Re: [LARTC] esfq ? or wrr ?
I think it depends on the type of traffic you're expecting from the different users. If you're expecting very similar patterns of behaviour, then my guess would be ESFQ would be the better. If, on the other hand, the network load is going to shift over time, between the users, then WRR would seem the more logical choice. You might also want to look at HFSC (Heirarchical Fair Service Curve) - it's possible you might be able to get what you want from the single algorithm, rather than piping through several. The fewer layers you have, the less latency you'll introduce. HFSC also has the advantage that it is standard in the kernel, so likely has better testing. ESFQ and WRR have been forward-ported, well, sometimes, but only the combined -qos patch seems to be current - the individual patches don't seem to be maintained at all. I would like to see the patches cleaned up (as necessary) then submitted for merging into the mainstream kernel. Linux' QoS code is in frankly horrible shape at the moment, so anything that stirred interest in it would almost have to be a good thing, even if the patches themselves didn't get included any time soon. --- LinuXKiD <[EMAIL PROTECTED]> wrote: > Hi > > If I have a HTB class with 128kbit, and I want to > put "N" users in that class ( in order to share > bandwidth fairly ) , > > which is better for me ? esfq (hash dst) or wrr ? > > I would attach esfq or wrr to HTB parent class. > > Also I've readed on Jim script that over WRR put > a RED qdisc, but I don't understand it. > > bests > > andres > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > __ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] esfq ? or wrr ?
Hi If I have a HTB class with 128kbit, and I want to put "N" users in that class ( in order to share bandwidth fairly ) , which is better for me ? esfq (hash dst) or wrr ? I would attach esfq or wrr to HTB parent class. Also I've readed on Jim script that over WRR put a RED qdisc, but I don't understand it. bests andres ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] HFSC Advanced Limiting
Title: RE: [LARTC] HFSC Advanced Limiting Ok, my incoming mail is not working right now, so I don't know who has responded to my posts, or if anyone has. I have figured out how to trap the TC output and redirect it to a file (finally) by using 'tc &>/file'. Also, it occured to me that 0x limit might actually mean 0xF:0xFFF for the class IDs. Is that correct? I have made some pretty big changes to my script. Now, I seem to be having issues with deleting classes I added. See the output below for details. bash-2.05b# ./qos start * Stopping QoS ruleset... * - tc qdisc del dev eth0 root... [ ok ] * - tc qdisc del dev eth1 root... [ ok ] * Starting bandwidth management on interfaces ... * - Creating qdiscs on interfaces ... * - tc qdisc add dev eth0 root handle 1: hfsc default 1... [ ok ] * - tc class add dev eth0 parent 1:0 classid 1:1 hfsc ls m2 100Mbit ul m2 100Mbit... [ ok ] * - tc qdisc add dev eth1 root handle 2: hfsc default 1... [ ok ] * - tc class add dev eth1 parent 2:0 classid 2:1 hfsc ls m2 100Mbit ul m2 100Mbit... [ ok ] * Starting bandwidth management for test ... * - Creating classes on eth0 for upload control ... * - tc class add dev eth0 parent 1:0 classid 1:300 hfsc ls m1 768Kbit d 2000ms m2 256Kbit ul m2 768Kbit... [ ok ] * - tc class add dev eth0 parent 1:300 classid 1:301 hfsc sc umax 1500b dmax 30ms rate 80Kbit... [ ok ] * - tc class add dev eth0 parent 1:300 classid 1:302 hfsc ls m2 256Kbit ul m2 256Kbit... [ ok ] * - tc class add dev eth0 parent 1:300 classid 1:303 hfsc rt m2 168Kbit ls m2 768Kbit ul m2 768Kbit... [ ok ] * - Creating classes on eth1 for download control ... * - tc class add dev eth1 parent 2:0 classid 2:300 hfsc ls m1 1500Kbit d 2000ms m2 384Kbit ul m2 1500Kbit... [ ok ] * - tc class add dev eth1 parent 2:300 classid 2:301 hfsc sc umax 1500b dmax 30ms rate 80Kbit... [ ok ] * - tc class add dev eth1 parent 2:300 classid 2:302 hfsc ls m2 384Kbit ul m2 384Kbit... [ ok ] * - tc class add dev eth1 parent 2:300 classid 2:303 hfsc rt m2 384Kbit ls m2 1500Kbit ul m2 1500Kbit... [ ok ] bash-2.05b# QOSUSER="test" ./qos stop * Stopping bandwidth management for test ... * - Deleting classes on eth0 for upload control ... * - tc class del dev eth0 parent 1:300 classid 1:301 hfsc sc umax 1500b dmax 30ms rate 80Kbit... [ ok ] * - tc class del dev eth0 parent 1:300 classid 1:302 hfsc ls m2 256Kbit ul m2 256Kbit... [ ok ] * - tc class del dev eth0 parent 1:300 classid 1:303 hfsc rt m2 168Kbit ls m2 768Kbit ul m2 768Kbit... [ ok ] * - tc class del dev eth0 parent 1:0 classid 1:300 hfsc ls m1 768Kbit d 2000ms m2 256Kbit ul m2 768Kbit... * > RTNETLINK answers: Device or resource busy [ !! ] * - Deleting classes on eth1 for download control ... * - tc class del dev eth1 parent 2:300 classid 2:301 hfsc sc umax 1500b dmax 30ms rate 80Kbit... [ ok ] * - tc class del dev eth1 parent 2:300 classid 2:302 hfsc ls m2 384Kbit ul m2 384Kbit... [ ok ] * - tc class del dev eth1 parent 2:300 classid 2:303 hfsc rt m2 384Kbit ls m2 1500Kbit ul m2 1500Kbit... [ ok ] * - tc class del dev eth1 parent 2:0 classid 2:300 hfsc ls m1 1500Kbit d 2000ms m2 384Kbit ul m2 1500Kbit... * > RTNETLINK answers: Device or resource busy [ !! ] Thanks again for any help. Eliot Gable Certified Wireless Network Administrator Cisco Certified Network Associate CompTIA Security+ Certified CompTIA Network+ Certified Network and Systems Administrator Great Lakes Internet, Inc. 112 North Howard Croswell, MI 48422 810-679-3395 -Original Message- From: [EMAIL PROTECTED] on behalf of Tomasz Chilinski Sent: Thu 10/13/2005 4:57 PM To: lartc Subject: RE: [LARTC] HFSC Advanced Limiting On Thu, 13 Oct 2005 16:24:06 -0400, Eliot wrote > Oddly, I keep getting these errors: > > parent 1:1000 classid 1:1 hfsc sc umax 1500b dmax 30ms rate 80Kbit... > RTNETLINK answers: File exists > [ !! ] * - tc > class add dev eth0 parent 1:1000 classid 1:10001 hfsc ls m2 256Kbit > ul m2 256Kbit... RTNETLINK answers: File exists Classid should be in range 0x-0x, so it's cause of problem in this script snippet. > Eliot Gable > Certified Wireless Network Administrator > C
Re: [LARTC] TC Output Redirection
Basic shell... first the target then the assignments. So tc 1>/dev/null 2>&1 Eliot, Wireless and Server Administrator, Great Lakes Internet wrote: Ok, this is a rather large annoyance... How do you redirect the error output for TC? It does not seem to use any of the standard file descriptors (like STDOUT or STDERR) for error output. I have tried: tc 2>&1 1>/dev/null tc 3>&1 2>&1 1>/dev/null etc No matter what I do, I cannot seem to redirect the output. Anyone have any suggestions? Thanks. Eliot Gable Certified Wireless Network Administrator Cisco Certified Network Associate CompTIA Security+ Certified CompTIA Network+ Certified Network and Systems Administrator Great Lakes Internet, Inc. 112 North Howard Croswell, MI 48422 810-679-3395 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] TC Output Redirection
Title: TC Output Redirection Ok, this is a rather large annoyance... How do you redirect the error output for TC? It does not seem to use any of the standard file descriptors (like STDOUT or STDERR) for error output. I have tried: tc 2>&1 1>/dev/null tc 3>&1 2>&1 1>/dev/null etc No matter what I do, I cannot seem to redirect the output. Anyone have any suggestions? Thanks. Eliot Gable Certified Wireless Network Administrator Cisco Certified Network Associate CompTIA Security+ Certified CompTIA Network+ Certified Network and Systems Administrator Great Lakes Internet, Inc. 112 North Howard Croswell, MI 48422 810-679-3395 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] VPN through PPP
On Tue, 11 Oct 2005 14:40:10 +0200
Steve Comfort <[EMAIL PROTECTED]> wrote:
Hi,
I can't understand your diagram as well. :-(
Let's suppose you have 2 hosts, host A and host B, each has an outer
("public") and an inner ("local") interface. The outer interfaces have the
IP addresses Apub and Bpub respectively, and the inner networks have the
address spaces Aloc and Bloc, respectively. Also we make use of another
pair of IP addresses, for the tunnel interfaces (10.10.10.1 and
10.10.10.2).
Then the right commands would be:
host A:
ip tunnel add net0 mode gre remote local
ip address add 10.10.10.1/32 net0
ip link set net0 up
ip route add dev net0
host B:
ip tunnel add net0 mode gre remote local
ip address add 10.10.10.2/32 net0
ip link set net0 up
ip route add dev net0
If the tunnel works, you can ping 10.10.10.2 from host A (and 10.10.10.1
from host B), if the routing works also, you can ping the other inner
network from each host.
> I do have a firewall, configured to do NAT on the PPP interface. I have
> also tried excluding the destination addresses from being NAt'd but this
> didn't make any difference.
Just a quick question: you do not filter out GRE (IP protocol 47) on the
firewall? (NATing GRE is a bad idea as well - it does not work AFAIK.)
And don't forget that the GRE tunnel transmits all the traffic
unencrypted, so only use it on a trusted network. (Not even on that.:-)
norbi
___
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] HFSC Advanced Limiting
Title: RE: [LARTC] HFSC Advanced Limiting Thank you. That did solve my problem. My previous question still stands, though. Eliot Gable Certified Wireless Network Administrator Cisco Certified Network Associate CompTIA Security+ Certified CompTIA Network+ Certified Network and Systems Administrator Great Lakes Internet, Inc. 112 North Howard Croswell, MI 48422 810-679-3395 -Original Message- From: [EMAIL PROTECTED] on behalf of Tomasz Chilinski Sent: Thu 10/13/2005 4:57 PM To: lartc Subject: RE: [LARTC] HFSC Advanced Limiting On Thu, 13 Oct 2005 16:24:06 -0400, Eliot wrote > Oddly, I keep getting these errors: > > parent 1:1000 classid 1:1 hfsc sc umax 1500b dmax 30ms rate 80Kbit... > RTNETLINK answers: File exists > [ !! ] * - tc > class add dev eth0 parent 1:1000 classid 1:10001 hfsc ls m2 256Kbit > ul m2 256Kbit... RTNETLINK answers: File exists Classid should be in range 0x-0x, so it's cause of problem in this script snippet. > Eliot Gable > Certified Wireless Network Administrator > Cisco Certified Network Associate > CompTIA Security+ Certified > CompTIA Network+ Certified > Network and Systems Administrator > Great Lakes Internet, Inc. > 112 North Howard > Croswell, MI 48422 > 810-679-3395 -- Kind regards, Tomasz Chilinski RHCX, RHCE, RedHat Academy Instructor Cisco Certified Academy Instructor LMS developer: http://lms.rulez.pl Kadu developer: http://www.kadu.net Director of Chilan.com network engineering department ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] HFSC Advanced Limiting
On Fri, 14 Oct 2005 08:53:15 -0400, Eliot, Wireless and Server Administrator, Great Lakes Internet wrote > So, then you're saying 1:10001 is equivilant to 110,001, which would > be 0x1ADB1 -- as opposed to 10,001 = 0x2711 ? I would like to say that classids are not decimal numbers but hexadecimal, i.e. if you've got decimal class number 65535 you show write it down in tc command as . I hope now it's clear ;-) > Eliot Gable > Certified Wireless Network Administrator > Cisco Certified Network Associate > CompTIA Security+ Certified > CompTIA Network+ Certified > Network and Systems Administrator > Great Lakes Internet, Inc. > 112 North Howard > Croswell, MI 48422 > 810-679-3395 > -- Kind regards, Tomasz Chilinski RHCX, RHCE, RedHat Academy Instructor Cisco Certified Academy Instructor LMS developer: http://lms.rulez.pl Kadu developer: http://www.kadu.net Director of Chilan.com network engineering department ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] tc filter not filtering -or- what am I going wrong?
Dear All I am trying a very simple set up: (a bit long message follows) #Flush previous definitions $TC qdisc del dev $VVNET root >&/dev/null $TC qdisc del dev $INTERNET root >&/dev/null $IPT -t mangle -D PREROUTING -i $INTERNET -d 200.231.56.0/24 -j IMQ --todev 0 # Mothers off all disciplines $TC qdisc add dev $VVNET root handle 1: htb default r2q 1 $TC qdisc add dev $INTERNET root handle 1: htb default r2q 1 #Master Class - outputs to local radio network and internet $TC class add dev $VVNET parent 1: classid 1:1 htb rate 256Kbit ceil 256Kbit $TC class add dev $INTERNET parent 1: classid 1:1 htb rate 256Kbit ceil 256Kbit #Everything coming from internet to the clients goes thru IMQ $IPT -t mangle -A PREROUTING -i $INTERNET -d 1.2.3.0/24 -j IMQ --todev 0 $IP link set imq0 up #Ping classes $TC class add dev $INTERNET parent 1:1 classid 1:22 htb \ rate 100Kbit ceil 100Kbit $TC class add dev $VVNET parent 1:1 classid 1:22 htb \ rate 100Kbit ceil 100Kbit So far no news! Let try some filtering: $TC filter add dev $VVNET protocol ip \ parent 1:0 prio 2 u32 \ match ip icmp_type 0 0xff flowid 1:22 $TC filter add dev $VVNET protocol ip \ parent 1:0 prio 2 u32 \ match ip icmp_type 8 0xff flowid 1:22 $TC filter add dev $INTERNET protocol ip \ parent 1:0 prio 2 u32 \ match ip icmp_type 0 0xff flowid 1:22 $TC filter add dev $INTERNET protocol ip \ parent 1:0 prio 2 u32 \ match ip icmp_type 8 0xff flowid 1:22 What do I mean!? Every single icmp (request or reply) goes thru its own class. But if I ping interface $INTERNET address (from outside) 'tc -s class show dev $INTERNET' counter for class 1:22 doesn't increment! (pings do get replyed). There is sometimes something passing thru 1:22 but it is certainly not icmp packets I am filtering. For the records: default class 1: counter is NOT incrementing as well. What is wrong with my setup?? # tc filter ls dev eth3 ($INTERNET is eth3) filter parent 1: protocol ip pref 2 u32 filter parent 1: protocol ip pref 2 u32 fh 800: ht divisor 1 filter parent 1: protocol ip pref 2 u32 fh 800::800 order 2048 key ht 800 \ bkt 0 flowid 1:22 match /ff00 at 20 filter parent 1: protocol ip pref 2 u32 fh 800::801 order 2049 key ht 800 \ bkt 0 flowid 1:22 match 0800/ff00 at 20 (BTW this offset 'at 20' is it decimal or hex??? 'tc add filter' put it there, not me.)) # tc -s class show dev eth3 |head -5 ; echo sleeping 5 seconds; \ sleep 5 ;tc -s class show dev eth3 |head -5 class htb 1:22 parent 1:1 prio 0 rate 100Kbit ceil 100Kbit\ burst 1727b cburst 1727b Sent 44408169 bytes 58800 pkts (dropped 0, overlimits 0) lended: 58800 borrowed: 0 giants: 0 tokens: 105984 ctokens: 105984 sleeping 5 seconds class htb 1:22 parent 1:1 prio 0 rate 100Kbit ceil 100Kbit\ burst 1727b cburst 1727b Sent 44408169 bytes 58800 pkts (dropped 0, overlimits 0) lended: 58800 borrowed: 0 giants: 0 tokens: 105984 ctokens: 105984 # Thanx for your time Regards -- Ethy H. Brito /"\ InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML +55 (12) 3941-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL S.J.Campos - Brasil / \ ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HFSC Advanced Limiting
Hello, On Fri, 14 Oct 2005 08:53:15 -0400 "Eliot, Wireless and Server Administrator, Great Lakes Internet" <[EMAIL PROTECTED]> wrote: > > So, then you're saying 1:10001 is equivilant to 110,001, which would > be 0x1ADB1 -- as opposed to 10,001 = 0x2711 ? Nope, what he meant was that most probably 1:10001 is recognised as 1:1000 (i.e. the 1 at the end is just cut off). Regards, Nickola pgpYVBh3W1YRs.pgp Description: PGP signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] HFSC Advanced Limiting
Title: RE: [LARTC] HFSC Advanced Limiting So, then you're saying 1:10001 is equivilant to 110,001, which would be 0x1ADB1 -- as opposed to 10,001 = 0x2711 ? Eliot Gable Certified Wireless Network Administrator Cisco Certified Network Associate CompTIA Security+ Certified CompTIA Network+ Certified Network and Systems Administrator Great Lakes Internet, Inc. 112 North Howard Croswell, MI 48422 810-679-3395 -Original Message- From: [EMAIL PROTECTED] on behalf of Tomasz Chilinski Sent: Thu 10/13/2005 4:57 PM To: lartc Subject: RE: [LARTC] HFSC Advanced Limiting On Thu, 13 Oct 2005 16:24:06 -0400, Eliot wrote > Oddly, I keep getting these errors: > > parent 1:1000 classid 1:1 hfsc sc umax 1500b dmax 30ms rate 80Kbit... > RTNETLINK answers: File exists > [ !! ] * - tc > class add dev eth0 parent 1:1000 classid 1:10001 hfsc ls m2 256Kbit > ul m2 256Kbit... RTNETLINK answers: File exists Classid should be in range 0x-0x, so it's cause of problem in this script snippet. > Eliot Gable > Certified Wireless Network Administrator > Cisco Certified Network Associate > CompTIA Security+ Certified > CompTIA Network+ Certified > Network and Systems Administrator > Great Lakes Internet, Inc. > 112 North Howard > Croswell, MI 48422 > 810-679-3395 -- Kind regards, Tomasz Chilinski RHCX, RHCE, RedHat Academy Instructor Cisco Certified Academy Instructor LMS developer: http://lms.rulez.pl Kadu developer: http://www.kadu.net Director of Chilan.com network engineering department ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] share bandwith fairly
Thank you for your answer. I donwloaded shurdix and tried to install it. but it is really not user friendly. it was difficult for me to install it. after isnatallation i saw that all files are read only. I change the rights but I still couldnt edit the files. also I have many scripts run on my box. so it is not easy for me to change the system. also as I said I dont want to patch kernel and recompile it. I checked forum for shurdic there isnt any support in english. system is as following. 2.6.9-1.667smp #1 SMP Tue Nov 2 14:59:52 EST 2004 i686 i686 i386 GNU/Linux use only one network device. I saw tc.sh script. As i see it is not applicabe to unpatched kernels like mine . ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] share bandwith fairly
On Fri, 14 Oct 2005 14:01:20 +0300 "TAYLAN KIRAN" <[EMAIL PROTECTED]> wrote: >Dear members, Hi, > I am trying to share the bandwith for all users fairly. because some users >heavily uses p2p programs and a few hosts consume most of bandwith. when we >limit each flow it does not work as one client has many connection at same >time. Ideal for this situation is WRR ( http://wipl-wrr.sourceforge.net/wrr.html ). If you are looking for an integrated solution, see my signature. >Taylan Yours sincerely, Peter -- http://www.shurdix.org - Linux distribution for routers and firewalls ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] share bandwith fairly
Dear members, I am trying to share the bandwith for all users fairly. because some users heavily uses p2p programs and a few hosts consume most of bandwith. when we limit each flow it does not work as one client has many connection at same time. Firstly I tried to write a script that use the ipfm(which accounts traffic usage) logs as follow .extract ip addresses heavy bandwith users from log file .create a new class with 128kbit for that Ip address . add tc filter for that IP by classify the ip addres with 'match ip dst' parameter. it works for a few IP. After 4 or 5 ip addresses added it does not work for last added ip addresses. let me show the lines that I used. --- creation of qdisc and parent tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb default 12 tc class add dev eth0 parent 1 classid 1:1 htb rate 10mbit ceil 10mbit works for each IP address found in ipfm logs that exceed the desired bandwith usage --- tc class add dev eth0 parent 1:1 classid 1:$index htb rate 128kbit ceil 128kbit tc filter add dev eth0 parent 1: protocol ip prio 1 u32 \match ip dst $ipaddress classid 1:$index but it does not work good. then I tried to find better solution in maillist. there are some solutions there. but not appropriate to us as they required patching kernel like esfq,routehat,wrr. is there any suggestion. Thanks Note: sorry for my poor english. Taylan ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] ip rule add dev
Hi , have a question: i have a router with some interfaces and i want that some interfaces wil lookup others tables then defaults for other default gw. like this. So all the traffic from vlan0002 will be routed via 213.151.73.176. /usr/sbin/ip rule add dev vlan0002 lookup 15 /usr/sbin/ip route add default via 213.151.73.176/27 table 15 is it ok? or i ommited something? thanks -- Jorge Sanchez InWay a.s. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
