Hello to everybody, We want integrate in a router/firewall (Debian Based, 2.6 Kernel), an HTB shaper. The goal is to divide the traffic for classes of workstations, at example in three classes, let say A, B and C. Example: A 70 Mb/s B 20 Mb/s C 10 Mb/s If B don''t make traffic, 7/8 of 20Mb/s must be assigned to A and all the rest at B We have used CBQ and HTB, with poor succes. Anybody can help me please? Many thanks -- Stefano Mainardi _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Sat, May 27, 2006 at 11:28:12PM +0200, Stefano Mainardi wrote:> The goal is to divide the traffic for classes of workstations, at example in > three classes, let say A, B and C.Sounds simple enough...> If B don''t make traffic, 7/8 of 20Mb/s must be assigned to A and all the > rest at BWhy would you assign traffic at B if it doesn''t make traffic?> We have used CBQ and HTB, with poor succes. > Anybody can help me please?Post your HTB script and I (and probably others) will have a look at it. Regards Andreas Klauer
2006/5/27, Andreas Klauer <Andreas.Klauer@metamorpher.de>:> > If B don''t make traffic, 7/8 of 20Mb/s must be assigned to A and all the > > rest at B > > Why would you assign traffic at B if it doesn''t make traffic?Sorry, "all the rest at A" :)> > Post your HTB script and I (and probably others) will have a look at it.This is the script: // #!/bin/bash STEFANO="00:0F:B0:5F:A6:AD" NEWDEV="00:13:D4:20:3B:46" VPN3="00:13:A1:60:3B:AA" MARK_STEFANO=1 MARK_PAOLO=2 MARK_VPN4=3 tc qdisc del dev eth1 root iptables -t mange -F iptables -t mangle -A PREROUTING -i eth0 -m mac -mac-source $STEFANO -j MARK -set-mark $MARK_STEFANO iptables -t mangle -A PREROUTING -i eth0 -m mac -mac-source $PAOLO -j MARK -set-mark $MARK_PAOLO iptables -t mangle -A PREROUTING -i eth0 -m mac -mac-source $VPN4 -j MARK -set-mark $MARK_VPN4 tc qdisc add dev eth1 root handle 11: htb tc class add dev eth1 parent 11:0 classid 11:1 htb rate 100Mbit ceil 100Mbit burst 6k cburst 64k quantum 1600 tc class add dev eth1 parent 11:1 classid 11:2 htb rate 70Mbit ceil 70Mbit burst 6k cburst 64k quantum 1600 tc class add dev eth1 parent 11:1 classid 11:3 htb rate 20Mbit ceil 20Mbit burst 6k cburst 64k quantum 1600 tc class add dev eth1 parent 11:1 classid 11:4 htb rate 10Mbit ceil 10Mbit burst 6k cburst 64k quantum 1600 tc qdisc add dev eth1 parent 11:2 handle 20: sfq preturb 10 tc qdisc add dev eth1 parent 11:3 handle 20: sfq preturb 10 tc qdisc add dev eth1 parent 11:4 handle 20: sfq preturb 10 tc filter add dev eth1 protocol ip handle $MARK_STEFANO fw flowid 11:2 tc filter add dev eth1 protocol ip handle $MARK_PAOLO fw flowid 11:3 tc filter add dev eth1 protocol ip handle $MARK_VPN4 fw flowid 11:2 \\ We have tested this script with CEIL=RATE, and CEIL=100Mbit, but i view that the data-rate calculated for each PC is not proportional to the traffic assigned at Firewall. Many thanks. -- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org -- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Sun, May 28, 2006 at 12:11:10AM +0200, Stefano Mainardi wrote:> >> If B don''t make traffic, 7/8 of 20Mb/s must be assigned to A and all the > >> rest at B > > Sorry, "all the rest at A" :)So, in other words, A is allowed to take bandwidth from B. B and C stick to their bandwidth limits. A tree like this could probably accomplish this: HTB qdisc | \--- HTB root class (100mbit) | \--- HTB class (90mbit|90mbit) | | | \--- HTB class A (70mbit|90mbit) | \--- HTB class B (20mbit|20mbit) | \--- HTB class C (10mbit|10mbit) This way, C and B never borrow any bandwidth (as they have rate==ceil), and if A borrows, it will be from B, as the parent class (which has rate==ceil as well) will never borrow from C.> We have tested this script with CEIL=RATE, and CEIL=100Mbit, but i view that > the data-rate calculated for each PC is not proportional to the traffic > assigned at Firewall.HTB expects to be able to use the full specified rate at any point of time, so you probably should use something lower than 100mbit as a base value. Even in 100mbit networks, you never actually get this rate, due to overhead, collisions, etc. Other than that, are there really just these three classes of traffic going out on eth1? The setup should work, as long as the classification is working properly. Regards Andreas Klauer
2006/5/28, Andreas Klauer <Andreas.Klauer@metamorpher.de>:> > So, in other words, A is allowed to take bandwidth from B. > B and C stick to their bandwidth limits.There is a misunderstanding, sorry. I need to know if it is possible to manage in a dynamic way the assignment of traffic to workstations and of the traffic that they could use. Like I said above, in the case that B is not producing traffic, 7/8 of the 20 MB/s need to be assigned to A and the remaining 1/8 will remain to B. As final result A,B,C could exchange dynamically their "banda". Is possible, to change dynamically their band assignment? -- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Sun, May 28, 2006 at 02:04:57AM +0200, Stefano Mainardi wrote:> Like I said above, in the case that B is not producing traffic, 7/8 of the > 20 MB/s need to be assigned to A and the remaining 1/8 will remain to B.Well, reducing the ceil of A by 1/8 of B''s bandwidth in the tree I posted earlier would do that.> Is possible, to change dynamically their band assignment?The bandwidth in HTB is dynamic, as classes are allowed to borrow bandwidth from other classes depending on their rate-ceil settings. In the tree I posted, the bandwidth behaviour is as follows: 10mbit will be reserved for C at all times, B can use up to 20mbit, A has 70mbit reserved, but can also use 20mbit of B if B is idle. If the borrowing/lending bandwidth between HTB classes is not dynamic enough for you, the only other option you have is to somehow externally delete/create new HTB classes on the fly, which is not a good solution in most situations. Regards Andreas Klauer
2006/5/28, Andreas Klauer <Andreas.Klauer@metamorpher.de>:> > > Is possible, to change dynamically their band assignment? > > The bandwidth in HTB is dynamic, as classes are allowed to borrow > bandwidth from other classes depending on their rate-ceil settings.Thanks for the precious tips. I''ve seen that "ceil rate" with TC is a constant, i want to know if is possible to make dynamic based on the load of the network?> If the borrowing/lending bandwidth between HTB classes is not > dynamic enough for you, the only other option you have is to > somehow externally delete/create new HTB classes on the fly, > which is not a good solution in most situations.With this solution, i can think to create a series of HTB classes for various situation. But is impossible to think! :( Or create a daemon that watch the load of the network and switch from HTB classes to another. -- Stefano Mainardi _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Andreas, if I want that A,B,C can borrow bandwidth from each other? How i can the structure of HTB tree? Stefano 2006/5/28, Andreas Klauer <Andreas.Klauer@metamorpher.de>:> > On Sun, May 28, 2006 at 02:04:57AM +0200, Stefano Mainardi wrote: > > Like I said above, in the case that B is not producing traffic, 7/8 of > the > > 20 MB/s need to be assigned to A and the remaining 1/8 will remain to B. > > Well, reducing the ceil of A by 1/8 of B''s bandwidth in the tree I > posted earlier would do that. > > > Is possible, to change dynamically their band assignment? > > The bandwidth in HTB is dynamic, as classes are allowed to borrow > bandwidth from other classes depending on their rate-ceil settings. > > In the tree I posted, the bandwidth behaviour is as follows: > > 10mbit will be reserved for C at all times, B can use up to 20mbit, > A has 70mbit reserved, but can also use 20mbit of B if B is idle. > > If the borrowing/lending bandwidth between HTB classes is not > dynamic enough for you, the only other option you have is to > somehow externally delete/create new HTB classes on the fly, > which is not a good solution in most situations. > > Regards > Andreas Klauer >_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Stefano Mainardi wrote:> tc class add dev eth1 parent 11:1 classid 11:2 htb rate 70Mbit ceil 70Mbit > burst 6k cburst 64k quantum 1600I am not sure if it matters in this case with the big cburst - but remember burst * 8 * HZ will be the bit rate a class can reach. Andy.
Hi Andy, how i must setup the value for CBURST for my situation? Have you read? Ste 2006/6/1, Andy Furniss <lists@andyfurniss.entadsl.com>:> > Stefano Mainardi wrote: > > > tc class add dev eth1 parent 11:1 classid 11:2 htb rate 70Mbit ceil > 70Mbit > > burst 6k cburst 64k quantum 1600 > > I am not sure if it matters in this case with the big cburst - but > remember burst * 8 * HZ will be the bit rate a class can reach. > > Andy. >-- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Ok, i try without CBURST value. Thanks ;) 2006/6/1, Andy Furniss <lists@andyfurniss.entadsl.com>:> > Stefano Mainardi wrote: > > Hi Andy, > > how i must setup the value for CBURST for my situation? Have you read? > > > > I think the burst is too small - In your case I would just not specify > either burst and let htb choose them. > > Andy. > > > Ste > > > > 2006/6/1, Andy Furniss <lists@andyfurniss.entadsl.com>: > > > >> > >> Stefano Mainardi wrote: > >> > >> > tc class add dev eth1 parent 11:1 classid 11:2 htb rate 70Mbit ceil > >> 70Mbit > >> > burst 6k cburst 64k quantum 1600 > >> > >> I am not sure if it matters in this case with the big cburst - but > >> remember burst * 8 * HZ will be the bit rate a class can reach. > >> > >> Andy. > >> > > > > > > > >-- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Stefano Mainardi wrote:> Hi Andy, > how i must setup the value for CBURST for my situation? Have you read? >I think the burst is too small - In your case I would just not specify either burst and let htb choose them. Andy.> Ste > > 2006/6/1, Andy Furniss <lists@andyfurniss.entadsl.com>: > >> >> Stefano Mainardi wrote: >> >> > tc class add dev eth1 parent 11:1 classid 11:2 htb rate 70Mbit ceil >> 70Mbit >> > burst 6k cburst 64k quantum 1600 >> >> I am not sure if it matters in this case with the big cburst - but >> remember burst * 8 * HZ will be the bit rate a class can reach. >> >> Andy. >> > > >
Stefano Mainardi wrote:> Ok, i try without CBURST value.Without burst aswell ... Andy.
Ops BURST...sorry! And CBURST value you think that is correct? 2006/6/1, Andy Furniss <lists@andyfurniss.entadsl.com>:> > Stefano Mainardi wrote: > > Ok, i try without CBURST value. > > Without burst aswell ... > > Andy. >-- Stefano Mainardi Presidente Associazione ILDN - Italian Linux Distro Network Mobile: 349/3917212 Skype: mainardistefano IM (ICQ): 250-292-408 Blog: http://www.mainardistefano.org _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc