Re: [LARTC] Sort of solution to traffic only going to last nexthop
Not all of us can switch distros that easily :P I did try ditching the gentoo kernel sources and going with vanilla kernel sources, but still didn't work and made it easy to cause a kernel panic.I ended up ditching the patches and any thoughts of load balancing between the 2 connections, as debugging kernel problems didn't sound fun to me. - JodyOn 2/8/06, Mikael Svenson <[EMAIL PROTECTED]> wrote: Just wanted to let the people who have trouble with this know that I gotit to work.I ditched my Gentoo install and fired up Fedora Core 4. But it was notworking out of the box.When I updated to the latest kernel rpm 2.6.15 it worked like a charm :DSo.. Fedora Core 4 with the latest 2.6 kernel ought to get you up andrunning.Hope this helps someone. My three weeks of anguish are finally over :)Regards,Mikael Svenson ___LARTC mailing listLARTC@mailman.ds9a.nlhttp://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Where do I post patches?
I have found a few bugs in tc, and have produced patches for them. Two require changes to tc, one to the kernel. Where should I post these patches? -- Regards, Russell Stuart ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Sort of solution to traffic only going to last nexthop
Just wanted to let the people who have trouble with this know that I got it to work. I ditched my Gentoo install and fired up Fedora Core 4. But it was not working out of the box. When I updated to the latest kernel rpm 2.6.15 it worked like a charm :D So.. Fedora Core 4 with the latest 2.6 kernel ought to get you up and running. Hope this helps someone. My three weeks of anguish are finally over :) Regards, Mikael Svenson ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] lartc site
i did something like this: [EMAIL PROTECTED] postfix]# whois [EMAIL PROTECTED] | grep "Name Server:" Name Server:DNS-EU1.POWERDNS.NET Name Server:DNS-US1.POWERDNS.NET Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: [EMAIL PROTECTED] postfix]# host www.lartc.org DNS-EU1.POWERDNS.NET Using domain server: Name: DNS-EU1.POWERDNS.NET Address: 213.244.168.217#53 Aliases: www.lartc.org has address 213.244.168.210 [EMAIL PROTECTED] ~]$ cat /etc/hosts | grep lartc 213.244.168.210 www.lartc.org 213.244.168.210 lartc.org Ron Dippold wrote: > I haven't been able to resolve lartc.org for days. Thank goodness for > Google Cache. > > Imre Gergely wrote: >> [offtopic] >> btw, is there something wrong with the domain? >> i couldn't reach the site, my browser said the hostname lartc.org (or >> www.lartc.org) doesn't exist, i had to dig up the ip address through >> whois, >> lookups and stuff. >> [/offtopic] > > > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > -- Imre Gergely SysAdmin NOCS-CJ Astral Telecom S.A. Plugarilor 28, Cluj-Napoca http://www.astral.ro ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] lartc site
I haven't been able to resolve lartc.org for days. Thank goodness for Google Cache. Imre Gergely wrote: [offtopic] btw, is there something wrong with the domain? i couldn't reach the site, my browser said the hostname lartc.org (or www.lartc.org) doesn't exist, i had to dig up the ip address through whois, lookups and stuff. [/offtopic] ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] filter performance/optimization questions
On Wed, Feb 08, 2006 at 07:58:48PM +0200, Imre Gergely wrote: > at first, there is that default table 800::, where i create these 'hashing > filters'. if i have 300 of them, how are they processed? if a packet comes in, > what happens? are they looked up in the same order i created them? like in > iptables? Yes, if i understood you correctly. You can create a hash to match a network (hashkey mask 0xff00), then match an address (in another hash table). Or even match with hashkey mask 0x000ff000 (or another bits), then... etc. You can cascade them, in other words. > then, if say, one filter matched, the more specific filter table is looked up, > the key being the last octet of the ip address (specified by the mask > 0x00ff). it looks up the right entry in the table, and it know in which > flow (in which class) it should put the packet in. right? > > now what if i have to filters? one with, say, a source port of 25 specified, > the other one with port 80. Mmm... If I understood you... :-) Sorry, that's my english. Every hash table cell may contain many filters, they will be processed in sequence. And if the packet will not match any of them, it'll be dropped to default class. > > these are some 'subquestions' :) the main question is the optimisation of > course :) i was just wondering how things are done. -- _,-=._ /|_/| `-.} `=._,.-=-._., @ @._, `._ _,-. ) _,.-' `G.m-"^m`m'Dmytro O. Redchuk ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] filter performance/optimization questions
yepp, hashing is done, for every type C class (/24), there are around 300 of these, and all are redirected to a more specific table, according to the documentation. now i have a question about this, too. to me it's not clear how these filters are looked up. at first, there is that default table 800::, where i create these 'hashing filters'. if i have 300 of them, how are they processed? if a packet comes in, what happens? are they looked up in the same order i created them? like in iptables? then, if say, one filter matched, the more specific filter table is looked up, the key being the last octet of the ip address (specified by the mask 0x00ff). it looks up the right entry in the table, and it know in which flow (in which class) it should put the packet in. right? now what if i have to filters? one with, say, a source port of 25 specified, the other one with port 80. these are some 'subquestions' :) the main question is the optimisation of course :) i was just wondering how things are done. Andreas Klauer wrote: > On Wed, Feb 08, 2006 at 07:29:57PM +0200, Imre Gergely wrote: >> i did some tests with esfq (that brought down the classes to around 150), but >> the filters remained, and the load was still 100%. and i get some packet loss >> because of that. not much, around 1-2%, but it's enough :) >> >> is there something i could do to bring the load down? > > Are the filters already hashed? If not, that's the first thing I'd try. > There was a section on that on www.lartc.org. (Hmmm, seems to be down.). > > http://www.linux.org/docs/ldp/howto/Adv-Routing-HOWTO/lartc.adv-filter.hashing.html > > HTH > Andreas Klauer > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] filter performance/optimization questions
On Wed, Feb 08, 2006 at 07:29:57PM +0200, Imre Gergely wrote: > i did some tests with esfq (that brought down the classes to around 150), but > the filters remained, and the load was still 100%. and i get some packet loss > because of that. not much, around 1-2%, but it's enough :) > > is there something i could do to bring the load down? Are the filters already hashed? If not, that's the first thing I'd try. There was a section on that on www.lartc.org. (Hmmm, seems to be down.). http://www.linux.org/docs/ldp/howto/Adv-Routing-HOWTO/lartc.adv-filter.hashing.html HTH Andreas Klauer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] lartc site
[offtopic] btw, is there something wrong with the domain? i couldn't reach the site, my browser said the hostname lartc.org (or www.lartc.org) doesn't exist, i had to dig up the ip address through whois, lookups and stuff. [/offtopic] ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] filter performance/optimization questions
hi i'm using htb + u32 filters, and i was wondering if there is something one can optimize at this stage. i have a lot of filters (~ 50.000 / interface, and there are two interfaces), and around 4500 classes / interface. the traffic going through this machine is something around 210-230mbit/s at 50kpps. as you can imagine, the load is pretty high. in fact (as it's a dual xeon at 2.4ghz), one CPU is always at 100% when the traffic increases. i did some tests with esfq (that brought down the classes to around 150), but the filters remained, and the load was still 100%. and i get some packet loss because of that. not much, around 1-2%, but it's enough :) is there something i could do to bring the load down? short of replacing the whole system? i didn't find anything performance-related on the net, or in any documentation. thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Ian Bullock is out of the office.
I will be out of the office starting 08/02/2006 and will not return until 13/02/2006. I will respond to your message when I return. However if you have sent data for processing, please send to [EMAIL PROTECTED] Also if you have any urgent queries, please contact Operations on 01924 888700. Thankyou. This E-mail transmission may contain confidential or legally privileged information that is intended for the addressee only. Any views or opinions presented are solely those of the author and do not necessarily represent those of CNM Limited. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or reliance upon the contents of this E-mail is strictly prohibited. If you have received this E-mail transmission in error, please notify the sender immediately, so that CNM Limited may arrange for its proper delivery. Please then delete the message from your inbox. This email has been scanned for all viruses by the MessageLabs SkyScan service. For more information on a proactive anti-virus service working around the clock, around the globe, visit http://www.messagelabs.com ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Routing packges by destination port
Hello all, After many time reading a lot of stuff I am quite confident using LARTC to route my trafic. I am still working on QoS (by package type and so on) but it will stay in my studing class for a long time... ;) So lets go to my question... I mounted a router that makes my conections throug 2 external interfaces. Its working fine and my default gateway for entire network behind it (nated) is the link at interface eth0. All traffic going to port 80 is maked as 0x1 and I route it to a table that makes its default route trhough link2 (eth3). My problem begins when I try to use transparent proxy (squid) with this rule: iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 If I make this rule my routing tables begins to scramble all my traffic and makes it going ALL through only 1 link (eth0). There is anyway to use transparent squid with multiple routing tables and marking packages? PS.: What is this error "Icmp checksum is wrong" Att, Nataniel Klug ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Conceptual question ;-)
ehlo list, I'm willing to shape ppp users e.g. each pppX interface to get XXX kbits I classify traffic going to ppp+ interfaces like this: iptables -t mangle -A POSTROUTING -o ppp+ -j CLASSIFY --set-class 0002:0020 then i have a file which is executed when a ppp inteface is up and first argument parsed to that file ($1) is the ppp number (e.g. 35 for ppp35). it generally looks like this: tc qdisc del dev ppp$1 root tc qdisc add dev ppp$1 root handle 2: htb tc class add dev ppp$1 parent 2: classid 2:2 htb rate XXXkbit tc class add dev ppp$1 parent 2:2 classid 2:20 htb rate XXXkbit tc qdisc add dev ppp$1 parent 2:20 handle 20: sfq perturb 10 The question is, when for example 10 ppp interfaces are up will they each get XXX kbits. -- regards, Georgi Alexandrov Key Server = http://pgp.mit.edu/ :: KeyID = 37B4B3EE Key Fingerprint = E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE signature.asc Description: OpenPGP digital signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc