL 2048/256) | |ppp1 (SDSL 1024/1024) || LINUX --- | eth0 (192.168.0.1 DHCP+DNS, Squid, Samba) | | -8 port 100mbit dumb switch || | | | 192.168.0.16/26 | | | | | - DHCP assigned clients | --- (192.168.0.0/26) - i need 192.168.0.16 to take ppp0 route for all it's needs (masquaraded on ppp0) and use transparent squid cache set up on 192.168.0.1 for www. while all other DHCP assigned clients would use masquerading on ppp1 for all their needs and use forced load-ballanced cache of second ISP. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] need help on multiple isp routing
thank you very much for your reply! i've red your article even it mention a 50x50 multipath load ballance (am i right?) solution which is not exactly what i need. now i begin to realize how wrong i was. but i need more like a "split" kind of access with 2 different ISPs - 1 ISP for just 1 PC (192.168.0.16), and then another ISP for all the other clients (192.168.0.0/26). anyway your article is kinda helpfull. i don't give up on split access idea, even i already spent 3 days of my 6 day vacation trying to configure it. i still have 3 days more! :) - Original Message - From: "hareram" <[EMAIL PROTECTED]> To: "Anonymous" <[EMAIL PROTECTED]>; Sent: Friday, September 30, 2005 9:20 AM Subject: Re: [LARTC] need help on multiple isp routing Hi This Link may help you http://linux.com.lb/wiki/index.pl?node=Load%20Balancing%20Across%20Multiple%20Links hare - Original Message - From: "Anonymous" <[EMAIL PROTECTED]> To: Sent: Thursday, September 29, 2005 2:53 PM Subject: [LARTC] need help on multiple isp routing here's my network layout ppp0 (ADSL 2048/256) | |ppp1 (SDSL 1024/1024) || LINUX --- | eth0 (192.168.0.1 DHCP+DNS, Squid, Samba) | | -8 port 100mbit dumb switch || | | | 192.168.0.16/26 | | | | | - DHCP assigned clients | --- (192.168.0.0/26) - i need 192.168.0.16 to take ppp0 route for all it's needs (masquaraded on ppp0) and use transparent squid cache set up on 192.168.0.1 for www. while all other DHCP assigned clients would use masquerading on ppp1 for all their needs and use forced load-ballanced cache of second ISP. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc