Re: [LARTC] Why does this script noet work (bandwidth, tc en u32)
Hi Mark, After changing the script in this way it seems to work (MI think that this is what you mend with attaching the filter to the root qdisk): # downlink tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit tc class add dev eth0 parent 1:1 classid 1:2 htb rate 1mbit ceil 10mbit tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip dst 172.31.1.1 flowid 1:2 # uplink tc qdisc del dev eth1 root tc qdisc add dev eth1 root handle 1: htb tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit tc class add dev eth1 parent 1:1 classid 1:2 htb rate 1mbit ceil 10mbit tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src 172.31.1.1 flowid 1:2 > One thing I find useful (especially when debugging) is to replace the > default fifo qdisc on the leaf with one that _does_ maintain statistics > - which you can see with 'tc -s qdisc show dev ...'. Makes it a bit > easier to see where your traffic is going, and if that matches your > expectations/intentions. Could you elaborate on this? Which "other fifo qdisc" that maintains statistics? Any hints on the right syntax? TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Why does this script noet work (bandwidth, tc en u32)
Hi, Can anyone point me out where the script below is wrong? All I want is that host 172.31.1.1 can only use 10 megabit. If I run this script on the in-between router nothing happens (the host uses still the full 100 mbit, tested with iperf) , so i assume that something must be wrong #!/bin/sh # LAN1 NIC tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit # my machine tc class add dev eth0 parent 1:1 classid 1:2 htb rate 1mbit ceil 10mbit # filter tc filter add dev eth0 parent 1:1 protocol ip prio 1 u32 match ip dst 172.31.1.1 flowid 1:2 # LAN2 NIC tc qdisc del dev eth1 root tc qdisc add dev eth1 root handle 1: htb tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit # my machine tc class add dev eth1 parent 1:1 classid 1:2 htb rate 1mbit ceil 10mbit # filter tc filter add dev eth1 parent 1:1 protocol ip prio 1 u32 match ip src 172.31.1.1 flowid 1:2 TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] GUI or other tools for traffic shaping
Hi Luciano, On Thu, 2007-06-14 at 23:55 -0300, Luciano Ruete wrote: > On Thursday 14 June 2007 06:06:54 Joost Kraaijeveld wrote: > > Hi, > > > > Are there GUI (preferable) or scripting tools available somewhere that can > > help me with traffic shaping? I have found MasterShaper and tcng but hey > > seem both unmaintained. Directly writing scripts is still a bit out of my > > reach, so I would like to learn by using tools... > > htb-gen[1] is very easy to setup but yet powerfull. > It is meant for internet sharing scenarios, like small/medium ISPs and > home/office internet share. > You also have an stdout target to see what are the tc/iptables commands > executed. > > And it is still maintained and evolving... ;) > > [1]http://freshmeat.net/projects/htb-gen/ This looks as what I am looking for , thanks. -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] GUI or other tools for traffic shaping
Hi, Are there GUI (preferable) or scripting tools available somewhere that can help me with traffic shaping? I have found MasterShaper and tcng but hey seem both unmaintained. Directly writing scripts is still a bit out of my reach, so I would like to learn by using tools... TIA Joost ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] TEQL: how to notice link down?
Is it possible to detect if a link is down in a TEQL device, so that I will receive a mail on such occasion? TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Bandwidth management on intermediate router mac address
Hi, Is it possible to manage bandwidth based on a router macaddress that is between two machines? E.g. dest<-->bandwidth management <-->router<-->source Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] (simple?) iptables question
On Thu, 2006-09-21 at 08:10 +0200, Joost Kraaijeveld wrote: > I thought that this would do the trick: > > > iptables -A POSTROUTING -s 10.20.1.0/24 -d 192.168.0.0/16 -j RETURN > iptables -A POSTROUTING -s 10.20.1.1 -o eth1 -j SNAT --to-source 172.16.0.1 I forgot the -t nat in the commands above. -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] (simple?) iptables question
Hi, I have a router that should do routing between 2 networks for a network *except* if the destination is a private network *and* the source is a specific machine, in which case it has to NAT. I thought that this would do the trick: iptables -A POSTROUTING -s 10.20.1.0/24 -d 192.168.0.0/16 -j RETURN iptables -A POSTROUTING -s 10.20.1.1 -o eth1 -j SNAT --to-source 172.16.0.1 But this does not seem to work: there is never any NAT: the packets are just routed and not NAT-ed if I ping to a non 192.168.0.0/24 address. How can I achieve what I want??? TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Routing based on source address
Hi, Is it possible to create a routing rule that depends on the source host/network, besides the target host/network? E.g. route everything from 192.168.0.x to 10.0.0.1, and route everything from 192.168.1.x to 10.0.0.1. TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Not routing for 1 host?
[EMAIL PROTECTED] wrote: > [EMAIL PROTECTED] wrote: >> Hi, >> >> I want to stop routing for 1 particular host in my network. I >> thought that this would do it: >> >> iptables -D INPUT -d aaa.bbb.ccc.ddd -j DROP >> iptables -D INPUT -s aaa.bbb.ccc.ddd -j DROP > Ooops, silly me. Should be (as others pointed out): > > iptables -A INPUT -d aaa.bbb.ccc.ddd -j DROP > iptables -A INPUT -s aaa.bbb.ccc.ddd -j DROP > > BTW: I always think very hard, RTFM and search with Google > before I ask a stupid question... And I have to learn to type /copy & paste /pay attention to what I am doing iptables -A FORWARD -d aaa.bbb.ccc.ddd -j DROP iptables -A FORWARD -s aaa.bbb.ccc.ddd -j DROP Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Not routing for 1 host?
[EMAIL PROTECTED] wrote: > Hi, > > I want to stop routing for 1 particular host in my network. I > thought that this would do it: > > iptables -D INPUT -d aaa.bbb.ccc.ddd -j DROP > iptables -D INPUT -s aaa.bbb.ccc.ddd -j DROP Ooops, silly me. Should be (as others pointed out): iptables -A INPUT -d aaa.bbb.ccc.ddd -j DROP iptables -A INPUT -s aaa.bbb.ccc.ddd -j DROP BTW: I always think very hard, RTFM and search with Google before I ask a stupid question... Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Not routing for 1 host?
Hi, I want to stop routing for 1 particular host in my network. I thought that this would do it: iptables -D INPUT -d aaa.bbb.ccc.ddd -j DROP iptables -D INPUT -s aaa.bbb.ccc.ddd -j DROP But that still shows traffic. What is the corract way to do that? Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: RES: [LARTC] Terminal Services and traffic control.
On Tue, 2005-10-25 at 17:00 -0200, Thiago Lima - lst wrote: > As far as I know, Citrix is more optimized for long distance setups. Mmmm. This is what the Citrix marketing department wants to believe you anyway. > First: do you have a perfomance problem when running without any traffic > control: according to my experience, each connection runs OK with ~20-30 > kilobit/sec? If you don't have problems, don't fix them. > > Yes I have problems without traffic control. For instance, when > someone transfers a file between the networks TS sessions become slow. Even > open outlook becomes unusable. Do you mean by that: user copies a file from his client to the TS session (or the other way around)? Or do you mean that the user copies a file in the TS session from directory to directory in the TS session? If the latter, are the directries local to the TS server or are they actually mounted shares? If so, on which side of the link are the shares? > Second, do you use any other services from the Windows server on the > other side: DHCP, DNS, WINS, file shareing (e.g. roaming profiles, home > directories) profiles, databases (SQL server), Internet connections etc? > If you have any of those (especially the ones for name resolution) you > must take those in account also. > > I have a file server running into another server. TS users use those > files for work. But there’re basically excel and word files. OK, but are the files in the TS session or on the client computer? Is the location of the fileserver on the side of the TS server or on the side of the clients? -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Terminal Services and traffic control.
On Tue, 2005-10-25 at 14:33 -0200, Thiago Lima - lst wrote: > Hi everybody, > > I have a network that only uses terminal services. > > Look at the diagram. > > 20 machines running WinXP <-> LinuxFW-1 <-> 1Mbit link dedicated > fiber link <–> LinuxFW-2 <–> Terminal Server > > I’d like to give the maximum priority for bandwidth to terminal > services (port 3389). > > I’ve changed the CBQ script from LARTC site to suite my needs, but > every time I run it my connections to 3389 becomes slower. Without TC the > connections are faster and better. > > I can’t afford to loose more time trying to reinvent the wheel. I’ve > read all documentations and I still can’t make a good traffic control for my > needs. > > 1) Does anyone have something like that? I have such a network running Citrix. > 2) Where should I put the traffic control? In LinuxFW-1 or LinuxFW-2? > 3) Is my script changes right? First: do you have a perfomance problem when running without any traffic control: according to my experience, each connection runs OK with ~20-30 kilobit/sec? If you don't have problems, don't fix them. Second, do you use any other services from the Windows server on the other side: DHCP, DNS, WINS, file shareing (e.g. roaming profiles, home directories) profiles, databases (SQL server), Internet connections etc? If you have any of those (especially the ones for name resolution) you must take those in account also. -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Ho do i manage NAT'ed egress bandwidht?
Hi, I have a Debian based NAT router. How can I manage upstream egress bandwidth based on the LAN ipadress in the network below? My goal is that host1 get a minumum of 10Mbit up/down and host2 gets a minimum of 90Mbit up/down, both max 100Mbit up/down? targethost 172.16.255.254 | | 172.16.0.1 natrouter 172.31.255.254 | | + --+ | | 172.31.0.1 172.31.0.2 host1 host2 TIA -- Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Bridging lan over wireless link
Hi all, I want to create a bridge (see picture below) between 2 LANs with the same IP range (192.168.0.0/24) using 2 wireless links that use load sharing over multiple interfaces (as descibed here: http://lartc.org/howto/lartc.loadshare.html) for load balancing and fault tolerance. Both links should use IPsec for encryption. I have googled for an example that does this but I could not find it. Is this possible? Not in threory but in practise: has anyone done this? If so, can anyone give me an example/pointer to an example of how to do this? || || | ant1.1 |---| ant2.1 | || || _ ||_ | |-eth1-++--eth1-| | lan1 --eth0-| bridge1 | | bridge2 |-eth0--lan2 |_|-eth2-++--eth2-|_| |___ |___ || || | ant1.2 |---| ant2.2 | || || Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] TCNG compilation/translation bug/question
Hi all, Ooops, please ignore my previous e-mail. I reversed the bits and bytes. Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] TCNG compilation/translation bug/question
Hi all, The following ingress statement: $host2 = SLB(cbs 1024kb, cir 2048kbps); class(<>) if ip_dst == 81.175.84.2 && SLB_else_drop($host2); is compiled by TCNG into the folling tc command: ... tc filter add dev eth0 parent :0 protocol all prio 1 u32 match u32 0x51af5402 0x at 16 classid :0 police index 505 rate 256000bps burst 131072 mpu 0 action drop/pass ... (BTW: the ip address may be wrong due not being able to translate dotted decimal to hexedecimal, but the rest is correct) I do not understand the relation between the SLB with "cbs 1024, cir 2048, default mpu" and the tc command with "rate 256000bps burst 131072 mpu 0": I expected that the SLB specs would be translated into something like "rate 2048*8bps burst 1024*8 mpu0". Is this a bug or do I just understand the it? If the latter, can anyone explain the translation to me? TIA Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Guaranteed rate per class and maximum ceiling per element in class???
Hi Stef, Stef Coene schreef: > Do you want to shape outgoing traffic or incoming traffic? > Ingress is for incoming traffic, htb is outgoing traffic. > You can use htb for incoming traffic if you use the imq > device or if you can shape on a router, you can shape on both interfaces. I want to shape both. This is what I have done (and it works as far as we can see): 1. Use HTB / egress to shape rate and use the ceil of the HTB to regulate the scaling of the classes. 2. Use ingress to regulate the absolute maximum ceil of the individual elements Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Guaranteed rate per class and maximum ceiling per element in class???
Hi Stef, [EMAIL PROTECTED] schreef: > The first 2 can be done with htb. For the third yes, you can > use the wrr qdisc (I never tested this myself and I don't know if tcng > can configure this). The wrr qdisc can be added to a htb class. Or you > can add extra classes to the htb class. I want to look into policing for enforcing the ceiling per element, but to my disappointment I cannot get it working. whatever I use for values, nothing changes in the measured trhoughput I I don't know why. If I use the stuff below I expect that the throughput for host asterix.askesis.nl will be 10Bps. Which is not the case. But whatever values I use nothing changes in the throughtput. It appears that tat the ingress rules is ignored. Any ideas? ingress { /* TCNG manual p. 39 SLB(cbs,cir [,mpu]) cbs: commited burst size in bytes (size of bucket) cir: commited information rate in bps (rate of entering bucket) mpu: minimum policed unit in bytes (size of bucket in/decrement ?) */ $network = SLB( cbs 10B, cir 10 Bps); /* SLB_ok, if true pass the packet SLB_else_drop, if true drop the packet */ class(<>) if ip_src == host "asterix.askesis.nl" && SLB_else_drop($network); } Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] TCNG syntax for ingress / policing questions
Hi all, I have 2 questions regarding policing 1. What is the problem with policing as in most mesages I can find people say don't but I have not found a why? 2. I have the egress below working (numbers in example are bogus, I know). How do I add an ingress policy? /* compile this file with tcc filename > limit.sh and run that file */ dev eth1 { egress { class ( <$myhost> ) if ip_dst == 172.31.0.2; class ( <$others> ) if 1 ; htb () { class ( rate 2048kbps, ceil 2048kbps ) { $myhost = class ( rate 1024kbps, ceil 1024kbps ) ; $others = class ( rate 10bps, ceil 500kbps ) ; } } } } Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] TCNG on a Linux NAT router question
Hi all, I want to apply traffic control using TCNG 1.30 on a NAT router. Can I use the IP addresses on my LAN to shape the traffic on the outgoing interface, with other words, does the address translation take place before or after traffic control? (Or does it depend and if so, on what?) Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Guaranteed rate per class and maximum ceiling per element in class???
Hi all, It is my understanding that with HTB, the rate and the ceiling are divided over the elements of the class. E.g. using a rate of 100 kb and a ceiling of 2000 kb for a class with 10 elements on a 100Mb NIC, the effect of the ceiling will be that if all elements are generating their maximimum possible trafic they will be effectively limited to ~ ceiling / number of elements, in this case 2000/10 = 200. But what I want is that any individual within a class is limited to an amount that is smaller that the class ceiling while maintaining the class ceiling. Is it possible to achieve a guaranteed rate per class, a ceiling per class AND maximum ceiling per individual element in class using TCNG 1.3 on Linux (Debian 2.6 kernel)? Otherwise? Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] TC-ng questions/problems
Hi Charles, [EMAIL PROTECTED] schreef: > I think that your r2q is probably off -- please see: > > http://www.docum.org/stef.coene/qos/faq/cache/31.html This link does not work. All other numbers are there but one is not. But it's true: in the logfiles I see r2q mentioned (jumping with joy in my office, hope at last). Thanks. Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] TC-ng questions/problems
Hi Chalres, Thanks for the answer. I have also been bitten by the byte/bit bug in the past but in this case it must be something different. All my values are in in the correct amount of bits. The most important problem is actually problem 2: why does the tc toward internet (dev WAN) do what it does? Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] TC-ng questions/problems
Hi all, We have 2 class C networks that are connected by a Linux router with the internet. We want to apply traffic control (bandwidth control). For that we wrote the tcc script below. We have 2 problems: 1. To establish a 2 megagit download we must actually set the value to 2500kbps. Is there a possible reason for that? 2. If we enable the WAN device we get very hight ping times (they change from 21.1 ms to > 2000 ms) and erratic upload values that partly suffer from the problem above (we want to allow for an upload of 512kb and have to specify a upload of 712 to get that) but most of the time we have a far worse actual upload. Anyone any ideas? We use Debian 2.6.3-1-386 (Sarge) with tcng 9m. Any help is greatly appreciated. Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl /// #include "fields.tc" #include "ports.tc" #define WAN eth0 #define LAN83 eth1 #define LAN84 eth2 /* The WAN section is about upload to the internet */ dev WAN { egress { class ( <$uploadRouter> ) if ip_src == 192.168.83.1 || ip_src == 192.168.84.1; class ( <$uploadGKS> ) if ip_src == 192.168.83.22 ; class ( <$upload83> ) if ip_src:24 == 192.168.83.0 ; class ( <$upload84> ) if ip_src:24 == 192.168.84.0 ; class ( <$others> ) if 1 ; htb () { class ( rate 18Mbps, ceil 18Mbps ) { $uploadRouter = class ( rate 18Mbps, ceil 18Mbps ); $uploadGKS= class ( rate 10Mbps, ceil 10Mbps ) ; $upload83 = class ( rate 5Mbps,ceil 5Mbps ) ; $upload84 = class ( rate 712kbps, ceil 712kbps ) ; $others = class ( rate 18Mbps , ceil 18Mbps ) ; } } } } /* This section is about downloading to the 83 network */ dev LAN83 { egress { class ( <$downloadRouter> ) if ip_dst == 192.168.83.1; class ( <$downloadGKS> )if ip_dst == 192.168.83.22; class ( <$download> ) if ip_dst:24 == 192.168.83.0; class ( <$others> ) if 1 ; htb () { class ( rate 18Mbps, ceil 18Mbps ) { $downloadRouter = class ( rate 18Mbps, ceil 18Mbps ) ; $downloadGKS= class ( rate 10Mbps, ceil 10Mbps ) ; $download = class ( rate 5Mbps, ceil 5Mbps ) ; $others = class ( rate 18Mbps, ceil 18Mbps ) ; } } } } /* This section is about downloading to the 84 network */ dev LAN84 { egress { class ( <$download> ) if ip_dst:24 == 192.168.84.0; class ( <$others> ) if 1 ; htb () { class ( rate 18Mbps, ceil 18Mbps ) { $download = class ( rate 2500kbps,ceil 2500kbps ) ; $others= class ( rate 18Mbps, ceil 18Mbps ) ; } } } } ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/