I have a problem in setting up HTB.
It appears filters doesn''t work at all, besides "tc filter
show" show it as
being correctly configured.
Class 1:10 never sent any traffic, but as iptables show below, it should be
sending packets.
The HTB version I''m using is 3.3, with kernel 2.4.17.
The setup is as follows:
---------------------------------------------------------------
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1 htb default 20 r2q 10
tc class add dev eth0 parent 1: classid 1:2 htb rate 256kbit
tc class add dev eth0 parent 1:2 classid 1:10 htb rate 26kbit ceil 128kbit
prio
1
tc qdisc add dev eth0 parent 1:10 handle 10 sfq perturb 10
tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 23
0xffff classid 1:10
tc class add dev eth0 parent 1:2 classid 1:20 htb rate 220kbit ceil 256kbit
prio 2
tc qdisc add dev eth0 parent 1:20 handle 20 sfq perturb 10
---------------------------------------------------------------
The stats:
---------------------------------------------------------------
[root@NL1000 htb]# tc -s -d qdisc show
qdisc sfq 20: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb 10sec
Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
qdisc sfq 10: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb 10sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc htb 1: dev eth0 r2q 10 default 20 direct_packets_stat 0 ver 3.6
Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
[root@NL1000 htb]# tc -s -d class show dev eth0
class htb 1:10 parent 1:2 leaf 10: prio 1 quantum 1000 rate 26Kbit ceil
128Kbit
burst 1632b/8 mpu 0b cburst 1762b/8 mpu 0b level 0
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 401969 ctokens: 88149
class htb 1:2 root rate 256Kbit ceil 256Kbit burst 1926b/8 mpu 0b cburst
1926b/8 mpu 0b level 7
Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 46975 ctokens: 46975
class htb 1:20 parent 1:2 leaf 20: prio 2 quantum 2816 rate 220Kbit ceil
256Kbit burst 1880b/8 mpu 0b cburst 1926b/8 mpu 0b level 0
Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
lended: 94 borrowed: 0 giants: 0
tokens: 53324 ctokens: 46975
[root@NL1000 htb]# tc -s -d filter show dev eth0
filter parent 1: protocol ip pref 100 u32
filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800
bkt
0 flowid 1:10
match 00170000/ffff0000 at 20
[root@NL1000 htb]# iptables -t mangle -L -nvx
Chain PREROUTING (policy ACCEPT 3590 packets, 557751 bytes)
pkts bytes target prot opt in out source
destination
0 0 MARK tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:23 MARK set 0x6
146 12954 MARK tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:23 MARK set 0x6
Chain OUTPUT (policy ACCEPT 315 packets, 16936 bytes)
pkts bytes target prot opt in out source
destination
---------------------------------------------------------------
So, what is going wrong?
Thanks in advance,
--
_____________________
Nestor S A Melo
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
From what I see you are running a telnet daemon. If not it will never work. If you are doing this to shape telnet traffic from a telnet client then rather than sport it''ll have to be dport. On Thu, 2002-12-19 at 08:06, Nestor S A Melo wrote:> I have a problem in setting up HTB. > > It appears filters doesn''t work at all, besides "tc filter show" show it as > being correctly configured. > > Class 1:10 never sent any traffic, but as iptables show below, it should be > sending packets. > > The HTB version I''m using is 3.3, with kernel 2.4.17. > > The setup is as follows: > --------------------------------------------------------------- > tc qdisc del dev eth0 root > tc qdisc add dev eth0 root handle 1 htb default 20 r2q 10 > > tc class add dev eth0 parent 1: classid 1:2 htb rate 256kbit > > tc class add dev eth0 parent 1:2 classid 1:10 htb rate 26kbit ceil 128kbit > prio > 1 > tc qdisc add dev eth0 parent 1:10 handle 10 sfq perturb 10 > tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 23 > 0xffff classid 1:10 > > tc class add dev eth0 parent 1:2 classid 1:20 htb rate 220kbit ceil 256kbit > prio 2 > tc qdisc add dev eth0 parent 1:20 handle 20 sfq perturb 10 > --------------------------------------------------------------- > > The stats: > --------------------------------------------------------------- > [root@NL1000 htb]# tc -s -d qdisc show > qdisc sfq 20: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb 10sec > Sent 5116 bytes 94 pkts (dropped 0, overlimits 0) > > qdisc sfq 10: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb 10sec > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > > qdisc htb 1: dev eth0 r2q 10 default 20 direct_packets_stat 0 ver 3.6 > Sent 5116 bytes 94 pkts (dropped 0, overlimits 0) > > [root@NL1000 htb]# tc -s -d class show dev eth0 > class htb 1:10 parent 1:2 leaf 10: prio 1 quantum 1000 rate 26Kbit ceil > 128Kbit > burst 1632b/8 mpu 0b cburst 1762b/8 mpu 0b level 0 > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > lended: 0 borrowed: 0 giants: 0 > tokens: 401969 ctokens: 88149 > > class htb 1:2 root rate 256Kbit ceil 256Kbit burst 1926b/8 mpu 0b cburst > 1926b/8 mpu 0b level 7 > Sent 5116 bytes 94 pkts (dropped 0, overlimits 0) > lended: 0 borrowed: 0 giants: 0 > tokens: 46975 ctokens: 46975 > > class htb 1:20 parent 1:2 leaf 20: prio 2 quantum 2816 rate 220Kbit ceil > 256Kbit burst 1880b/8 mpu 0b cburst 1926b/8 mpu 0b level 0 > Sent 5116 bytes 94 pkts (dropped 0, overlimits 0) > lended: 94 borrowed: 0 giants: 0 > tokens: 53324 ctokens: 46975 > > [root@NL1000 htb]# tc -s -d filter show dev eth0 > filter parent 1: protocol ip pref 100 u32 > filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1 > filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 > bkt > 0 flowid 1:10 > match 00170000/ffff0000 at 20 > > [root@NL1000 htb]# iptables -t mangle -L -nvx > Chain PREROUTING (policy ACCEPT 3590 packets, 557751 bytes) > pkts bytes target prot opt in out source > destination > 0 0 MARK tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:23 MARK set 0x6 > 146 12954 MARK tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp spt:23 MARK set 0x6 > > Chain OUTPUT (policy ACCEPT 315 packets, 16936 bytes) > pkts bytes target prot opt in out source > destination > --------------------------------------------------------------- > > So, what is going wrong? > > Thanks in advance,-- Corey Rogers <jrog@sunbeach.net>
Em Qui, 2002-12-19 às 10:06, Nestor S A Melo escreveu:
Nestor,
First: If my english is poor, you can contact me direct by email in
portuguese since I`m Brazilian too :)
So, somebody correct me if I`m wrong ( Stef? ):
1 - I think you share more bandwidth than you have allocated.
2 - In sfq directive, you should write:
#tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
3 - You''ve marked packets with iptables -t mangle, but you''re
using u32
instead fw.I''m not sure if you did the correct u32 configuration too.
Probably you must use:
#tc filter add dev eth0 parent 1: protocol ip prio 100 handle 6 fw classid 1:10
The handle is the parameter that says to tc what mark you''re using and
fw is the parameter that says to tc that you''re using a firewall mark.
I hope I have helped you
Miguel Figueiredo
Linux Suport Analist
> I have a problem in setting up HTB.
>
> It appears filters doesn''t work at all, besides "tc filter
show" show it as
> being correctly configured.
>
> Class 1:10 never sent any traffic, but as iptables show below, it should be
> sending packets.
>
> The HTB version I''m using is 3.3, with kernel 2.4.17.
>
> The setup is as follows:
> ---------------------------------------------------------------
> tc qdisc del dev eth0 root
> tc qdisc add dev eth0 root handle 1 htb default 20 r2q 10
>
> tc class add dev eth0 parent 1: classid 1:2 htb rate 256kbit
>
> tc class add dev eth0 parent 1:2 classid 1:10 htb rate 26kbit ceil 128kbit
> prio
> 1
> tc qdisc add dev eth0 parent 1:10 handle 10 sfq perturb 10
> tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport
23
> 0xffff classid 1:10
>
> tc class add dev eth0 parent 1:2 classid 1:20 htb rate 220kbit ceil 256kbit
> prio 2
> tc qdisc add dev eth0 parent 1:20 handle 20 sfq perturb 10
> ---------------------------------------------------------------
>
> The stats:
> ---------------------------------------------------------------
> [root@NL1000 htb]# tc -s -d qdisc show
> qdisc sfq 20: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
10sec
> Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 10: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc htb 1: dev eth0 r2q 10 default 20 direct_packets_stat 0 ver 3.6
> Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
>
> [root@NL1000 htb]# tc -s -d class show dev eth0
> class htb 1:10 parent 1:2 leaf 10: prio 1 quantum 1000 rate 26Kbit ceil
> 128Kbit
> burst 1632b/8 mpu 0b cburst 1762b/8 mpu 0b level 0
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> lended: 0 borrowed: 0 giants: 0
> tokens: 401969 ctokens: 88149
>
> class htb 1:2 root rate 256Kbit ceil 256Kbit burst 1926b/8 mpu 0b cburst
> 1926b/8 mpu 0b level 7
> Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
> lended: 0 borrowed: 0 giants: 0
> tokens: 46975 ctokens: 46975
>
> class htb 1:20 parent 1:2 leaf 20: prio 2 quantum 2816 rate 220Kbit ceil
> 256Kbit burst 1880b/8 mpu 0b cburst 1926b/8 mpu 0b level 0
> Sent 5116 bytes 94 pkts (dropped 0, overlimits 0)
> lended: 94 borrowed: 0 giants: 0
> tokens: 53324 ctokens: 46975
>
> [root@NL1000 htb]# tc -s -d filter show dev eth0
> filter parent 1: protocol ip pref 100 u32
> filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
> filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800
> bkt
> 0 flowid 1:10
> match 00170000/ffff0000 at 20
>
> [root@NL1000 htb]# iptables -t mangle -L -nvx
> Chain PREROUTING (policy ACCEPT 3590 packets, 557751 bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 MARK tcp -- * * 0.0.0.0/0
> 0.0.0.0/0 tcp dpt:23 MARK set 0x6
> 146 12954 MARK tcp -- * * 0.0.0.0/0
> 0.0.0.0/0 tcp spt:23 MARK set 0x6
>
> Chain OUTPUT (policy ACCEPT 315 packets, 16936 bytes)
> pkts bytes target prot opt in out source
> destination
> ---------------------------------------------------------------
>
> So, what is going wrong?
>
> Thanks in advance,
> --
> _____________________
> Nestor S A Melo
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Friday 20 December 2002 03:31, Miguel Figueiredo wrote:> Em Qui, 2002-12-19 às 10:06, Nestor S A Melo escreveu: > > Nestor, > > First: If my english is poor, you can contact me direct by email in > portuguese since I`m Brazilian too :) > > So, somebody correct me if I`m wrong ( Stef? ): > > 1 - I think you share more bandwidth than you have allocated.That''s no problem. Rate of class 1:10 and 1:20 = 26+220=246kbit and rate of parent class is 256kbit.> 2 - In sfq directive, you should write: > #tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10His command will work too.> 3 - You''ve marked packets with iptables -t mangle, but you''re using u32 > instead fw.I''m not sure if you did the correct u32 configuration too. > > Probably you must use: > > #tc filter add dev eth0 parent 1: protocol ip prio 100 handle 6 fw classid > 1:10 > > The handle is the parameter that says to tc what mark you''re using and > fw is the parameter that says to tc that you''re using a firewall mark.And it''s all in hex. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/