I''m trying to prioritize interactive traffic over other traffic on my 56k dialup link. I wrote some chains to set the ToS in PREROUTING and OUTGOING, and I''m using a PRIO queue with three SFQ children: iptables -A OUTPUT -t mangle -p tcp --dport ftp-data -j TOS --set-tos Maximize-throughput iptables -A OUTPUT -t mangle -p tcp --dport domain -j TOS --set-tos Maximize-throughput iptables -A OUTPUT -t mangle -p tcp --dport www -j TOS --set-tos Maximize-throughput iptables -A OUTPUT -t mangle -p tcp --dport smtp -j TOS --set-tos Minimize-cost iptables -A OUTPUT -t mangle -p tcp --dport telnet -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport ssh -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p udp --dport domain -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport ftp -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport 5900 -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport imaps -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport 9898 -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport 5190 -j TOS --set-tos Minimize-delay iptables -A OUTPUT -t mangle -p tcp --dport 6667 -j TOS --set-tos Minimize-delay tc qdisc add dev $DEV root handle 1: prio tc qdisc add dev $DEV parent 1:1 handle 10: sfq perturb 5 # interactive tc qdisc add dev $DEV parent 1:2 handle 20: sfq perturb 5 # throughput tc qdisc add dev $DEV parent 1:3 handle 30: sfq perturb 5 # lowcost According to tcpdump, the ToS bits are indeed being set like I asked, but "watch tc -s qdisc show dev ppp0" shows that everything is going into the "througput" queue regardless. The only traffic that increments the counter for the "interactive" queue is post-handshake SSH traffic, and from what I''ve read, SSH sets the ToS explicitly. What am I doing wrong? -- Jacob Elder http://www.lucidpark.net/
On Sat, Apr 13, 2002 at 05:24:10PM -0400, Jacob Elder wrote:> I''m trying to prioritize interactive traffic over other traffic on my 56k > dialup link. I wrote some chains to set the ToS in PREROUTING and OUTGOING, > and I''m using a PRIO queue with three SFQ children:PRIO works just fine - you probably have it configured wrong.> iptables -A OUTPUT -t mangle -p tcp --dport ftp-data -j TOS --set-tos Maximize-throughputOUTPUT is only for locally generated packets, by the way. To mangle forwarded packets, use PREROUTING.> According to tcpdump, the ToS bits are indeed being set like I asked, but > "watch tc -s qdisc show dev ppp0" shows that everything is going into the > "througput" queue regardless. The only traffic that increments the counter > for the "interactive" queue is post-handshake SSH traffic, and from what > I''ve read, SSH sets the ToS explicitly. What am I doing wrong?I would advise rechecking the output of tcpdump before and after applying the iptables mangle rules. Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
On Sun, Apr 14, 2002 at 12:26:05PM +0200, bert hubert wrote:> On Sat, Apr 13, 2002 at 05:24:10PM -0400, Jacob Elder wrote: > > I''m trying to prioritize interactive traffic over other traffic on my 56k > > dialup link. I wrote some chains to set the ToS in PREROUTING and OUTGOING, > > and I''m using a PRIO queue with three SFQ children: > > PRIO works just fine - you probably have it configured wrong.I''m sure it does for you guys, that''s why I''m asking for help :)> > > iptables -A OUTPUT -t mangle -p tcp --dport ftp-data -j TOS --set-tos Maximize-throughput > > OUTPUT is only for locally generated packets, by the way. To mangle > forwarded packets, use PREROUTING.I know, I''m only worried about my one workstation at the moment.> > > According to tcpdump, the ToS bits are indeed being set like I asked, but > > "watch tc -s qdisc show dev ppp0" shows that everything is going into the > > "througput" queue regardless. The only traffic that increments the counter > > for the "interactive" queue is post-handshake SSH traffic, and from what > > I''ve read, SSH sets the ToS explicitly. What am I doing wrong? > > I would advise rechecking the output of tcpdump before and after applying > the iptables mangle rules.AIM traffic before: 140.186.55.23.33788 > 64.12.163.214.9898: tcp 68 (DF) And after: 140.186.55.23.33788 > 64.12.163.214.9898: tcp 68 (DF) [tos 0x10] I forgot to mention that I''m running iproute 20010824-6 and kernel 2.4.17, Debian Woody. Did the tc command lines I posted before look alright? -- Jacob Elder http://www.lucidpark.net/