RE: [LARTC] htb problem
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Stef Coene > Sent: 12. juni 2003 21:35 > To: Ratel; [EMAIL PROTECTED] > Subject: Re: [LARTC] htb problem > > > adequate lines from firewall script : > > [...] > > # ftp > > $IPTABLES -A FORWARD -p tcp -s 0/0 -d 0/0 --dport 21 -m state --state > > NEW,ESTABLISHED -t mangle -j MARK --set-mark 3 > > # ssh > > $$IPTABLES -A FORWARD -p tcp -s 0/0 -d 0/0 --dport 22 -m state --state > > NEW,ESTABLISHED -t mangle -j MARK --set-mark 2 > > # smtp > > $IPTABLES -A FORWARD -p tcp -s 0/0 -d 0/0 --dport 25 -m state --state > > NEW,ESTABLISHED -t mangle -j MARK --set-mark 4 > > [...] > Mhh. Can you check with iptables -L -v -n that your packets are marked? > And > can you tell us what's your setup ? I mean wich nic is connected to the > internet, what do you want to shape, is this also a firewall? And try > marking in the PREROUTING tables. I have the same problem. According to iptables the packets are marked but all the traffic goes to the root htb class. -- Morten Isaksen [EMAIL PROTECTED] - http://www.aub.dk/~misak ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Problem with htb and fwmark
Hi! I am trying to prioritize udp traffic to satisfy our gamers. The setup is 800 users / 8 Mbit fiber (eth3) LAN (eth0) - FW - \ 6 Mbit FWA (eth2) The 8 Mbit is the default gw and the FWA is currently only used by our proxy server I am using this script: $IP rule add fwmark 1 table 100 pref 1000 $IP route add table 200 scope global nexthop via 213.173.228.1 dev eth2 tc filter del dev eth0 prio 3 tc qdisc del dev eth0 root handle 1: tc qdisc add dev eth0 root handle 1: htb default 12 tc class add dev eth0 parent 1: classid 1:1 htb rate 10Mbit ceil 14Mbit burst 2k # Class for UDP, ICMP, ssh traffic tc class add dev eth0 parent 1:1 classid 1:10 htb rate 1MBit ceil 4Mbit burst 2k prio 0 # Class for all traffic to our servers tc class add dev eth0 parent 1:1 classid 1:11 htb rate 3Mbit ceil 10Mbit burst 2k prio 1 # All other traffic tc class add dev eth0 parent 1:1 classid 1:12 htb rate 6Mbit ceil 8Mbit burst 2k prio 3 tc qdisc add dev eth0 parent 1:10 handle 20: sfq perturb 10 tc qdisc add dev eth0 parent 1:11 handle 30: sfq perturb 10 tc qdisc add dev eth0 parent 1:12 handle 40: sfq perturb 10 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 4 fw flowid 1:10 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 5 fw flowid 1:11 iptables -t mangle -A PREROUTING -i eth0 -p udp -j MARK --set-mark 4 iptables -t mangle -A PREROUTING -i eth0 -p tcp --dport 22 -j MARK --set-mark 4 iptables -t mangle -A PREROUTING -s 10.10.10.3 -i eth0 -j MARK --set-mark 5 iptables -t mangle -A PREROUTING -s 10.10.10.4 -i eth0 -j MARK --set-mark 5 iptables -t mangle -A PREROUTING -s 10.10.10.5 -i eth0 -j MARK --set-mark 5 iptables -t mangle -A PREROUTING -s 10.10.10.12 -j MARK --set-mark 2 The problem is that the all the traffic is going to the default class no matter what I do. I can see that the counters in "iptables -t mangle -L -v -n" is counting up, but the counters in "tc -s class ls dev eth0" is not. I have also tried not to use fwmark but added the rules directly with "tc filter...", but with same results... Have I forgotten something, or what is the problem? -- Morten Isaksen [EMAIL PROTECTED] - http://www.aub.dk/~misak ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] tools for traffic monitoring
Check out http://wipl-wrr.sourceforge.net/wipl.html -- Morten Isaksen [EMAIL PROTECTED] - http://www.aub.dk/~misak > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > Behalf Of Andreas Hasenack > Sent: 21. januar 2003 19:24 > To: [EMAIL PROTECTED] > Subject: [LARTC] tools for traffic monitoring > > Hi all, > > are there any tools (besides ntop) which you guys use to monitor > traffic, service by service? > > mrtg is not enough, I want something that can show me traffic on > a service by service basis, and from/to which host. I guess > ntop is quite complete in this area, but is there anything else? > > Thanks > > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Bandwidth
> -Original Message- > From: Steen Suder, privat [mailto:[EMAIL PROTECTED]] > Sent: 9. december 2002 22:16 > To: Morten Isaksen > Cc: [EMAIL PROTECTED] > Subject: Re: [LARTC] Bandwidth > > Morten Isaksen wrote: > > We are running with an 8 Mbit WAN link and are using wrr to shape the > > traffic between 800 users. This works fine and all the bandwith are en > > use most of the time. > > Sorry to break in to the thread like this, but... > > 1. Is it one single 8/8Mb link? Yes. We do have 2 1 Mbit ADSL lines also, but they are only used for P2P traffic (like Kazaa, Napster, ..). > 2. Hows the tc configuration? (Like the example in the wrr-package?) I have used the standard script in the wrr package, with some minor changes like changed ..cbq bandwidth 10Mbit.. to .. cbq bandwidth 100Mbit.. > 3. Are there any latency-problems? > 4. What measures has been taken to ensure low latency? Right now our WAN link is at 96% and I have a latency about 10 ms to a server 8 hops away (through the Danish DIX). So no, we don't have any latency problems. -- Morten Isaksen [EMAIL PROTECTED] - http://www.aub.dk/~misak ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Bandwidth
We are running with an 8 Mbit WAN link and are using wrr to shape the traffic between 800 users. This works fine and all the bandwith are en use most of the time. Please supply some more details of your configuration, if you want more help. -- Morten Isaksen [EMAIL PROTECTED] - http://www.aub.dk/~misak > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > Behalf Of [EMAIL PROTECTED] > Sent: 9. december 2002 21:24 > To: [EMAIL PROTECTED] > Subject: [LARTC] Bandwidth > > I am really curious how loaded (current and average upload/download speed) > is your network > and how fast connection you have. > (This question is more for more networked enviroments rather than single > users). > > We just bought 8mbit/s line and the load wont get higher than 200KB/s > (~1.6Mbit/s) (according > to MRTG) > There are ~250 users using this line. (shaped from 32kbit/s to 2mbit/s) > > I am using MRTG to measure the load. > I though MRTG has gone crazy showing 200KB/s so i decided to download > large amount of data. > And no, the mrtg was right, i was downloading at 600KB/s and MRTG showed > the same. > > I am confused how it is possible. > > > P.Krumins > > > Re&gcedil;istrē un lieto savu Apollo e-pastu www.e-apollo.lv > > www.apollo.lv > > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/