On 9/13/10 4:54 AM, Brian J. Murrell wrote: > On Sun, 2010-09-12 at 06:58 -0700, Tom Eastep wrote: >> >> If you want that, use the complex TC. > > I suppose the policy routing features of complex TC are not available > with simple TC anyway, so complex TC looks like what I need to use > anyway.
I resurrected some old code that I had implemented earlier and performed
some more testing. Attached is a patch against
/usr/share/shorewall/Shorewall/Tc.pm. It applies (with offsets) to
4.4.11 and later versions.
It adds an OUT-BANDWIDTH column to /etc/shorewall/tcinterfaces. This
column contains:
<rate>:<latency>[:[<peak>][:[<minburst>]]]
where the terms are explained in tc-tbf(8).
I have a 5mbit uplink and I placed 4500kbit:100kb:200ms in the new
column. I then pinged while running several speed tests at speedtest.net.
My /etc/shorewall/tcpri:
#BAND PROTO PORT(S) ADDRESS INTERFACE
3 - - 70.90.191.124/31
3 ipp2p:all bit
2 udp 53
1 icmp 8
The results:
--- xx.xx.xx.xx ping statistics ---
263 packets transmitted, 263 received, 0% packet loss, time 273041ms
rtt min/ave/max/mdev = 6.130/8.876/72.844/5.497 ms
#gateway:/etc/shorewall# shorewall show tc
Shorewall 4.4.13-Beta4 Traffic Control at gateway - Mon Sep 13 07:44:50
PDT 2010
Device eth1:
qdisc ingress ffff: parent ffff:fff1 ----------------
Sent 46057721 bytes 48914 pkt (dropped 399, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc tbf 1: root rate 4500Kbit burst 100Kb/8 mpu 0b lat 200.0ms
Sent 31738156 bytes 45487 pkt (dropped 137, overlimits 31095 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc prio 101: parent 1: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 31738156 bytes 45487 pkt (dropped 137, overlimits 0 requeues 31095)
rate 0bit 0pps backlog 0b 0p requeues 31095
qdisc sfq 1011: parent 101:1 limit 127p quantum 1875b flows 127/1024
perturb 10sec
Sent 25774 bytes 263 pkt (dropped 0, overlimits 0 requeues 3)
rate 0bit 0pps backlog 0b 0p requeues 3
qdisc sfq 1012: parent 101:2 limit 127p quantum 1875b flows 127/1024
perturb 10sec
Sent 30716576 bytes 44243 pkt (dropped 137, overlimits 0 requeues 30309)
rate 0bit 0pps backlog 0b 0p requeues 30309
qdisc sfq 1013: parent 101:3 limit 127p quantum 1875b flows 127/1024
perturb 10sec
Sent 995806 bytes 981 pkt (dropped 0, overlimits 0 requeues 783)
rate 0bit 0pps backlog 0b 0p requeues 783
class tbf 1:1 parent 1: leaf 101:
class prio 101:1 parent 101: leaf 1011:
Sent 25774 bytes 263 pkt (dropped 0, overlimits 0 requeues 3)
backlog 0b 0p requeues 3
class prio 101:2 parent 101: leaf 1012:
Sent 30716874 bytes 44245 pkt (dropped 137, overlimits 0 requeues 30309)
backlog 0b 0p requeues 30309
class prio 101:3 parent 101: leaf 1013:
Sent 995806 bytes 981 pkt (dropped 0, overlimits 0 requeues 783)
backlog 0b 0p requeues 783
Because the TBF qdisc is applied before the prio qdisc, I suspect that
the prio qdisc is pretty ineffective (although it still dropped 137
speedtest packets). But the overall goal of reducing latency seems to
have been met. Previous tests resulted in max TTL for ping of > 200ms
YYMV
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm
index 8a6e363..8551fdb 100644
--- a/Shorewall/Perl/Shorewall/Tc.pm
+++ b/Shorewall/Perl/Shorewall/Tc.pm
@@ -468,7 +468,7 @@ sub process_flow($) {
}
sub process_simple_device() {
- my ( $device , $type , $in_bandwidth ) = split_line 1, 3, 'tcinterfaces';
+ my ( $device , $type , $in_bandwidth , $out_part ) = split_line 1, 4,
'tcinterfaces';
fatal_error "Duplicate INTERFACE ($device)" if $tcdevices{$device};
fatal_error "Invalid INTERFACE name ($device)" if $device =~ /[:+]/;
@@ -503,7 +503,48 @@ sub process_simple_device() {
"run_tc filter add dev $physical parent ffff: protocol all prio 10
u32 match ip src 0.0.0.0/0 police rate ${in_bandwidth}kbit burst 10k drop
flowid :1\n"
) if $in_bandwidth;
- emit "run_tc qdisc add dev $physical root handle $number: prio bands 3
priomap $config{TC_PRIOMAP}";
+ if ( $out_part ne '-' ) {
+ my ( $out_bandwidth, $burst, $latency, $peak, $minburst ) = split ':',
$out_part;
+
+ fatal_error "Invalid Out-BANDWIDTH ($out_part)" if ( defined $minburst
&& $minburst =~ /:/ ) || $out_bandwidth eq '';
+
+ $out_bandwidth = rate_to_kbit( $out_bandwidth );
+
+ my $command = "run_tc qdisc add dev $physical root handle $number: tbf
rate ${out_bandwidth}kbit";
+
+ if ( defined $burst && $burst ne '' ) {
+ fatal_error "Invalid burst ($burst)" unless $burst =~
/^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
+ $command .= " burst $burst";
+ } else {
+ fatal_error "Missing OUT-BANDWIDTH Burst ($out_part)";
+ }
+
+ if ( defined $latency && $latency ne '' ) {
+ fatal_error "Invalid latency ($latency)" unless $latency =~
/^\d+(s|sec|secs|ms|msec|msecs|us|usec|usecs)?$/;
+ $command .= " latency $latency";
+ } else {
+ fatal_error "Missing OUT-BANDWIDTH Latency ($out_part)";
+ }
+
+ if ( defined $peak && $peak ne '' ) {
+ fatal_error "Invalid peak ($peak)" unless $peak =~
/^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
+ $command .= " peakrate $peak";
+ }
+
+ if ( defined $minburst && $minburst ne '' ) {
+ fatal_error "Invalid minburst ($minburst)" unless $minburst =~
/^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
+ $command .= " minburst $minburst";
+ }
+
+ emit $command;
+
+ my $id = $number;
+ $number = in_hexp( $devnum | 0x100 );
+
+ emit "run_tc qdisc add dev $physical parent $id: handle $number: prio
bands 3 priomap $config{TC_PRIOMAP}";
+ } else {
+ emit "run_tc qdisc add dev $physical root handle $number: prio bands 3
priomap $config{TC_PRIOMAP}";
+ }
for ( my $i = 1; $i <= 3; $i++ ) {
emit "run_tc qdisc add dev $physical parent $number:$i handle
${number}${i}: sfq quantum 1875 limit 127 perturb 10";
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
