Hello all,
I have set my QoS solution and now I am facing a little problem...
When I ping to my server it has some lost packages:
Estatísticas do Ping para 172.30.0.1:
Pacotes: SENDED = 1029, RETURNED = 880, LOST = 149 (14% de perda),
Aproximar um número redondo de vezes em milissegundos:
Mínimo = 0ms, Máximo = 686ms, Média = 105ms
If I disable my QoS ping stats to be ok. I even have tryed to make a
filter for ICMP protocol (using u32 as it is writen into LARTC how-to)
but it did not work. How can I solve this problem?
------------------------------------------------------------------------
#!/bin/sh
#------
# Script de QoS Cyber Nett
#------
# Nataniel Klug
# suporte@cnett.com.br
#------
TC="/sbin/tc"
IPT="/usr/local/sbin/iptables"
$IPT -t mangle -X
$IPT -t mangle -F
DL="eth1"
#------
# Apagando regras antigas de QoS
#------
$TC qdisc del dev $DL root 2> /dev/null > /dev/null
$TC qdisc del dev $DL ingress 2> /dev/null > /dev/null
#------
# Regras para a placa eth1
#------
$TC qdisc add dev $DL root handle 1: htb default 50
CLASS="/sbin/tc class add dev $DL parent"
$CLASS 1: classid 1:1 htb rate 3072Kbit
$CLASS 1:1 classid 1:10 htb rate 1024Kbit ceil 1024Kbit
$CLASS 1:1 classid 1:20 htb rate 1536Kbit ceil 2560Kbit
$CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 1024Kbit
$CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 1024Kbit
$CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 1024Kbit
QDISC="/sbin/tc qdisc add dev $DL parent"
$QDISC 1:10 handle 10: sfq perturb 10
$QDISC 1:20 handle 20: sfq perturb 10
$QDISC 1:30 handle 30: sfq perturb 10
$QDISC 1:40 handle 40: sfq perturb 10
$QDISC 1:50 handle 50: sfq perturb 10
FILTER="/sbin/tc filter add dev $DL parent 1:0 protocol ip prio 1 u32"
$FILTER match ip sport 22 0xffff flowid 1:10
$FILTER match ip sport 23 0xffff flowid 1:10
$FILTER match ip sport 2202 0xffff flowid 1:10
$FILTER match ip sport 80 0xffff flowid 1:20
$FILTER match ip sport 443 0xffff flowid 1:20
$FILTER match ip sport 3128 0xffff flowid 1:20
$FILTER match ip sport 53 0xffff flowid 1:30
$FILTER match ip sport 25 0xffff flowid 1:30
$FILTER match ip sport 110 0xffff flowid 1:30
$FILTER match ip sport 21 0xffff flowid 1:40
> CLASS="/sbin/tc class add dev $DL parent" > $CLASS 1: classid 1:1 htb rate 3072Kbit > $CLASS 1:1 classid 1:10 htb rate 1024Kbit ceil 1024Kbit > $CLASS 1:1 classid 1:20 htb rate 1536Kbit ceil 2560Kbit > $CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 1024Kbit > $CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 1024Kbit > $CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 1024Kbit >For starters you might want to fix these rates. 1024+1536+512+512+512 != 3072 Over allocating may be causing the high number of dropped packets, and its at least worth fixing before trying anything else. Make sure child classes rates never add up to greater than the parents rate, in your case 3072Kbit. Beyond that though I don''t see anything obvious. You''re using sfq which what I usually see recommended to increase the queue size and avoid dropped packets. - Jody
>> CLASS="/sbin/tc class add dev $DL parent" >> $CLASS 1: classid 1:1 htb rate 3072Kbit >> $CLASS 1:1 classid 1:10 htb rate 1024Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:20 htb rate 1536Kbit ceil 2560Kbit >> $CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 1024Kbit >> >> > > For starters you might want to fix these rates. > 1024+1536+512+512+512 != 3072 > > Over allocating may be causing the high number of dropped packets, and > its at least worth fixing before trying anything else. Make sure child > classes rates never add up to greater than the parents rate, in your > case 3072Kbit. Beyond that though I don''t see anything obvious. You''re > using sfq which what I usually see recommended to increase the queue > size and avoid dropped packets. > > - Jody > >Jody, Thanks for your help. I changed the rules about child process and it have no effect on ping time, my script now shows like the one it is into the end of this email. Ping response: Estatísticas do Ping para 172.30.0.1: Pacotes: SENDED = 10, RECEIVED = 6, LOST = 4 (40% LOST), Aproximar um número redondo de vezes em milissegundos: Mínimo = 315ms, Máximo = 423ms, Média = 371ms If I put this filter: $FILTER match ip protocol 1 0xff flowid 1:10 Then I will have a very good response time from outside world server (like pinging into a big domain like www.uol.com.br), but when I try to ping into my own server (the gateway of my network) it returns that big size time and a big lost: Estatísticas do Ping para 200.221.2.45: Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de perda), Aproximar um número redondo de vezes em milissegundos: Mínimo = 17ms, Máximo = 21ms, Média = 18ms Att, Nataniel Klug ------------------------------------------------------------------------ #!/bin/sh #------ # Script de QoS Cyber Nett #------ # Nataniel Klug # suporte@cnett.com.br #------ TC="/sbin/tc" IPT="/usr/local/sbin/iptables" DL="eth1" #------ # Apagando regras antigas de QoS #------ $TC qdisc del dev $DL root 2> /dev/null > /dev/null $TC qdisc del dev $DL ingress 2> /dev/null > /dev/null #------ # Regras para a placa eth1 #------ $TC qdisc add dev $DL root handle 1: htb default 50 CLASS="/sbin/tc class add dev $DL parent" $CLASS 1: classid 1:1 htb rate 3072Kbit $CLASS 1:1 classid 1:10 htb rate 256Kbit $CLASS 1:1 classid 1:20 htb rate 1024Kbit ceil 2048Kbit $CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 1024Kbit $CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 512Kbit $CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 512Kbit QDISC="/sbin/tc qdisc add dev $DL parent" $QDISC 1:10 handle 10: sfq perturb 10 $QDISC 1:20 handle 20: sfq perturb 10 $QDISC 1:30 handle 30: sfq perturb 10 $QDISC 1:40 handle 40: sfq perturb 10 $QDISC 1:50 handle 50: sfq perturb 10 FILTER="/sbin/tc filter add dev $DL parent 1:0 protocol ip prio 1 u32" $FILTER match ip protocol 1 0xff flowid 1:10 $FILTER match ip sport 22 0xffff flowid 1:10 $FILTER match ip sport 23 0xffff flowid 1:10 $FILTER match ip sport 2202 0xffff flowid 1:10 $FILTER match ip sport 80 0xffff flowid 1:20 $FILTER match ip sport 443 0xffff flowid 1:20 $FILTER match ip sport 3128 0xffff flowid 1:20 $FILTER match ip sport 53 0xffff flowid 1:30 $FILTER match ip sport 25 0xffff flowid 1:30 $FILTER match ip sport 110 0xffff flowid 1:30 $FILTER match ip sport 21 0xffff flowid 1:40
Jody, I think I have founded the problem. This interface uses a Realtek RTL8139D network pci card. I have made many tests and I am thinking that this is the problem. When I sended all traffic to another network card (3Com 905-TXM) it worked fine. I will redo my concept about this hole thing. Thanks for all answers I have get. Att, Nataniel Klug Jody Shumaker escreveu:>> CLASS="/sbin/tc class add dev $DL parent" >> $CLASS 1: classid 1:1 htb rate 3072Kbit >> $CLASS 1:1 classid 1:10 htb rate 1024Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:20 htb rate 1536Kbit ceil 2560Kbit >> $CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 1024Kbit >> $CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 1024Kbit >> >> > > For starters you might want to fix these rates. > 1024+1536+512+512+512 != 3072 > > Over allocating may be causing the high number of dropped packets, and > its at least worth fixing before trying anything else. Make sure child > classes rates never add up to greater than the parents rate, in your > case 3072Kbit. Beyond that though I don''t see anything obvious. You''re > using sfq which what I usually see recommended to increase the queue > size and avoid dropped packets. > > - Jody > >
Nataniel Klug wrote:> # Regras para a placa eth1 > #------ > $TC qdisc add dev $DL root handle 1: htb default 50You are using htb default on eth - unless you make a filter for arp it will also end up in 1:50 which may or may not be the problem - you should fix it anyway. tc filter add ..... protocol arp u32 match u32 0 0 .... or stop using htb default class and make a catch all ip filter to send the rest to 50. Andy.
Andy, I will try to make this rule and see what happens. Thanks. Att, Nataniel Klug Andy Furniss escreveu:> Nataniel Klug wrote: > >> # Regras para a placa eth1 >> #------ >> $TC qdisc add dev $DL root handle 1: htb default 50 > > You are using htb default on eth - unless you make a filter for arp it > will also end up in 1:50 which may or may not be the problem - you > should fix it anyway. > > tc filter add ..... protocol arp u32 match u32 0 0 .... > > or stop using htb default class and make a catch all ip filter to send > the rest to 50. > > Andy. > >