ive got problems with my network (120 people) ive got big pings (300ms)m whereas there are normally about 19ms. i do not know if my qos is proper (fast i mean). www.tdi.pozman.pl/fir2 - my qos www.tdi.pozman.pl/rules - my firewall can sb tell me if do it ok ? -- *Dariusz ''tdi'' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:tdi@gentoo.pl|[gg]:2266034|[IRC]:#gentoo-pl@freenode | *[MAIL]:tdi@pozman.pl|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Greetings Dariusz,
: ive got problems with my network (120 people)
: ive got big pings (300ms)m whereas there are normally about 19ms.
: i do not know if my qos is proper (fast i mean).
:
: www.tdi.pozman.pl/fir2 - my qos
: www.tdi.pozman.pl/rules - my firewall
After examining ''fir2'', which shows an HTB class structure
listed below, I
think you don''t quite understand the guarantees and the borrowing model
of
HTB.
your Internet bound traffic (1:2) -- - - - --> rate ceil
|
+--------+--------+--------+--------+-------+
1:N | 1:7 | 1:6 | 1:5 | 1:4 |
| [ lots of | | | +--> 128kbit 256kbit
| classes | | +-- - - - -> 128kbit 256kbit
| here ] | +- - - - - - - - - -> 128kbit 256kbit
| +-- - - - - - - - - - - - - -> 128kbit 256kbit
| ... ...
+-- - - - - - - - - - - - - - - - - - - - - - -> 128kbit 256kbit
In your case, N=163 (although I didn''t check that every class was
created with the same rate/bandwidth). The problem you are having is that
the borrowing (and hence, shaping) model never gets a chance to go into
effect.
Every leaf class (1:4 through 1:166) is guaranteed 128kbit. Your QoS
setup is actually not helping you at all! It''s configured to guarantee
around 19mbit (128kbit * 163 guarantees).
Given your available Internet bandwidth, it should work out a bit better
for you if you slim down the total number of classes and lump a few
handfuls of users in each class with an embedded SFQ. You may find that
Stef''s rules for HTB shaping are quite handy [0], and also my HTB
description [1].
Good luck,
-Martin
[0] http://www.docum.org/docum.org/faq/cache/10.html
[1] http://tldp.org/HOWTO/Traffic-Control-HOWTO/classful-qdiscs.html#qc-htb
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
so the sun of all rates of speeds of classes for the clients should be less than the rate of the class 1:2 ? or i understand it badly ? -- *Dariusz ''tdi'' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:tdi@gentoo.pl|[gg]:2266034|[IRC]:#gentoo-pl@freenode | *[MAIL]:tdi@pozman.pl|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Dariusz,
: so the sum of all rates of speeds of classes for the clients should be
: less than the rate of the class 1:2 ? or i understand it badly ?
Indeed, you understand correctly. Your client classes are leaf classes.
- An HTB leaf class guarantees <rate> access.
- Above <rate>, the leaf class will borrow (from parents) up to
<ceil>.
This bears repetition: the guaranteed total of bandwidth, before HTB
shaping and borrowing begins, is the sum of the rates of the leaf classes.
- If you want to make sure that the borrowing and shaping works
correctly, be certain to configure HTB so that the leaf (and child)
classes can never send more traffic than the parent has in <ceil>.
- For best results, configure HTB so that the leaf (and child) classes
can never send more traffic than the parent has in <rate>.
Good luck,
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
--- "Martin A. Brown" <mabrown-lartc@securepipe.com> wrote:> > Dariusz, > > : so the sum of all rates of speeds of classes for > the clients should be > : less than the rate of the class 1:2 ? or i > understand it badly ? > > Indeed, you understand correctly. Your client > classes are leaf classes. > > - An HTB leaf class guarantees <rate> access. > - Above <rate>, the leaf class will borrow (from > parents) up to <ceil>. > > This bears repetition: the guaranteed total of > bandwidth, before HTB > shaping and borrowing begins, is the sum of the > rates of the leaf classes.(snip) Can it ever be truly equal? There is going to be some overhead in having the multiple layers, so although the sum of the rates at level N can never exceed the rate of the parent layer at N-1, the penalties must mean that it must be marginally less (even if this is so marginal as to be hard to detect). __________________________________ Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html
ok i did the calculations and here it is : www.tdi.pozman.pl/fir3 now ping to world from server are superb but. ping to access points in the network are 1-2seconds... people keep on calling and tlling that tranfers on parts of network are 1-3kb/s. i hae to mention that on the old server all was perfect. please anyone :) -- *Dariusz ''tdi'' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:tdi@gentoo.pl|[gg]:2266034|[IRC]:#gentoo-pl@freenode | *[MAIL]:tdi@pozman.pl|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Tue, 2005-07-12 at 19:47 +0200, Dariusz Dwornikowski wrote:> ok i did the calculations and here it is : www.tdi.pozman.pl/fir3 > > now ping to world from server are superb but. ping to access points in the network are 1-2seconds... > people keep on calling and tlling that tranfers on parts of network are 1-3kb/s. > > i hae to mention that on the old server all was perfect. > please anyone :) > > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartcAnytime I have ever had this problem which was 4 times 2 weeks ago was due to a loop in the network. I have no explanation for it and am pulling my hair out. Some time rebooting AP works sometimes reboot a switch works. Its not my network I am just trying to help someone fix it. Have not had the problem since I told the guy to pull all the cables out and re cable the network. I would not of said this only your iptables and tc looks like mine and the problem sounds so-similar. But this was the only post I could find from you.