Could someone give me some help in prioritizing uploading traffic on my
ADSL connection.
Currently, I have set up a Linux 2.4.12 router/firewall/NAT to allow our
network of users to access the Internet.
--------- eth0 ---- Linux router/firewall/NAT --- eth1 ---- Local network
a.b.c.d 192.168.1.254
I can''t seem to find enough information on tc and all the different
parameters possible with the command. Anyway, I found an
ADSL-bandwidth-management howto and followed to the letter, as follows:-
ip link set eth0 txqueuelen 20
tc qdisc add dev eth0 root handle 128: cbq bandwidth 10mbit avpkt 700
tc class add dev eth0 parent 128:0 classid 128:1 cbq bandwidth 10mbit rate
90kbit allot 1514 weight 9kbit prio 5 \
maxburst 1 avpkt 700 bounded
tc qdisc add dev eth0 parent 128:1 prio bands 4 priomap 0 1 2 3 3 3 3 3 3 3
3 3 3 3 3 3
tc filter add dev eth0 parent 128:0 protocol ip prio 5 u32 match ip src
a.b.c.d flowid 128:1
One member on the network is downloading continuously off Morpheus. The
originator connects to the peer through a destination port 1214. I want to
make it the lowest priority outgoing traffic but don''t seem to be able
to
do that.
I use iptables to mark packets matching the following criteria:-
iptables -t mangle -N MANGLE_PREROUTING
iptables -t mangle -F MANGLE_PREROUTING
iptables -t mangle -A MANGLE_PREROUTING -p ALL -j MARK --set-mark 2
iptables -t mangle -A MANGLE_PREROUTING -p tcp --dport 1214 -j MARK
--set-mark 3
iptables -t mangle -A MANGLE_PREROUTING -p icmp -j MARK --set-mark 0
iptables -t mangle -A MANGLE_PREROUTING -p tcp --dport 0:1024 -j MARK
--set-mark 1
iptables -t mangle -A PREROUTING -i eth1 -j MANGLE_PREROUTING
With the above, I could see packets being marked as they enter into eth1,
as expected. Using iptables -L -t mangle -v, I could see the statistics of
the chain.
However, originally, I had the iptables set up below:-
iptables -t mangle -N MANGLE_OUTPUT
iptables -t mangle -F MANGLE_OUTPUT
iptables -t mangle -A MANGLE_OUTPUT -p ALL -j MARK --set-mark 2
iptables -t mangle -A MANGLE_OUTPUT -p tcp --dport 1214 -j MARK --set-mark 3
iptables -t mangle -A MANGLE_OUTPUT -p icmp -j MARK --set-mark 0
iptables -t mangle -A MANGLE_OUTPUT -p tcp --dport 0:1024 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -o eth0 -j MANGLE_OUTPUT
I would have thought that I should mark the packets on its way out to the
Internet on "eth0" which is connected to the ADSL modem. But packets
are
only marked if they originate from the Linux router/firewall box. For
example, if I do a Ping from any of the machines behind the firewall, I
don''t see its packets marked on the eth0 interface. However, if I Ping
from
the firewall, I can see its packets marked.
If packets arriving on eth1 are forwarded to the Internet, they would have
been sent out on eth0. Why wouldn''t these forwarded packets be marked?
I don''t have any idea if the tc filter works.
tc -s qdisc
qdisc prio 8001: dev eth0 bands 4 priomap 0 1 2 3 3 3 3 3 3 3 3 3 3 3 3 3
Sent 69665656 bytes 129757 pkts (dropped 3556, overlimits 0)
backlog 10p
qdisc cbq 128: dev eth0 rate 10Mbit (bounded, isolated) prio no-transmit
sent 69674548 bytes 129957 pkts (dropped 3356, overlimits 147192)
backlog 10p
borrowed 0 overactions 0 avgidle 399 undertime 0
tc -stat filter show dev eth0
filter parent 128: protocol ip pref 5 u32
filter parent 128: protocol ip pref 5 u32 fh 800: ht divisor 1
filter parent 128: protocol ip pref 5 u32 fh 800::800 order 2048 key ht 800
bkt 0 flowid 128:1 match a.b.c.d/ffffffff at 12
I really want to see the numbers of packets in each of the 4 bands. Can
someone show me how I can get more accurate statistics of tc''s
performance?
I don''t think my configuration works, because when Morpheus is running,
the
reaction on web browsing and ftp is noticeably slower. My assumption is
that by throttling back the ACKs from the Morpheus client, that would limit
the amount of download from the server. Am I wrong in this assumption? If
so, do I need to throttle the incoming too?
