Re: [LARTC] Too stupid to figure out shaping
John, Personally I think you're doing too much. All the ISPs here offer a specified amount of bandwidth to different classes of customer. However, they also list a contention ratio. Thus they might say customer class A gets 512Kbit/s with a contention rate of 8:1 and customer class B gets 256Kbit/s with a contention ratio of 12:1. This is very simple to set up. Assume we have eight class A customers and twelve class B customers. Similar to what you did before, set up two HTB classes off the root and use ip tables to mark customer packets according to their assigned IP address. Make sure that the HTB classes are using SFQ. Now all eight class A customers will share the 512Kbit/s class, with traffic distributed evenly among all active flows. If this type of solution is not satisfactory for your customers then you will need to set up a separate class for each individual customer and mark their packets appropriately. This may be more hassle than its worth, depending on the number of customers you have. Regards Brian Carrig On 27 Apr 2005 at 10:35, John Gorkos wrote: > First I'll confess my sins, then I'll beg for help. > > I own a small wireless ISP, and I sell service at three levels, > 256kb/s, 384kb/s, and 512kb/s. For about 18 months, I thought I had > this bandwidth limiting figured out. I had three HTB classes off the > root, one each with the limits above. Since each customer has a > single IP address, I used iptables to mark packets destined for each > subscriber with level 1,2 or 3. It looked like it worked great: > Customer A got 256, B got 384, and C got his 512. In hindsight, it > was wishful thinking, since ALL 256kb/s customers got dumped into the > same 256 class and had to duke it out for that 256kb/s, instead of > each customer getting their own 256kb/s slice. Eventually, as I added > more customers, people started complaining that they weren't getting > what they're paying for (rightly). > > So, now I'm running my ISP with no bandwidth shaping and I'm > struggling to get my brain wrapped around how make sure everyone gets > what they pay for, but not more. > > From the reading I've done, it looks like I need a separate class for > each subscriber. Inside that class, I'd like to have a standard set > of queues to prioritize each customer's slice of bandwidth by port > (typical three band stuff: interactive, web,bulk). > So assuming I've got three customers: > 10.0.0.10 gets256kb/s > 10.0.0.11 gets 386 kb/s > 10.0.0.12 gets 256kb/s > I think I'd have a tree like this: > > CLASS 10 (256kb/s) (inner classes prioritize) > ROOT -CLASS 11(384kb/s) " > CLASS 12 (256kb/s)" > plus three filters to direct iptables-marked traffic to the > appropriate queue and three iptables entries to mark the traffic > appropriately. > > The problem is, I'm simply not smart enough to actually IMPLEMENT > this. I tried setting up the HTB classes, and when I added the 5th > one (class 15 in the little diagram above), my interactivity to the > router went to near 1000ms RTT (I was ssh'ed into it). I started > getting calls from my customers immediately saying something was > 'wrong with the internet'. I'm not sure what happened, since I hadn't > installed any filters or anything. > > Anyway, I'd dearly appreciate some help on this. Surely this is a nut > that someone has already cracked, but for the life of me all I can > find on the internet are how-to shape your own outbound traffic to > your ISP so your P2P traffic (the BANE of ISPs) doesn't interfere with > your Doom3 deathmatch. > > Thanks in advance, > John Gorkos > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Brian Carrig Research Assistant Department of Computing & Networking Institute of Technology, Carlow Tel. No.: +353 59 9176314 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] limiting bandwidth on iface
Marcus, I'm a little confused. Downstream is 1mbit and upstream is 128kbit but the root limit in your code is 1mbit. Surely this could be the cause of your problem? Regards Brian On 23 Mar 2005 at 14:33, Marcus Fritzsch wrote: > ~ 27 # shapiung class of root --> not more than 1mbit bandwidth > ~ 28 $tc class add dev $tun parent 1: classid 1:1 htb rate 1mbit \ > ~ burst 0 cburst 128 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Packet Counting...
You could use a custom ip chain. Add a rule to forward matching packets (such as all packets with a source port of 5001) to this chain. Then just simply add a "return" line in the chain itself. Chains automatically track bytes/packets so you could easily keep tabs that way. On 16 Mar 2005 at 9:46, M. A. Imam wrote: > Hi, > > How can i count the number of packets on an interface evry 2 or 5 > seconds. and i want to count only specific packets like only arriving > packets from port 5001 > > Any thoughts... > > Muhammad > > ___ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Brian Carrig Research Assistant Department of Computing & Networking Institute of Technology, Carlow Mobile: +353 86 3867467 ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] ESFQ?
Cheers Andy, great work. Brian On 11 Jan 2005 at 15:28, Andy Furniss wrote: > Justin Schoeman wrote: > > Woohoo - that would be great! > > > > -justin > > > > Andy Furniss wrote: > > > >> Justin Schoeman wrote: > >> > >>> Ouch... Is there any other way to do host-based fair sharing > >>> (well, other than actually classifying each host :-( )? > >> > >> > >> > >> I don't think it will take much to get it to work - though I > >> haven't tried :-) . > >> > >> I'll have a look at doing a 2.6.10 in the next few days. > > Well I gave it a go (first patches I've made) and they work for me > though Thomas or Stephen may notice something :-) . > > Hopefully they won't be needed in the future if Thomas gets esfq in > mainline. > > They are based on Alexander Clouters patches at www.digriz.org.uk. I > only used the first iproute one. > > I was hampered a bit because kernel.org have turned off the diff > viewer. > > The remove db iproute patch is from LFS, you may not need it if you > have Berkley DB installed ( search for db_185.h ). > > If you don't have it *and* you don't use arpd then use the patch, it > just removes arpd from the build. > > Andy. > > > -- Brian Carrig Research Assistant Department of Computing & Networking Institute of Technology, Carlow Tel. No.: +353 59 9176314 ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] University Project: QoS with Ai
GoMi, For an ongoing project on QoS we looked at something similar but were weary of complex decisions being made at high speeds, particularly as most users questioned would prefer to have a guaranteed equal share of the bandwidth. Currently we are working on a GUI that allows users to mark their traffic as belonging to Gold/Silver or Bronze classes of service. They are then charged appropriately per volume. The results obtained by this approach thus far are quite satisfactory. Regards Brian On 24 Aug 2004 at 18:47, GoMi wrote: > Hi there guys, i am on my last year of career, and as my final Project i am > interested in doing something about QoS. > > The thing is, I have a couple of QoS solutions working, and since the > beginning I though it was great but it lacked some kind of dynamicity. > > Let me explain myself.. I was thinking in creating a classful queue that > based on some parameters (kind of users, bw, packets, etc...) could "learn" > in some way the kind of traffic passing through the box, and change the > parameters of the classes, classifying also not only the packets, but the > users. > > For example there could be p2p users, HTTP users, etc.. and if the queue > itself could create classes for those users, maybe increase productivity. > > > What do you think? Am I talking bullocks or it makes some sense? All critics > welcome :) > > > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Brian Carrig Department of Computing & Networking Institute of Technology, Carlow Tel. No.: +353 59 9176209 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Problems routing mail to particular interface
You could try adding a rule to each table with a "-j LOG" target (logging to standard out). This would allow you to see how the packet is mangled/handled at each step and what tables it traverses ... Thats what I usually do when I'm stuck. Regards Brian On 22 Jul 2004 at 17:08, Jens wrote: > On Thursday 22 July 2004 16:50, George Alexandru Dragoi wrote: > > Hehe, maybe it is this: > > iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE > > Well I wouldn't be surprised if it was something as stupid as that. I tried > your suggestion but no luck :( . but it could easily be something along > similar lines. I will have to think thru this a bit more. > > I will try and see if tcpdump can tell me what is happening but I sure wish > there was something easier available where you can follow the packet and see > exactly what is happening and where . > > Jens > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Brian Carrig Department of Computing & Networking Institute of Technology, Carlow Tel. No.: +353 59 9176209 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Difficulties with filtering based on TOS byte
Hi all, I want to setup link sharing with a filter that places traffic into different queues based on values within the TOS byte. Strangely I can't get this to work. I use the following command for the filter: tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 1:10 I then mark the packets on the user machine using the 'mangle' table in iptables. I have captured the packets on the wire, examined them and the tos field is set correctly. Yet it is ignored on my router and packets are sent to the default queue. As a test I changed the filter to place packets marked with a tos byte of 0x00 to flowid 1:10 and despite the packets being marked as minimum delay (0x10) they were now sent to the correct queue. No problems are presented when I place packets into different queues based on a source address or a port number. Has anyone else experiences problems like this or know what might be causing it? Its very frustrating. Thanks in advance. Regards -- Brian Carrig Department of Computing & Networking Institute of Technology, Carlow Tel. No.: +353 59 9176209 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
