Hi, I''ve read the documentation about HTB and I pretty much managed to grasp how it works. In theory. But there still are some questions and I want to check with you to see if I understand things correctly. So here goes: 1) when used on a router for shaping traffic done by clients connected to it, shaping is done on the interface connected to the cable/dsl modem. If I wanted to create classes for every client on the network, I would have to use iptables to mark packets (using -j MARK) and not filters because, according to http://www.docum.org/docum.org/kptd/ the shaping is done after the SNAT, so all the clients would have the src address rewritten with the public IP. Am I getting this right? 2) shaping inbound traffic is tricky because you can''t control the rate that the packets come to you. Is it a good idea to shape the outgoing traffic to the clients on the LAN side NIC? Would I achieve both upload and download shaping using the same htb script (a script that does shaping using iptables for marking packets and fw for matching them) on both NICs (LAN side and ISP side)? 3) I''ve tried to find an answer to this question but all I got was some similar question a couple of years ago from Martin Brown. What happens if shaping a variable bandwidth link and, at one moment, for a period of time, the available bandwidth goes beyond the rate specified for the class 1:1 (the class attached to the root qdisc)? How will htb act in such a situation? 4) related to 3), I''ve tried to use a syntax like this: "tc clas add dev $ETH parent 1:0 classid 1:1 htb rate $RATE ceil $CEIL", where CEIL > RATE , but the max speed I achieved was the RATE speed. After further reading, I found out that you can''t (well, you can, there''s no syntax error, but it''s useless) specify CEIL for the class attached to the root qdisc because it doesn''t have a parent to borrow from. So is there a way to simulate a variable bandwidth link or should I just set RATE to the highest possible value the bandwidth can reach? 5) related to 1). Is there a (major) difference between -j MARK and -j CLASSIFY? From what I''ve read, -j CLASSIFY sets both the major and minor (major:minor) numbers to be matched while -j MARK only sets the minor. That''s about it for now. :) Thanks ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
On Tuesday 16 August 2005 21:37, Gabriel wrote:> If I wanted to create classes for every client on the network, I would > have to use iptables to mark packets (using -j MARK) and not > filters because, according to > http://www.docum.org/docum.org/kptd/ the shaping is done > after the SNAT, so all the clients would have the src > address rewritten with the public IP. Am I getting this > right?I''m not 100% sure, but I think so. Anyway, I''m more comfortable with iptables than the sometimes rather complicated tc filter syntax. So I try to do most stuff in iptables.> 2) shaping inbound traffic is tricky because you can''t > control the rate that the packets come to you. Is it a good > idea to shape the outgoing traffic to the clients on the > LAN side NIC?Yes, you can''t control the way packets come to you directly. But still, does that mean you should allow an incoming connection to hog the whole bandwidth? Dropping packets slows down incoming tcp connections, and in my case, although dropping means throwing away already-downloaded packets, I feel it improved usability.> Would I achieve both upload and download shaping using the same htb > script (a script that does shaping using iptables for marking packets and > fw for matching them) on both NICs (LAN side and ISP side)?There might be minor differences (on LAN interface, you have to account for internal LAN traffic, e.g. SSH sessions to your router, and other local services you might be running, which do not actually use internet bandwidth.> What happens if shaping a variable bandwidth link and, at one moment, for > a period of time, the available bandwidth goes beyond the rate specified > for the class 1:1 (the class attached to the root qdisc)? How will > htb act in such a situation?I don''t have a variable bandwidth link, but I guess HTB won''t let you use more bandwith than specified in any case.> 4) related to 3), I''ve tried to use a syntax like this: "tc > clas add dev $ETH parent 1:0 classid 1:1 htb rate $RATE > ceil $CEIL", where CEIL > RATE , but the max speed I > achieved was the RATE speed. After further reading, I found > out that you can''t (well, you can, there''s no syntax error, > but it''s useless) specify CEIL for the class attached to > the root qdisc because it doesn''t have a parent to borrow > from. So is there a way to simulate a variable bandwidth > link or should I just set RATE to the highest possible > value the bandwidth can reach?I doubt that HTB was made for variable bandwidth links. Anyway, I suggest you try out both possibilities and use the ones that work best for you. Shaping is always a lot of trial & error in my opinion.> 5) related to 1). Is there a (major) difference between -j > MARK and -j CLASSIFY? From what I''ve read, -j CLASSIFY sets > both the major and minor (major:minor) numbers to be > matched while -j MARK only sets the minor.I haven''t used classify so far, but if I understand it right, it puts packets directly into the appropriate class. If that''s true, it''s a good idea to use it, since it saves you the hassle of first marking packets and then adding tc filter matches for that mark. HTH Andreas
On Tue, Aug 16, 2005 at 12:37:48PM -0700, Gabriel wrote:> 1) when used on a router for shaping traffic done by > clients connected to it, shaping is done on the interface > connected to the cable/dsl modem. If I wanted to create > classes for every client on the network, I would have to > use iptables to mark packets (using -j MARK) and not > filters because, according to > http://www.docum.org/docum.org/kptd/ the shaping is done > after the SNAT, so all the clients would have the src > address rewritten with the public IP. Am I getting this > right?This page: http://mailman.ds9a.nl/pipermail/lartc/2005q1/014656.html (LARTC archive) contains a lot of useful links, one of them: http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png Note right bottom corner of that picture.> 4) related to 3), I''ve tried to use a syntax like this: "tc > clas add dev $ETH parent 1:0 classid 1:1 htb rate $RATE > ceil $CEIL", where CEIL > RATE , but the max speed I > achieved was the RATE speed. After further reading, I found > out that you can''t (well, you can, there''s no syntax error, > but it''s useless) specify CEIL for the class attached to > the root qdisc because it doesn''t have a parent to borrow > from. So is there a way to simulate a variable bandwidth > link or should I just set RATE to the highest possible > value the bandwidth can reach?http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm (6. Priorizing bandwidth share) answers this question. Use qdisc inside qdisc.> That''s about it for now. :) ThanksThank you, -- _,-=._ /|_/| `-.} `=._,.-=-._., @ @._, `._ _,-. ) _,.-'' ` G.m-"^m`m'' Dmytro O. Redchuk
> 4) related to 3), I''ve tried to use a syntax likethis: > "tc> clas add dev $ETH parent 1:0 classid 1:1 htb rate$RATE> ceil $CEIL", where CEIL > RATE , but the max speedI> achieved was the RATE speed.try to add 2-level root class: tc qdisc add dev $ETH root handle 1: htb default FF tc class add dev $ETH parent 1: classid 1:1 htb rate $MAXRATE ceil $MAXRATE tc class add dev $ETH parent 1:1 classid 1:2 htb rate $MINRATE ceil $MAXRATE tc class add ... [your child classes] I don''t know if it''ll work but worth trying. ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs