LARTC - Feb 2003 - Re: Problem with HTB accurancy

Hello, I''m Alexandra Alvarado
>>
>> I''ve been working with linux and CBQ with a long time, but
know  I
>> want to migrate to HTB, and I''m testing it in a linux with the
next
>> features:
>>
>> - Pentium IV 1.7 Ghz
>> - 256 MB
>> - 1 3Com 3C905B
>> - 1 3Com 3C905C
>> - Red Hat 8.0
>> - Kernel 2.4.20
>> - iproute-2.4.7-7
>> - Squid - Transparent Proxy
>> - VPN
>> - Named
>> - Reiserfs
>> - SNMP
>> - HTB (The configuration is in the attached file)
>>
>> My problem is that rrdtool graph shows :
>>
>>     ETH0 IN:        596.99Kbps
>>     ETH0 OUT:    100.71Kbps
>>
>>     ETH1 IN:        74.44Kbps
>>     ETH1 OUT:    150.13Kbps
>>
>> And the configuration has a ceil of 384Kbit
>>
>> What I''m doing wrong??
>>
>> I suppose that it could be with Squid Transparent Proxy, but in HTB
>> I have a default classid 20,
>> that is where must go any not specified traffic, how can I solve my
>> problem?
>>
>> Thanks
>>
>> Alexandra Alvarado
>>
>>
>>
>>     --------------------------------------------------------------
>> #!/bin/sh
>>
>> iptables -F -t mangle
>>
>> # ===>> Control de Trafico de Salida << === #
>>
>> # ===>> PC1 <<=== #
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.194 -j MARK
--set-mark 1
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.194 -j MARK
--set-mark 1
>>
>> # ===>> PC2 <<=== #
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.199 -j MARK
--set-mark 3
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.199 -j MARK
--set-mark 3
>>
>> # ===>> PC3 <<=== #
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.201 -j MARK
--set-mark 5
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.201 -j MARK
--set-mark 5
>>
>> # ===>> Resto de la Red Privada <<=== #
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.0/25 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.0/25 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.128/26 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.128/26 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.192 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.192 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.193 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.193 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.195 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.195 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.196 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.196 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.197 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.197 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.198 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.198 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.200 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.200 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.202 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.202 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.203 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.203 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.204 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.204 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.205 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.205 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.206 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.206 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.207 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.207 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.208/28 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.208/28 -j MARK
--set-mark 7
>>
>> iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.224/27 -j MARK
--set-mark 7
>> iptables -A PREROUTING -t mangle -p udp -s 207.100.136.224/27 -j MARK
--set-mark 7
>>
>> tc qdisc del dev eth0 root handle 1:
>>
>> tc qdisc add dev eth0 root handle 1: htb default 20
>> tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil
384kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:10 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:11 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:12 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:13 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:14 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth0 parent 1:1 classid 1:20 htb rate 100kbit ceil
128kbit burst 2k
>>
>> tc filter add dev eth0 parent 1: protocol ip prio 1 handle 1 fw classid
1:10
>> tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3 fw classid
1:11
>> tc filter add dev eth0 parent 1: protocol ip prio 3 handle 5 fw classid
1:12
>> tc filter add dev eth0 parent 1: protocol ip prio 3 handle 7 fw classid
1:13
>>
>> # ===>> Control de Trafico de Entrada << === #
>>
>> # ===>> PC1 <<=== #
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.194 -j MARK
--set-mark 2
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.194 -j MARK
--set-mark 2
>>
>> # ===>> PC2 <<=== #
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.199 -j MARK
--set-mark 4
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.199 -j MARK
--set-mark 4
>>
>> # ===>> PC3 <<=== #
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.201 -j MARK
--set-mark 6
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.201 -j MARK
--set-mark 6
>>
>> # ===>> Resto de la Red Privada <<=== #
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.0/25 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.0/25 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.128/26 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.128/26 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.192 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.192 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.193 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.193 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.195 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.195 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.196 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.196 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.197 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.197 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.198 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.198 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.200 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.200 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.202 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.202 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.203 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.203 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.204 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.204 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.205 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.205 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.206 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.206 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.207 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.207 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.208/28 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.208/28 -j MARK
--set-mark 8
>>
>> iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.224/27 -j MARK
--set-mark 8
>> iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.224/27 -j MARK
--set-mark 8
>>
>> tc qdisc del dev eth1 root handle 1:
>>
>> tc qdisc add dev eth1 root handle 1: htb default 20
>> tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit ceil
384kbit burst 2k
>> tc class add dev eth1 parent 1:1 classid 1:10 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth1 parent 1:1 classid 1:11 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth1 parent 1:1 classid 1:12 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth1 parent 1:1 classid 1:13 htb rate 56kbit ceil
64kbit burst 2k
>> tc class add dev eth1 parent 1:1 classid 1:20 htb rate 100kbit ceil
128kbit burst 2k
>>
>> tc filter add dev eth1 parent 1: protocol ip prio 1 handle 2 fw classid
1:10
>> tc filter add dev eth1 parent 1: protocol ip prio 3 handle 4 fw classid
1:11
>> tc filter add dev eth1 parent 1: protocol ip prio 3 handle 6 fw classid
1:13
>> tc filter add dev eth1 parent 1: protocol ip prio 3 handle 8 fw classid
1:14
>>
>> # === >> Fin << === #
>>