Hi,
I have a colocated server with a bandwidth limitation, so I want to
throttle the maximum output to 256k, and use a PRIO with SFQ inside
this, so I''m using the following:
tc qdisc add dev eth0 root handle 1: htb default 1
tc class add dev eth0 parent 1: classid 1:1 htb rate 256kbit burst 15k
tc qdisc add dev eth0 parent 1:1 handle 10: prio
tc qdisc add dev eth0 parent 10:1 handle 11: sfq
tc qdisc add dev eth0 parent 10:2 handle 12: sfq
tc qdisc add dev eth0 parent 10:3 handle 13: sfq
This all works fine, ssh traffic falls straight into 11:, and scp
traffic into 13:, everything else into 12:.
My problems come when I try to filter outbound traffic from port80
into 13: (the lowpriority band).
This doesn''t work:
tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip sport 80
0xffff flowid 13:
nor does:
tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip sport 80
0xffff flowid 10:3
nor does:
iptables -t mangle -A OUTPUT -p TCP --sport 80 -j TOS --set-tos
Maximize-Throughput
(the packet counters against the ruleset go up, but not the ones in the tc -s
qdisc)
I also tried this with FORWARD & POSTROUTING, also no joy.
Interestingly it /does/ work if (and only if) I set the TOS in the
PREROUTING mangle chain on a firewall with these rules - but I can''t
do this with my colo box.
Any ideas?
- Rob.
--
Robert Collier
rob@ossifrage.net
> tc qdisc add dev eth0 root handle 1: htb default 1 > tc class add dev eth0 parent 1: classid 1:1 htb rate 256kbit burst 15k > tc qdisc add dev eth0 parent 1:1 handle 10: prio > tc qdisc add dev eth0 parent 10:1 handle 11: sfq > tc qdisc add dev eth0 parent 10:2 handle 12: sfq > tc qdisc add dev eth0 parent 10:3 handle 13: sfq > > This all works fine, ssh traffic falls straight into 11:, and scp > traffic into 13:, everything else into 12:. > > My problems come when I try to filter outbound traffic from port80 > into 13: (the lowpriority band). > > This doesn''t work: > > tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip sport 80 0xffff flowid 13:try tc filter add dev eth0 parent 10: protocol ip prio 10 u32 match ip sport 80 0xffff flowid 10:3 devik
On Fri, Mar 01, 2002 at 04:41:27PM +0100, Martin Devera wrote:> try tc filter add dev eth0 parent 10: protocol ip prio 10 u32 match ip > sport 80 0xffff flowid 10:3Thanks, this seems to be working! frivolous:~# tc -s qdisc show dev eth0 qdisc sfq 13: quantum 1514b Sent 1050040 bytes 1170 pkts (dropped 0, overlimits 0) [...] I''m having trouble listing the filter though: frivolous:~# tc filter show dev eth0 frivolous:~# I''m also still really interested to find out why setting the TOS in PREROUTING works, but not setting it in OUTPUT, FORWARD or POSTROUTING. - Rob. -- Robert Collier rob@ossifrage.net