I''m trying to shape each machine on an interface to 256k each, but
I''m
getting stuck and only able to shape an entire interface to 256k. What
should I be doing differently here?
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb default 10
tc class add dev eth0 parent 1: classid 1:1 htb rate 100MBit ceil 100MBit
tc qdisc add dev eth0 parent 1:10 handle 110: sfq perturb 10
tc class add dev eth0 parent 1:1 classid 1:10 htb \
rate 256kbit ceil 256kbit prio 0
tc filter add dev eth0 parent 1:0 protocol ip pref 1 u32 \
match ip src 10.7.15.0/24 flowid 1:10
Thanks
dave
--
Dave Weis
djweis@internetsolver.com
http://www.internetsolver.com/
Dnia niedziela, 4 grudnia 2005 23:11, Dave Weis napisał(a):> I''m trying to shape each machine on an interface to 256k each, but I''m > getting stuck and only able to shape an entire interface to 256k. What > should I be doing differently here? > > tc qdisc del dev eth0 root > > tc qdisc add dev eth0 root handle 1: htb default 10 > > tc class add dev eth0 parent 1: classid 1:1 htb rate 100MBit ceil 100MBit > > tc qdisc add dev eth0 parent 1:10 handle 110: sfq perturb 10 > > tc class add dev eth0 parent 1:1 classid 1:10 htb \ > rate 256kbit ceil 256kbit prio 0 > > tc filter add dev eth0 parent 1:0 protocol ip pref 1 u32 \ > match ip src 10.7.15.0/24 flowid 1:10That''s because you are putting all /24 network into one single HTB. You have to make one HTB (SFQ for every user helps a lot too) for each computer in the network: tc qdisc del root dev eth1 tc qdisc add root dev eth1 handle 1: htb default 1 tc class add dev eth1 parent 1: classid 1:1 htb \ rate 1000Mbit ceil 1000Mbit burst 100kbit tc class add dev eth1 parent 1:1 classid 1:2 htb \ rate 64kbit ceil 256kbit quantum 2000 burst 10kbit tc qdisc add dev eth1 parent 1:2 handle 2: sfq perturb 5 quantum 1500b tc class add dev eth1 parent 1:1 classid 1:3 htb \ rate 80kbit ceil 320kbit quantum 2000 burst 10kbit tc qdisc add dev eth1 parent 1:3 handle 3: sfq perturb 5 quantum 1500b ... tc class add dev eth1 parent 1:1 classid 1:254 htb \ rate 64kbit ceil 256kbit quantum 2000 burst 10kbit tc qdisc add dev eth1 parent 1:254 handle 254: sfq perturb 5 quantum 1500b Putting all computers to proper HTBs with separate filters can make high load on your machine, so it is best to use hashing filters. -- | pozdrawiam / greetings | powered by Trustix, Gentoo and FreeBSD | | Kajetan Staszkiewicz | JID: vegeta@chrome.pl | | Vegeta | IMQ devnames: http://tuxpowered.net | `------------------------^----------------------------------------''
On Sunday 04 December 2005 23:11, Dave Weis wrote:> What should I be doing differently here? > > tc qdisc del dev eth0 root > > tc qdisc add dev eth0 root handle 1: htb default 10 > > tc class add dev eth0 parent 1: classid 1:1 htb rate 100MBit ceil > 100MBit > > tc qdisc add dev eth0 parent 1:10 handle 110: sfq perturb 10 > > tc class add dev eth0 parent 1:1 classid 1:10 htb \ > rate 256kbit ceil 256kbit prio 0 > > tc filter add dev eth0 parent 1:0 protocol ip pref 1 u32 \ > match ip src 10.7.15.0/24 flowid 1:10You create a class only after you already attached a qdisc to it. Did you mix up the order of the commands or does that actually work? Anyway, you seem to be putting all traffic (local or not) into one 256kbit class, which will result in what you''re describing (whole interface limited to 256k). A HTB class always imposes a global limit, not a limit per machine. If you want a per-machine limit, you have to create an extra class for each and every one machine. HTH Andreas Klauer
Dnia poniedziałek, 5 grudnia 2005 13:58, Dave Weis napisał(a):> > That''s because you are putting all /24 network into one single HTB. You > > have to make one HTB (SFQ for every user helps a lot too) for each > > computer in the network: > > > > tc qdisc del root dev eth1 > > tc qdisc add root dev eth1 handle 1: htb default 1 > > tc class add dev eth1 parent 1: classid 1:1 htb \ > > rate 1000Mbit ceil 1000Mbit burst 100kbit > > > > tc class add dev eth1 parent 1:1 classid 1:2 htb \ > > rate 64kbit ceil 256kbit quantum 2000 burst 10kbit > > tc qdisc add dev eth1 parent 1:2 handle 2: sfq perturb 5 quantum 1500b > > > > tc class add dev eth1 parent 1:1 classid 1:3 htb \ > > rate 80kbit ceil 320kbit quantum 2000 burst 10kbit > > tc qdisc add dev eth1 parent 1:3 handle 3: sfq perturb 5 quantum 1500b > > Do I still need to connect the IP to the class and qdisc with the filter > add command?Yes you do. I didn''t write any because I mentioned hashing filters later ;)> > Putting all computers to proper HTBs with separate filters can make high > > load on your machine, so it is best to use hashing filters. > > Is there any rule of thumb on how much bandwidth you can handle for a > general size of machine? This is two 7 meg DSL connections, a 1.7 GHz > Celeron, and 200 users.I don''t know, I was always working with hashing filters. But I heared people complaining about high load if they have big networks. Hash filtering goes like this: # create main filter divided into 256 filters... tc filter add dev eth1 parent 1:0 prio 5 protocol ip u32 tc filter add dev eth1 parent 1:0 handle 2: \ prio 5 protocol ip u32 divisor 256 # now we create many filters... they direct packets into # proper HTB. In fact they don''t even have to check anything! # hash filtering will put packets into proper filter # (here is only checking if ip address is from proper network) # important: ht is defined in hexdecimal! # 1:2 ... 1:254 are HTBs for each user tc filter add dev eth1 protocol ip parent 1:0 \ prio 5 u32 ht 2:2: match ip dst 192.168.2.0/24 flowid 1:2 tc filter add dev eth1 protocol ip parent 1:0 \ prio 5 u32 ht 2:3: match ip dst 192.168.2.0/24 flowid 1:3 tc filter add dev eth1 protocol ip parent 1:0 \ prio 5 u32 ht 2:4: match ip dst 192.168.2.0/24 flowid 1:4 ... tc filter add dev eth1 protocol ip parent 1:0 \ prio 5 u32 ht 2:fd: match ip dst 192.168.2.0/24 flowid 1:253 tc filter add dev eth1 protocol ip parent 1:0 \ prio 5 u32 ht 2:fe: match ip dst 192.168.2.0/24 flowid 1:254 # now add the hashing filter - it takes the number from 16th byte # of IP header with mask 0x000000ff - the last number of IP address # so it just reads one byte and directs packet to filter with # the same number (this filter sends it to proper HTB) - this is really fast! tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.2.0/24 hashkey mask 0x000000ff at 16 link 2: summary: check ip address -> go to filter numbered as the ip address -> redirect to HTB Position 16 in IP header is dst address. If you need src address (for example on IMQ interface for incoming traffic (upload from users)) then you need check address at position 12. some piece of example is also here: http://lartc.org/howto/lartc.adv-filter.hashing.html -- | pozdrawiam / greetings | powered by Trustix, Gentoo and FreeBSD | | Kajetan Staszkiewicz | JID: vegeta@chrome.pl | | Vegeta | IMQ devnames: http://tuxpowered.net | `------------------------^----------------------------------------''