Re: [LARTC] Wondershaper - question
Matthias Lendholt wrote: Those are port lists, not the line speed. They should be more like NOPRIOPORTDST="53 21 22" or similar. Check the docs for more help on it. Hi, I have a question conercing wondershaper. I'm using the Clarkconnect linux distribution for my linux router and I tried to use wondershaper. On start up of wshaper, there are no errors or any other problems but I'm not sure if it's running correctly. Only one qdisc / one class is used and when I start an uplink ftp transfer, my ping time is growing up to 1700ms - I don't think that there is anything shaped oder scheduled. In the wshaper file I set the up- and downlink values and for the p2p I set this: # low priority source ports NOPRIOPORTSRC=4662 # low priority destination ports NOPRIOPORTDST=4662 -- http://www.ivanhawkes.com | ICQ: 173-392-038 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Wondershaper - question
Hi, I have a question conercing wondershaper. I'm using the Clarkconnect linux distribution for my linux router and I tried to use wondershaper. On start up of wshaper, there are no errors or any other problems but I'm not sure if it's running correctly. Only one qdisc / one class is used and when I start an uplink ftp transfer, my ping time is growing up to 1700ms - I don't think that there is anything shaped oder scheduled. In the wshaper file I set the up- and downlink values and for the p2p I set this: # low priority source ports NOPRIOPORTSRC=4662 # low priority destination ports NOPRIOPORTDST=4662 Then i start it: [EMAIL PROTECTED] bin]# wshaper start [EMAIL PROTECTED] bin]# One or two minutes later (with p2p traffic and some pings) i got this: [EMAIL PROTECTED] bin]# wshaper status qdisc ingress : Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc sfq 30: quantum 1514b perturb 10sec Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc sfq 20: quantum 1514b perturb 10sec Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc sfq 10: quantum 1514b perturb 10sec Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc cbq 1: rate 10Mbit (bounded,isolated) prio no-transmit Sent 1116535 bytes 6148 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1: root rate 10Mbit (bounded,isolated) prio no-transmit Sent 1117031 bytes 6154 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:10 parent 1:1 leaf 10: rate 120Kbit prio 1 Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:1 parent 1: rate 120Kbit (bounded,isolated) prio 5 Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:20 parent 1:1 leaf 20: rate 108Kbit prio 2 Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:30 parent 1:1 leaf 30: rate 96Kbit prio 2 Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 [EMAIL PROTECTED] bin]# As you can see, just qdisc 1: is used. The same behavior after hours of running wshaper; only this one qdisc is used. Has anyone an idea why this happens? Thanks, Matthias Lendholt (Berlin, Germany) ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wondershaper question
gypsy wrote: > Also > remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not > "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m > limit --limit ##/second -j ACCEPT > iptables -j DROP > and make sure that these 2 lines preceed any RELATED, ESTABLISHED > accepts. Note that the real iptables rules include either --dport ## or > --sport ##, depending on what the rule accomplishes. Note further that > downloads are on INPUT so I specify -A INPUT to throttle D/L. > If you use htb or other shaping qdiscs on a router, you can set it up so that it sees packets that are leaving both interfaces and can therefore shape traffic in both directions. Sure, you can't shape traffic destined for the router itself, but that's rarely an issue. -Corey ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wondershaper question
gypsy wrote: AFTERTHOUGHT: I should have been more precise: > Yes, but be careful with NAT; finding 192.168.1.# can be tough. Also > remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not > "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m > limit --limit ##/second -j ACCEPT > iptables -j DROP > and make sure that these 2 lines preceed any RELATED, ESTABLISHED > accepts. Note that the real iptables rules include either --dport ## or > --sport ##, depending on what the rule accomplishes. Note further that > downloads are on INPUT so I specify -A INPUT to throttle D/L. iptables is "rate limiting" not "shaping". NATted users are rate limited on the FORWARD chain, not INPUT. gypsy ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wondershaper question
> Chris Winfield-Blum wrote: > > Hi I am very unclear about the wonder shaper and a bit of a novice > with Unix all together > > I have a question for you and I hope you can answer > > Basically my office is getting a couple of people slowing down the > network so ive been looking around and found wondershaper > > What I want to know is that can I rather than having low priority > ports have it with high priority ports Sure. > And the same with high priority hosts... Of course. > Can I have it so that say for example 192.168.1.2 192.168.1.3 are high > priority and port 20 22 80 443 110 25 etc are high priority? Yes, but be careful with NAT; finding 192.168.1.# can be tough. Also remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m limit --limit ##/second -j ACCEPT iptables -j DROP and make sure that these 2 lines preceed any RELATED, ESTABLISHED accepts. Note that the real iptables rules include either --dport ## or --sport ##, depending on what the rule accomplishes. Note further that downloads are on INPUT so I specify -A INPUT to throttle D/L. > Also how do I clear the rules I have made with the script?? > If I want it to return to the default for example?? Read the effing script, man! > > Thanks > > Chris Please don't post using HTML. Here is a modified "wonder" script I call "ultimate"... http://andthatsjazz.net:8/ultimate.txt HTH gypsy ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wondershaper question
Chris Winfield-Blum wrote: > Maybe there is another solution to this problem? > > The problem is that I have had a couple of users on the network hogging > the bandwidth and while we do have a policy implemented sometimes the > downloads are genuinely work related (eg downloaded a new version of an > application we use for development) > > Sooo what I NEED is > > A script that will ensure that ports 80, 25, 110, 443, etc are priority > Then that these are then are then "shaped" to not allow one person to > hog it all. > > In an IDEAL situation I would like to break it up into classes > > Server Class: that has access to ALL ports and are priority for any > traffic (maybe I can set them a guaranteed 100Kb/s) > > User Class: that has priority access (that doesn't override the server > class) to ports 80, 25, 110 etc. Perhaps the remaining 156Kb/s is > divided evenly? > > Any suggestions? Im really NEW to this and would love some example > scripts (preferably commently highly :P hehe) > > This was the address of the other script that I found: > http://www.surestorm.com/qos/ > > I am not "set" on using wondershaper.. > > Thanks for all your help > > Chris > Wondershaper and other such scripts are good examples, but if you want very fine-grained control of your traffic shaping, you'll probably want to write your own script (or at least tweak one). Don't be intimidated by the apparent complexity of the examples you see -- although the commands for shaping traffic are probably unlike anything you've seen before, they're not hard to understand after reading the available documentation. Of course, www.lartc.org is a good place to start. Look through chapter 9, but don't worry if you don't understand everything the first time. The qdisc you want to use is htb (as you can see, that's the heart of wondershaper), and there's a good in-depth description at: http://luxik.cdi.cz/~devik/qos/htb/ (follow the link for "user guide"). -Corey ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] wondershaper question
Maybe there is another solution to this problem? The problem is that I have had a couple of users on the network hogging the bandwidth and while we do have a policy implemented sometimes the downloads are genuinely work related (eg downloaded a new version of an application we use for development) Sooo what I NEED is A script that will ensure that ports 80, 25, 110, 443, etc are priority Then that these are then are then "shaped" to not allow one person to hog it all. In an IDEAL situation I would like to break it up into classes Server Class: that has access to ALL ports and are priority for any traffic (maybe I can set them a guaranteed 100Kb/s) User Class: that has priority access (that doesn't override the server class) to ports 80, 25, 110 etc. Perhaps the remaining 156Kb/s is divided evenly? Any suggestions? Im really NEW to this and would love some example scripts (preferably commently highly :P hehe) This was the address of the other script that I found: http://www.surestorm.com/qos/ I am not "set" on using wondershaper.. Thanks for all your help Chris ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] wondershaper question
On Thursday 01 April 2004 21:03, Chris Winfield-Blum wrote: > Hi I am very unclear about the wonder shaper and a bit of a novice > with Unix all together > > I have a question for you and I hope you can answer > > Basically my office is getting a couple of people slowing down the I would seriously suggest you attempt the social engineering route first if at all possible. > network so ive been looking around and found wondershaper > What I want to know is that can I rather than having low priority > ports have it with high priority ports > > And the same with high priority hosts... Wondershaper seems to essentially allow you to put traffic you don't like in the dog house. It doesn't seem to offer a facility to let you pick which ports or hosts constitute high priority traffic. > > > Can I have it so that say for example 192.168.1.2 192.168.1.3 are high > priority and port 20 22 80 443 110 25 etc are high priority? Not as it is written. > Also how do I clear the rules I have made with the script?? Try calling it with the keyword 'stop': bash wshaper.sh stop Which will perform: # clean existing down- and uplink qdiscs, hide errors tc qdisc del dev $DEV root2> /dev/null > /dev/null tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null > If I want it to return to the default for example?? > > Thanks > > Chris -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] wondershaper question
Hi I am very unclear about the wonder shaper and a bit of a novice with Unix all together I have a question for you and I hope you can answer Basically my office is getting a couple of people slowing down the network so ive been looking around and found wondershaper What I want to know is that can I rather than having low priority ports have it with high priority ports And the same with high priority hosts... Can I have it so that say for example 192.168.1.2 192.168.1.3 are high priority and port 20 22 80 443 110 25 etc are high priority? Also how do I clear the rules I have made with the script?? If I want it to return to the default for example?? Thanks Chris
