Hi all,
I use a Debian Woody with Kernel 2.4.18 patched with the HTB queue. I use
the tc binay given within the HTB targz. Iptables 1.2.6a
I wrote this script based on the ADSL Bandwith management howto :
DEV=eth0
RATEUP=128
tc qdisc add dev $DEV root handle 1: htb default 22
tc class add dev $DEV parent 1: classid 1:1 htb rate ${RATEUP}kbit
tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[$RATEUP/7]kbit
ceil ${RATEUP}kbit prio 0
tc class add dev $DEV parent 1:1 classid 1:21 htb rate $[$RATEUP/7]kbit
ceil 88kbit prio 1
tc class add dev $DEV parent 1:1 classid 1:22 htb rate $[$RATEUP/7]kbit
ceil 88kbit prio 2
tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10
tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20
iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21
I transfered a file by ftp. The packets was sent through the class 22 and
its bandwith limited to 88kbits, which is normal. But i sent pings and
thoose packets were sent through the class 22 too which is not normal due
to the mangle packets marking.
I know which class was used by looking the tc classes status. Why icmp
packets was not sent through class 20 ?
Any help would be appriciated. Thanks and have a nice day.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Thu, 24 Oct 2002, Tom wrote:> tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20 > tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21 > tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22This odd. With my setup (2.4.20pre10 and tc from the 3.6 tarball) I need to specify classid instead of flowid: # tc filter add fw help Usage: ... fw [ classid CLASSID ] [ police POLICE_SPEC ] POLICE_SPEC := ... look at TBF CLASSID := X:Y> iptables -t mangle -N MYSHAPER-OUT > iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUTTried OUTPUT chain for locally generated packets?> I transfered a file by ftp. The packets was sent through the class 22 and > its bandwith limited to 88kbits, which is normal.Yes if normal == default.> But i sent pings and thoose packets were sent through the class 22 too > which is not normal due to the mangle packets marking. I know which > class was used by looking the tc classes status. Why icmp packets was > not sent through class 20 ?To see which chain you''re required to use, append your MYSHAPER-OUT chain to all default chains in the mangle table and see if it works. Then have a look at the packet counts and remove the unused. Walter _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Thursday 24 October 2002 10:43, Walter Haidinger wrote:> On Thu, 24 Oct 2002, Tom wrote: > > tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid > > 1:20 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw > > flowid 1:21 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle > > 22 fw flowid 1:22 > > This odd. With my setup (2.4.20pre10 and tc from the 3.6 tarball) I need > to specify classid instead of flowid: > > # tc filter add fw help > Usage: ... fw [ classid CLASSID ] [ police POLICE_SPEC ] > POLICE_SPEC := ... look at TBF > CLASSID := X:Yfrom f_fw.c : if (matches(*argv, "classid") == 0 || matches(*argv, "flowid") == 0) { So both can be used.> > iptables -t mangle -N MYSHAPER-OUT > > iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT > > Tried OUTPUT chain for locally generated packets?You can use OUTPUT and POSTROUTING. See www.docum.org under KPTD. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Rehi all, I continue to search and now it''s work. There is what i did : - I change my interface from eth0 to ppp0 - I change the chain from POSTROUTING to OUTPUT (evene if the both possibly work) - I add the quantum to the SFQ queue, it was 1492 now it''s 1500 (the same as my MTU) - I reduce the bandwith from 128kbps to 104kbps according to the howto - I change priority of all the handle from 0 to respectivly 0,1,2,3,4,5 and 6 and I changed the flowid to classid. Now, i''m going to try back my old config step by step to see what exactly made problem. Thanks a lot for your advises. Best regards, Tom. At 13:17 24/10/2002 +0200, you wrote:>On Thursday 24 October 2002 10:43, Walter Haidinger wrote: > > On Thu, 24 Oct 2002, Tom wrote: > > > tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid > > > 1:20 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw > > > flowid 1:21 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle > > > 22 fw flowid 1:22 > > > > This odd. With my setup (2.4.20pre10 and tc from the 3.6 tarball) I need > > to specify classid instead of flowid: > > > > # tc filter add fw help > > Usage: ... fw [ classid CLASSID ] [ police POLICE_SPEC ] > > POLICE_SPEC := ... look at TBF > > CLASSID := X:Y >from f_fw.c : > if (matches(*argv, "classid") == 0 || > matches(*argv, "flowid") == 0) { > >So both can be used. > > > > iptables -t mangle -N MYSHAPER-OUT > > > iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT > > > > Tried OUTPUT chain for locally generated packets? >You can use OUTPUT and POSTROUTING. See www.docum.org under KPTD. > >Stef > >-- > >stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Thursday 24 October 2002 08:22, Tom wrote:> Hi all, > > I use a Debian Woody with Kernel 2.4.18 patched with the HTB queue. I use > the tc binay given within the HTB targz. Iptables 1.2.6a > I wrote this script based on the ADSL Bandwith management howto : > > DEV=eth0 > RATEUP=128 > > tc qdisc add dev $DEV root handle 1: htb default 22 > tc class add dev $DEV parent 1: classid 1:1 htb rate ${RATEUP}kbit > tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[$RATEUP/7]kbit > ceil ${RATEUP}kbit prio 0 > tc class add dev $DEV parent 1:1 classid 1:21 htb rate $[$RATEUP/7]kbit > ceil 88kbit prio 1 > tc class add dev $DEV parent 1:1 classid 1:22 htb rate $[$RATEUP/7]kbit > ceil 88kbit prio 2a tip : make sure the sum of the rates = ceil of the parent. It''s not needed, but it''s more logic. And you have to be sure YOU are the bottleneck on the link. It''s possible that you have to set RATE=120 to get results.> tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10 > tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10 > tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10 > tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid > 1:20 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw > flowid 1:21 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 > fw flowid 1:22 > > iptables -t mangle -N MYSHAPER-OUT > iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT > iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 22 > iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20 > iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21 > > I transfered a file by ftp. The packets was sent through the class 22 and > its bandwith limited to 88kbits, which is normal. But i sent pings and > thoose packets were sent through the class 22 too which is not normal due > to the mangle packets marking. > I know which class was used by looking the tc classes status. Why icmp > packets was not sent through class 20 ?Can you check out the iptables counters to see if the packets are really marked like you want ? And you can get the same filter results if you add a fw filter with no option. The mark will be used as classid : tc filter add dev $DEV parent 1:0 prio 0 protocol ip fw Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/