I need to shape traffic from some IP on one LAN, but I''m in trouble.
There is a linux 2.4.26 connected to the Internet (eth0) / LAN(eth1) doing NAT.
I''m using VLANs in the LAN Interface, that is connected to a 3Com
SuperStack II in a 802.1Q tagged port.
I want to create a class that will limit the traffic at 384Kbit/s.
I want to create two leaf classes that limit the traffic at 256Kbit/s for each
one.
I want to attach two sfq qdiscs so the classes are treated equally.
I want to put filters that put one IP address for each 256 class (supose that
are only two computers on LAN).
When one computer is downloading a file from internet it need to never be more
than 256Kbit.
When both computers are downloading files at the same time, they need to never
be more than 384Kbit together.
I want to attach the qdisc on eth1 (and no one on each VLAN ex. eth1.1, eth1.2,
eth1.3 ...) so all VLAN traffic will be processed.
The config:
# root qdisc
tc qdisc add dev eth0 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8
tc qdisc add dev eth1 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8
# root class
tc class add dev eth0 parent 1:0 classid 1:1 cbq bandwidth 100Mbit rate 384Kbit
weight 38Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded
tc class add dev eth1 parent 1:0 classid 1:1 cbq bandwidth 100Mbit rate 384Kbit
weight 38Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded
# leaf class 1 & 2
tc class add dev eth0 parent 1:1 classid 1:10 cbq bandwidth 100Mbit rate 256Kbit
weight 25Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000
tc class add dev eth0 parent 1:1 classid 1:20 cbq bandwidth 100Mbit rate 256Kbit
weight 25Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000
tc class add dev eth1 parent 1:1 classid 1:10 cbq bandwidth 100Mbit rate 256Kbit
weight 25Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000
tc class add dev eth1 parent 1:1 classid 1:20 cbq bandwidth 100Mbit rate 256Kbit
weight 25Kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000
# sfq
tc qdisc add dev eth0 parent 1:10 handle 100: sfq
tc qdisc add dev eth0 parent 1:20 handle 200: sfq
tc qdisc add dev eth1 parent 1:10 handle 100: sfq
tc qdisc add dev eth1 parent 1:20 handle 200: sfq
# filters
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src
10.0.0.2/32 flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst
10.0.0.2/32 flowid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src
10.0.0.3/32 flowid 1:20
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst
10.0.0.3/32 flowid 1:20
When I start a download from one computer the speed is limited at 256Kbit/s
(this is OK)
When I start a download from both machines the speed for each one is 256Kbit/s.
They are getting 512Kbit/s together and the 384Kb parent link is not working.
What is wrong ???
Regards
Ricardo
STATS:
### eth0: queueing disciplines
qdisc sfq 200: quantum 1514b perturb 10sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 100: quantum 1514b perturb 10sec
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc cbq 1: rate 100Mbit (bounded,isolated) prio no-transmit
Sent 711595 bytes 7024 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 60 undertime 0
### eth0: traffic classes
class cbq 1: root rate 100Mbit (bounded,isolated) prio no-transmit
Sent 711595 bytes 7024 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 60 undertime 0
class cbq 1:10 parent 1:1 leaf 100: rate 256Kbit prio no-transmit
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 707804 undertime 0
class cbq 1:1 parent 1: rate 384Kbit (bounded) prio no-transmit
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 471277 undertime 0
class cbq 1:20 parent 1:1 leaf 200: rate 256Kbit prio no-transmit
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 707804 undertime 0
### eth0: filtering rules
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
flowid 1:10
match 0a000002/ffffffff at 12
filter parent 1: protocol ip pref 1 u32 fh 800::801 order 2049 key ht 800 bkt 0
flowid 1:20
match 0a000003/ffffffff at 12
### eth1: queueing disciplines
qdisc sfq 200: quantum 1514b perturb 10sec
Sent 4541217 bytes 3268 pkts (dropped 0, overlimits 0)
backlog 14p
qdisc sfq 100: quantum 1514b perturb 10sec
Sent 4341261 bytes 3054 pkts (dropped 0, overlimits 0)
backlog 25p
qdisc cbq 1: rate 100Mbit (bounded,isolated) prio no-transmit
Sent 10606524 bytes 9897 pkts (dropped 0, overlimits 11757)
backlog 39p
borrowed 0 overactions 0 avgidle 60 undertime 0
### eth1: traffic classes
class cbq 1: root rate 100Mbit (bounded,isolated) prio no-transmit
Sent 10550332 bytes 9859 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 62 undertime 0
class cbq 1:10 parent 1:1 leaf 100: rate 256Kbit prio no-transmit
Sent 4306071 bytes 3029 pkts (dropped 0, overlimits 1011237)
backlog 25p
borrowed 35 overactions 2478 avgidle -26542 undertime 21120
class cbq 1:1 parent 1: rate 384Kbit (bounded) prio no-transmit
Sent 8826036 bytes 6283 pkts (dropped 0, overlimits 0)
borrowed 212 overactions 0 avgidle -220835 undertime 222548
class cbq 1:20 parent 1:1 leaf 200: rate 256Kbit prio no-transmit
Sent 4519965 bytes 3254 pkts (dropped 0, overlimits 1017602)
backlog 14p
borrowed 177 overactions 2484 avgidle -30709 undertime 21214
### eth1: filtering rules
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
flowid 1:10
match 0a000002/ffffffff at 16
filter parent 1: protocol ip pref 1 u32 fh 800::801 order 2049 key ht 800 bkt 0
flowid 1:20
match 0a000003/ffffffff at 16
