LARTC - Feb 2004 - HTB classes and SFQ qdiscs showing 0 sent bytes

Hi All,

I have set up a test script to limit incoming connections to my Network
Server like this. Running SuSE Linux Professional 8.2. The snippet from
my script is:



#Deleting previous root handle

tc qdisc del dev eth0 root

# Adding new root handle
tc qdisc add dev eth0 root handle 1 htb default 30

#Dividing the classes

tc class add dev eth0 parent 1: classid 1:1 htb rate 4Mbit ceil 4Mbit

tc class add dev eth0 parent 1:1 classid 1:2 htb rate 1Mbit ceil 1Mbit
burst 15k
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 1Mbit ceil 1Mbit
burst 15k
tc class add dev eth0 parent 1:1 classid 1:4 htb rate 1Mbit ceil 1Mbit
burst 15k
tc class add dev eth0 parent 1:1 classid 1:5 htb rate 1Mbit ceil 1Mbit
burst 15k

#Addming SFQ beneath these classes

tc qdisc add dev eth0 parent 1:2 handle 2 sfq perturb 10
tc qdisc add dev eth0 parent 1:3 handle 3 sfq perturb 10
tc qdisc add dev eth0 parent 1:4 handle 4 sfq perturb 10
tc qdisc add dev eth0 parent 1:5 handle 5 sfq perturb 10

# Adding some filters

tc filter add dev eth0 protocol ip parent 1:2 prio 1 u32 \
    match ip src 192.168.1.1/24 classid 1:2
tc filter add dev eth0 protocol ip parent 1:3 prio 1 u32 \
    match ip src 192.168.1.2/24 classid 1:3
tc filter add dev eth0 protocol ip parent 1:4 prio 1 u32 \
    match ip src 192.168.1.3/24 classid 1:4
tc filter add dev eth0 protocol ip parent 1:5 prio 1 u32 \
    match ip src 192.168.1.4/24 classid 1:5

----------------

The output from 
laptop:/home/animesh/HTB # tc -s -d qdisc show dev eth0
qdisc sfq 5: limit 128p quantum 1514b flows 128/1024 perturb 10sec
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 4: limit 128p quantum 1514b flows 128/1024 perturb 10sec
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 3: limit 128p quantum 1514b flows 128/1024 perturb 10sec
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 2: limit 128p quantum 1514b flows 128/1024 perturb 10sec
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc htb 1: r2q 10 default 30 direct_packets_stat 1039 ver 3.7
 Sent 261902 bytes 1039 pkts (dropped 0, overlimits 0)
laptop:/home/animesh/HTB #

laptop:/home/animesh/HTB # tc -s -d class show dev eth0
class htb 1:1 root rate 4Mbit ceil 4Mbit burst 6841b/8 mpu 0b cburst
6841b/8 mpu 0b level 7
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 10690 ctokens: 10690

class htb 1:2 parent 1:1 leaf 2: prio 0 quantum 13107 rate 1Mbit ceil
1Mbit burst 15Kb/8 mpu 0b cburst 2909b/8 mpu 0b level 0
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 95999 ctokens: 18187

class htb 1:3 parent 1:1 leaf 3: prio 0 quantum 13107 rate 1Mbit ceil
1Mbit burst 15Kb/8 mpu 0b cburst 2909b/8 mpu 0b level 0
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 95999 ctokens: 18187

class htb 1:4 parent 1:1 leaf 4: prio 0 quantum 13107 rate 1Mbit ceil
1Mbit burst 15Kb/8 mpu 0b cburst 2909b/8 mpu 0b level 0
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 95999 ctokens: 18187

class htb 1:5 parent 1:1 leaf 5: prio 0 quantum 13107 rate 1Mbit ceil
1Mbit burst 15Kb/8 mpu 0b cburst 2909b/8 mpu 0b level 0
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 95999 ctokens: 18187

Notice the "Sent 0 bytes" for both teh SFQ qdiscs and the HTB classes.
I
am stuck over here. Please suggest what might be wrong and whether my
approach is right.

Regards,
Animesh

-- 
------------------------------------------------------------------------
Animesh Bansriyar, CTO		|	NeoLinux Solutions, Ranchi
animesh@neolinuxsolutions.com	|	http://neolinuxsolutions.com
+91.651.3112497,3122401		|	Driving Technology Through Linux
------------------------------------------------------------------------
  Linux Intranet/Internet Solutions and Services, Custom Applications

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

At 00:24 25/02/2004, Animesh Bansriyar wrote:
>Hi All,
>
>I have set up a test script to limit incoming connections to my Network
>Server like this. Running SuSE Linux Professional 8.2. The snippet from
>my script is:
SNIP
># Adding some filters
>
>tc filter add dev eth0 protocol ip parent 1:2 prio 1 u32 \
>     match ip src 192.168.1.1/24 classid 1:2
>tc filter add dev eth0 protocol ip parent 1:3 prio 1 u32 \
>     match ip src 192.168.1.2/24 classid 1:3
>tc filter add dev eth0 protocol ip parent 1:4 prio 1 u32 \
>     match ip src 192.168.1.3/24 classid 1:4
>tc filter add dev eth0 protocol ip parent 1:5 prio 1 u32 \
>     match ip src 192.168.1.4/24 classid 1:5
SNIP
>Notice the "Sent 0 bytes" for both teh SFQ qdiscs and the HTB
classes. I
>am stuck over here. Please suggest what might be wrong and whether my
>approach is right.
I don''t know if this is *all* your problems, but there is a very
obvious
one here - all four of your ip matches are going to match exactly the SAME 
thing. (And therefore only one is ever going to match)

Why did you put the /24 on the end of the ip address ? That means that 
you''re providing it a netmask, so 192.168.1.1/24 is refering to the
entire
class C subnet 192.168.1.x.

192.168.1.2/24 also refers to the same class C subnet. If the subnet is a 
/24 the last octet of the ip address is ignored. If you''re really
trying to
match only on single ip addresses, take off the /24

Regards,
Simon

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/