[LARTC] QoS book
Hello all, Can anyone recommend a good book which thoroughly explains QoS from a Linux perspective? Something with TC examples the like. I've looked at the following: http://www.amazon.com/gp/product/1580533418/qid=1148368189/sr=1-2/ref=sr_1_2/102-2819973-6353768?s=booksv=glancen=283155 Engineering Internet QoS. Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Netfilter/Iptables does not NAT all packets?
Hi all, I am having a small problem with netfilter on Linux kernel 2.6.11.4. It seems not all packets are hitting the pre-routing chain. In pre-routing, I have the following rules: $IPTABLES -t nat -A PREROUTING -i $IF_OUT -d 10.50.18.22 -j DNAT --to-destination 192.168.1.22 $IPTABLES -t nat -A PREROUTING -i $IF_OUT -d ! 10.50.18.21 -m limit --limit 5/second -j LOG --log-prefix non-nat input: As you can see all packets arriving for 10.50.18.22 should be natted to 192.168.1.22, and anything else should be logged. If I look at the rule stats, there are no matches on the log rule, so in theory, all packets are DNAT'ed? However, when looking at the logs for the filter:INPUT chain, I see packets destined for 10.50.18.22 are being logged and dropped. So somehow, these packets made it through the nat:PREROUTING chain WITHOUT being natted. Any ideas? It also seems like some response packets (only seen ack and fin-ack packets so far) are not being successfully connection tracked. Could this be part of the problem? Any help/info appreciated. Thanks, Justin ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Shaping of pppoe clients
Guys After reading through the archives I found some insightful ways to be able to shape traffic to pppoe clients from the server. I have two questions on the topic of setting up a pppoe server however... 1. The clients will all be connected to each other using a normal ethernet network, the segments connected with managed switches. The capacity is roughly 500 nodes. Will these pppoe sessions interfere with each other or not? 2. I'd like to know if anyone has tried to shape pppoe client traffic by placing a transparent bridge between the servers and clients, and shaping on this bridge. I'm just testing the water here, after what I read in other threads it will be easier to just use a set of carefully crafted ip-up ip-down scripts with pppd rather than the bridge. But nonetheless, opinions are always needed. Thanks guys -- Kenneth Kalmer [EMAIL PROTECTED] [EMAIL PROTECTED] stats http://fah-web.stanford.edu/cgi-bin/main.py?qtype=userpageusername=kenneth%2Ekalmer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Shaping of pppoe clients
Kenneth Kalmer wrote: Guys After reading through the archives I found some insightful ways to be able to shape traffic to pppoe clients from the server. I have two questions on the topic of setting up a pppoe server however... 1. The clients will all be connected to each other using a normal ethernet network, the segments connected with managed switches. The capacity is roughly 500 nodes. Will these pppoe sessions interfere with each other or not? What do you mean by 'interfere' here? 2. I'd like to know if anyone has tried to shape pppoe client traffic by placing a transparent bridge between the servers and clients, and shaping on this bridge. I'm just testing the water here, after what I read in other threads it will be easier to just use a set of carefully crafted ip-up ip-down scripts with pppd rather than the bridge. But nonetheless, opinions are always needed. I use the ip-up and ip-down scripts, and a radius exec attribute so probably I can help with them. I'm planning on segmenting such a network with linux bridges for better filtering and QoS control. But that's yet to come ;-) Thanks guys -- regards, Georgi Alexandrov key server - http://pgp.mit.edu/ :: key id - 0x37B4B3EE key fingerprint - E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE signature.asc Description: OpenPGP digital signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Shaping of pppoe clients
On 5/23/06, Georgi Alexandrov [EMAIL PROTECTED] wrote: Kenneth Kalmer wrote: Guys 1. The clients will all be connected to each other using a normal ethernet network, the segments connected with managed switches. The capacity is roughly 500 nodes. Will these pppoe sessions interfere with each other or not? What do you mean by 'interfere' here? A colleague of mine thought that these sessions might interfere with one another. On second thought, I'm not even going to explain this... 2. I'd like to know if anyone has tried to shape pppoe client traffic by placing a transparent bridge between the servers and clients, and shaping on this bridge. I'm just testing the water here, after what I read in other threads it will be easier to just use a set of carefully crafted ip-up ip-down scripts with pppd rather than the bridge. But nonetheless, opinions are always needed. I use the ip-up and ip-down scripts, and a radius exec attribute so probably I can help with them. I assume that the exec attribute is in essence similair to what ip-up is, executing an arbitrary command under certain circumstances. Will look into it, thanks... I'm planning on segmenting such a network with linux bridges for better filtering and QoS control. But that's yet to come ;-) The keyword here is better, and that was my argument for using a bridge in the first place. It would appear to be easier to shape filter away from the messy scripts of pppd radius servers, but this raises the next issue. For the bridge, is the pppoe sessions identifiable using say source destination ips, as opposed to pppoe traffic... I know if I perform a tcpdump on the interface that I connect to my adsl modem I only see the traffic as pppoe... Logic tells me that the bridge would suffer the same consequenses... Thanks guys -- regards, Georgi Alexandrov key server - http://pgp.mit.edu/ :: key id - 0x37B4B3EE key fingerprint - E429 BF93 FA67 44E9 B7D4 F89E F990 01C1 37B4 B3EE -- Kenneth Kalmer [EMAIL PROTECTED] [EMAIL PROTECTED] stats http://fah-web.stanford.edu/cgi-bin/main.py?qtype=userpageusername=kenneth%2Ekalmer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Re: QoS book
Thanks, I have already checked it out these sites: http://kabru.eecs.umich.edu/qos_network/diffserv/DiffServ_prototype/qdisc http://linux-ip.net/articles/Traffic-Control-HOWTO/ http://edseek.com/~jasonb/articles/traffic_shaping/ http://luxik.cdi.cz/~devik/qos/htb/ http://www.opalsoft.net/qos/ The documentation is so disparate, it's highly frustrating... On 23/05/06, Robert Gabriel [EMAIL PROTECTED] wrote: Hello all, Can anyone recommend a good book which thoroughly explains QoS from a Linux perspective? Something with TC examples the like. I've looked at the following: http://www.amazon.com/gp/product/1580533418/qid=1148368189/sr=1-2/ref=sr_1_2/102-2819973-6353768?s=booksv=glancen=283155 Engineering Internet QoS. Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Re: QoS book
Robert Gabriel wrote: Thanks, I have already checked it out these sites: snip http://edseek.com/~jasonb/articles/traffic_shaping/ snip The documentation is so disparate, it's highly frustrating... That's disappointing. What can I add to help or clarify? Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] how to debug RTNETLINK invalid argument?
Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? Thanks! George ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? Check to see which kernel versions you have on the boxes that work and the one that does not. Also check to see if you have the latest version of iproute2 installed on the machine that does not work. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
Larry Brigman wrote: On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? Check to see which kernel versions you have on the boxes that work and the one that does not. Also check to see if you have the latest version of iproute2 installed on the machine that does not work. They are both running the exact same kernel and version of iproute2, however they are in different environments, what could the environment have to do with it? Thanks! George ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Larry Brigman wrote: On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? Check to see which kernel versions you have on the boxes that work and the one that does not. Also check to see if you have the latest version of iproute2 installed on the machine that does not work. They are both running the exact same kernel and version of iproute2, however they are in different environments, what could the environment have to do with it? Modules that are not loaded? modprobe.conf? lsmod on both boxes looking for specific networking modules. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] QoS book
that one is quite good for a general overview of QoS Disclamer: got taught by the prof that wrote it On Tue, May 23, 2006 at 09:11:57AM +0200, Robert Gabriel wrote: Hello all, Can anyone recommend a good book which thoroughly explains QoS from a Linux perspective? Something with TC examples the like. I've looked at the following: http://www.amazon.com/gp/product/1580533418/qid=1148368189/sr=1-2/ref=sr_1_2/102-2819973-6353768?s=booksv=glancen=283155 Engineering Internet QoS. Thanks. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
Larry Brigman wrote: On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Larry Brigman wrote: On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Larry Brigman wrote: On 5/23/06, George Nychis [EMAIL PROTECTED] wrote: Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? Check to see which kernel versions you have on the boxes that work and the one that does not. Also check to see if you have the latest version of iproute2 installed on the machine that does not work. They are both running the exact same kernel and version of iproute2, however they are in different environments, what could the environment have to do with it? Modules that are not loaded? modprobe.conf? lsmod on both boxes looking for specific networking modules. What modules would qdisc's be dependent on? The weird thing is, netem works on both machines... therefore I know qdisc's in general are working. Lets just say its not working on my other machine, how do i go about debugging it on the one machine alone? Has the tc command been changed recently from your customized version back to the standard release (ie yum running via cron) or your environment path changed to pick up the wrong tc command? the tc I am using is the standard tc, i didn't change anything about tc, only trying to use a new custom qdisc with it... i'm not sure honestly, theres no way to figure out why i'm getting the invalid argument? ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
the tc I am using is the standard tc, i didn't change anything about tc, only trying to use a new custom qdisc with it... i'm not sure honestly, theres no way to figure out why i'm getting the invalid argument? A common problem is that some distro's put tc in /sbin and other's in /usr/sbin. You may have the old version in you path. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] how to debug RTNETLINK invalid argument?
El Tuesday 23 May 2006 13:17, George Nychis escribió: Hey, I am getting an invalid argument trying to insert a qdisc: [EMAIL PROTECTED] iproute2]# tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 RTNETLINK answers: Invalid argument I'm not sure whats wrong here, because i can successfully insert this qdisc on other computers of mine. How can i debug this? maybe strace (system calls and signals trace) can give you some clues. strace tc qdisc add dev eth0 root xcp capacity 50Mbit limit 500 -- Luciano -- Luciano ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc