[LARTC] Ingress shaping using IMQ
Hello people, This the first time i post in list. I read the lartc how-to and decided that IMQ with HTB was the solution to solve my problem. The ingress shaping i want is simple, shape the traffic to my ftp-server, i just want to give 8kbps to each client because they only upload to my ftp-server, and i dont want to any class borrowing, each client only send(upload) at 8kbps, not above this rate. I tested this: tc qdisc add dev imq0 root handle 1: htb tc class add dev imq0 parent 1: classid 1:1 htb rate 1Mbit tc class add dev imq0 parent 1:1 classid 1:10 htb rate 8kbps tc class add dev imq0 parent 1:1 classid 1:11 htb rate 8kbps tc qdisc add dev imq0 parent 1:10 handle 20:0 pfifo tc qdisc add dev imq0 parent 1:11 handle 21:0 pfifo tc filter add dev imq0 protocol ip pref 1 parent 1: handle 1 fw classid 1:10 tc filter add dev imq0 protocol ip pref 2 parent 1: handle 2 fw classid 1:11 iptables -t mangle -A PREROUTING -i eth0 -j IMQ iptables -t mangle -A PREROUTING -i eth0 -s 172.19.200.214 -j MARK --set-mark 1 iptables -t mangle -A PREROUTING -i eth0 -s 172.19.200.100 -j MARK --set-mark 2 These worked perfect. Now i have some questions: When i use the filter command (tc filter add dev imq0 protocol ip pref 2 parent 1: handle 2 fw classid 1:11) , what this "handle" means?I understood that its the number of the mark, am i correct? Is there a better solution for my problem???I will create 300 classes , all below 1:1. Should i use sfq instead pfifo?I choose pfifo because i have connections from just one client. Thanks.
Re: [LARTC] Ingress Shaping using IMQ
On Tuesday 20 January 2004 15:05, Aron Brand wrote: > Hi Stef, > > Thanks for the helpful information. > > What do I need to set as the line rate for the LAN side shaper? I assume > that if I want it to work it must be slower than the real downlink speed > - is this right? Are there recommended values - such as 10% lower than > the real downlink speed? It depends. But try 10% and measure the link usage. > I am wondering, has anyone done any benchmarks that indicate how > accurate is shaping of TCP streams in the inbound direction? For > example, say that during peak periods the customer wants to enforce 20% > of the traffic to web and 80% to FTP downloads, how long will it take > until it stabilizes on these rates? And how accurate can I expect it to > be? It can be very accurate and very fast. Like said before, it depends on the software you use and how quick to software reacts on a change in the bandwidth. I did some bursts test with htb. You can see on some of the graphs that if there is an other tcp stream, htb reacts very fast. But this only for outoing packets and measered on the loopback interface. So the problem is not htb, but application, routers, modems, ... http://docum.org/stef.coene/qos/tests/htb/burst/ Stef -- [EMAIL PROTECTED] "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Ingress Shaping using IMQ
Hi Stef, Thanks for the helpful information. What do I need to set as the line rate for the LAN side shaper? I assume that if I want it to work it must be slower than the real downlink speed - is this right? Are there recommended values - such as 10% lower than the real downlink speed? I am wondering, has anyone done any benchmarks that indicate how accurate is shaping of TCP streams in the inbound direction? For example, say that during peak periods the customer wants to enforce 20% of the traffic to web and 80% to FTP downloads, how long will it take until it stabilizes on these rates? And how accurate can I expect it to be? Thanks, Aron -Original Message- From: Stef Coene [mailto:[EMAIL PROTECTED] Sent: Monday, January 19, 2004 8:28 PM To: Aron Brand; [EMAIL PROTECTED] Subject: Re: [LARTC] Ingress Shaping using IMQ On Monday 19 January 2004 14:19, Aron Brand wrote: > Hi Guys, > > Here is a question that is probably of concern to many of us. > > I am under pressure to provide some solution for ingress traffic > shaping. What my customer demands is to divide the downstream > (ingress) of an ADSL lines to two classes of traffic - important > traffic and non important downloads. He has a very reasonable > requirement: he wants a guarantee of at least 1000kbps at all times > for the important traffic on the downstream. > > Using ingress policing would be the trivial solution. But no says the > customer - when the important traffic is not fully utilizing its rate, > I want it to share the excess with other classes. > After looking around, the answer I found was to use imq, which claims > to allow traffic shaping on ingress traffic. So far so good. > > And now I arrive to the question: It is possible to configure > everything in THEORY. The question is, it it really possible for me to > give the guarantee that my customer is asking for? I can think of > examples why it seems that the answer is no. For example, lets say the > ingress line is completely saturated with non-important traffic. How > on earth can the poor HTB determine whether important traffic is being > drowned out - or there is simply no important traffic? It can, but it will take some time before the non-important traffic will slow down. > My speculation so far - it is possible to configure these rules, and > indeed this is what IMQ was invented for, but in true life there is no > solution that works - since it is inherently impossible! It's impossible because you can never control what people send to you. Tcp will throttle down if there is less bandwidth, but this can take some time. So you can only hope the other side will stop sending packets if you drop packets (I try the same with spam but it'snot woring :( ) > Has anyone really created and tested a working ingress traffic shaping > solution? You don't need imq for this. If you put a router (or bridge) between the ADSL and the LAN, you can shape on both interfaces. So the LAN interface can be used to shape incoming traffic. Stef -- [EMAIL PROTECTED] "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Ingress Shaping using IMQ
On Monday 19 January 2004 14:19, Aron Brand wrote: > Hi Guys, > > Here is a question that is probably of concern to many of us. > > I am under pressure to provide some solution for ingress traffic > shaping. What my customer demands is to divide the downstream (ingress) > of an ADSL lines to two classes of traffic - important traffic and non > important downloads. He has a very reasonable requirement: he wants a > guarantee of at least 1000kbps at all times for the important traffic on > the downstream. > > Using ingress policing would be the trivial solution. But no says the > customer - when the important traffic is not fully utilizing its rate, I > want it to share the excess with other classes. > After looking around, the answer I found was to use imq, which claims to > allow traffic shaping on ingress traffic. So far so good. > > And now I arrive to the question: It is possible to configure everything > in THEORY. The question is, it it really possible for me to give the > guarantee that my customer is asking for? I can think of examples why it > seems that the answer is no. For example, lets say the ingress line is > completely saturated with non-important traffic. How on earth can the > poor HTB determine whether important traffic is being drowned out - or > there is simply no important traffic? It can, but it will take some time before the non-important traffic will slow down. > My speculation so far - it is possible to configure these rules, and > indeed this is what IMQ was invented for, but in true life there is no > solution that works - since it is inherently impossible! It's impossible because you can never control what people send to you. Tcp will throttle down if there is less bandwidth, but this can take some time. So you can only hope the other side will stop sending packets if you drop packets (I try the same with spam but it'snot woring :( ) > Has anyone really created and tested a working ingress traffic shaping > solution? You don't need imq for this. If you put a router (or bridge) between the ADSL and the LAN, you can shape on both interfaces. So the LAN interface can be used to shape incoming traffic. Stef -- [EMAIL PROTECTED] "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Ingress Shaping using IMQ
Title: Ingress Shaping using IMQ Hi Guys, Here is a question that is probably of concern to many of us. I am under pressure to provide some solution for ingress traffic shaping. What my customer demands is to divide the downstream (ingress) of an ADSL lines to two classes of traffic - important traffic and non important downloads. He has a very reasonable requirement: he wants a guarantee of at least 1000kbps at all times for the important traffic on the downstream. Using ingress policing would be the trivial solution. But no says the customer - when the important traffic is not fully utilizing its rate, I want it to share the excess with other classes. After looking around, the answer I found was to use imq, which claims to allow traffic shaping on ingress traffic. So far so good. And now I arrive to the question: It is possible to configure everything in THEORY. The question is, it it really possible for me to give the guarantee that my customer is asking for? I can think of examples why it seems that the answer is no. For example, lets say the ingress line is completely saturated with non-important traffic. How on earth can the poor HTB determine whether important traffic is being drowned out - or there is simply no important traffic? My speculation so far - it is possible to configure these rules, and indeed this is what IMQ was invented for, but in true life there is no solution that works - since it is inherently impossible! Has anyone really created and tested a working ingress traffic shaping solution? Aron
