LARTC - Jan 2006 - Simple shaping question

I have linux box (does nat and firewall for small network) connected
to dsl. I want to set priorities for protocols (that nothing could
disturb web browsing). This is my rules (eth0 connected to internet):

/sbin/tc qdisc del dev eth0 root
/sbin/tc qdisc add dev eth0 root handle 1 htb default 30 r2q 100

/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 900Kbit burst 15k

/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 900Kbit
ceil 900Kbit
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip sport 80 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip dport 80 0xffff classid 1:10

/sbin/tc class add dev eth0 parent 1:2 classid 1:20 htb rate 10Kbit ceil 900Kbit

I start to download from ftp it uses all bandwidth (as it should be),
when I start to download on web, web and ftp rated become more or less
equal :/ . I want that ftp traffic would be limited to 10kbit and all
other bandwidth would be left for web trafic.

What is wrong with my rules?
Thank you for advice!

Try chosing a lower limit for the 80th port at least 900-10, then add a 
sfq qdisc down the 1:10, 1:20 and 1:30 classes like this:

tc qdisc add dev eth0 parent 1:x0 handle 1: sfq perturb 10

It will work, i had that kind of problem before.

Regards.

-Diego




Jonas Jasas escribió:
>I have linux box (does nat and firewall for small network) connected
>to dsl. I want to set priorities for protocols (that nothing could
>disturb web browsing). This is my rules (eth0 connected to internet):
>
>/sbin/tc qdisc del dev eth0 root
>/sbin/tc qdisc add dev eth0 root handle 1 htb default 30 r2q 100
>
>/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 900Kbit burst 15k
>
>/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 900Kbit
>ceil 900Kbit
>/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
>ip sport 80 0xffff classid 1:10
>/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
>ip dport 80 0xffff classid 1:10
>
>/sbin/tc class add dev eth0 parent 1:2 classid 1:20 htb rate 10Kbit ceil
900Kbit
>
>I start to download from ftp it uses all bandwidth (as it should be),
>when I start to download on web, web and ftp rated become more or less
>equal :/ . I want that ftp traffic would be limited to 10kbit and all
>other bandwidth would be left for web trafic.
>
>What is wrong with my rules?
>Thank you for advice!
>_______________________________________________
>LARTC mailing list
>LARTC@mailman.ds9a.nl
>http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>  
>

Also, there''s a mistake in your tc filter line, change classid by
flowid. Take a look at the man page.

-Diego

Diego Cabrero escribió:
Try
chosing a lower limit for the 80th port at least 900-10, then add a sfq
qdisc down the 1:10, 1:20 and 1:30 classes like this:

tc qdisc add dev eth0 parent 1:x0 handle 1: sfq perturb 10

It will work, i had that kind of problem before.

Regards.

-Diego

Jonas Jasas escribió:

  I have linux box (does nat and firewall for
small network) connected

to dsl. I want to set priorities for protocols (that nothing could

disturb web browsing). This is my rules (eth0 connected to internet):

/sbin/tc qdisc del dev eth0 root

/sbin/tc qdisc add dev eth0 root handle 1 htb default 30 r2q 100

/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 900Kbit
burst 15k

/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 900Kbit

ceil 900Kbit

/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match

ip sport 80 0xffff classid 1:10

/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match

ip dport 80 0xffff classid 1:10

/sbin/tc class add dev eth0 parent 1:2 classid 1:20 htb rate 10Kbit
ceil 900Kbit

I start to download from ftp it uses all bandwidth (as it should be),

when I start to download on web, web and ftp rated become more or less

equal :/ . I want that ftp traffic would be limited to 10kbit and all

other bandwidth would be left for web trafic.

What is wrong with my rules?

Thank you for advice!

_______________________________________________

LARTC mailing list

LARTC@mailman.ds9a.nl

http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

_______________________________________________

LARTC mailing list

LARTC@mailman.ds9a.nl

http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-- 

Firma

Diego Cabrero

Ingeniero en Automática y Electrónica Ind.

      diego.cabrero@e-attico.net

Tel. 983 36 13 23 - Fax 983 34 19 86

Fundación ATTICO

      Fundación de Apoyo Tecnológico a la Transformación
      Industrial y para la Competitividad Empresarial

      Sede Social:

      C/ Camino del Cabildo 40,

47009 Valladolid

====================== CLÁUSULA DE CONFIDENCIALIDAD
=======================
Este correo y sus anexos pueden contener información confidencial o
legalmente protegida. Si le hubiera llegado por error, notifíquelo
inmediatamente al remitente y por favor elimínelo sin revisarlo ni
reenviarlo; cualquier copia, divulgación, distribución o uso de los
contenidos está prohibida. Gracias por su colaboración.

==========================CONFIDENTIALITY NOTE
===========================
This email, including any attached files, may contain confidential or
legally privileged information. If you received it by error, please
notify
the sender immediately and destroy it without reading or forwarding it;
any
copying, disclosure, distribution or use of its contents is strictly
prohibited. Thank you for your collaboration.


_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Thank you for your help!
This is my modified rules, but that work exactly as before :~/

/sbin/tc qdisc del dev eth0 root
/sbin/tc qdisc add dev eth0 root handle 1 htb default 20 r2q 100
/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 900Kbit burst 15k
/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 890Kbit
ceil 900Kbit
/sbin/tc class add dev eth0 parent 1:2 classid 1:20 htb rate 10Kbit ceil 900Kbit
/sbin/tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
/sbin/tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip sport 80 0xffff flowid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip dport 80 0xffff flowid 1:10

Are these rules OK or I am missing something again? Can anyone show me
working example of similar rules.

Thanks again for help!

I''m not sure what might be wrong but try it again without ''r2q
100'',
''burst 15k'' (keep default settings) and changing prio 100 by
prio 3 or
something .similar.

Good luck.

Jonas Jasas escribió:

Thank you for your help!
This is my modified rules, but that work exactly as before :~/

/sbin/tc qdisc del dev eth0 root
/sbin/tc qdisc add dev eth0 root handle 1 htb default 20 r2q 100
/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 900Kbit burst 15k
/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 890Kbit
ceil 900Kbit
/sbin/tc class add dev eth0 parent 1:2 classid 1:20 htb rate 10Kbit ceil 900Kbit
/sbin/tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
/sbin/tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip sport 80 0xffff flowid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match
ip dport 80 0xffff flowid 1:10

Are these rules OK or I am missing something again? Can anyone show me
working example of similar rules.

Thanks again for help!
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-- 

Firma

Diego Cabrero

Ingeniero en Automática y Electrónica Ind.

      diego.cabrero@e-attico.net

Tel. 983 36 13 23 - Fax 983 34 19 86

Fundación ATTICO

      Fundación de Apoyo Tecnológico a la Transformación
      Industrial y para la Competitividad Empresarial

      Sede Social:

      C/ Camino del Cabildo 40,

47009 Valladolid

====================== CLÁUSULA DE CONFIDENCIALIDAD
=======================
Este correo y sus anexos pueden contener información confidencial o
legalmente protegida. Si le hubiera llegado por error, notifíquelo
inmediatamente al remitente y por favor elimínelo sin revisarlo ni
reenviarlo; cualquier copia, divulgación, distribución o uso de los
contenidos está prohibida. Gracias por su colaboración.

==========================CONFIDENTIALITY NOTE
===========================
This email, including any attached files, may contain confidential or
legally privileged information. If you received it by error, please
notify
the sender immediately and destroy it without reading or forwarding it;
any
copying, disclosure, distribution or use of its contents is strictly
prohibited. Thank you for your collaboration.


_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

On Wed, Jan 11, 2006 at 05:05:10PM +0200, Jonas Jasas
wrote:
> Thank you for your help!
> This is my modified rules, but that work exactly as before :~/
> 
> /sbin/tc qdisc del dev eth0 root
The problem is that eth0 is connected to Internet?

Do you really want to shape outgoing (ACK?) packets?
> 
> Thanks again for help!
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-- 
  _,-=._              /|_/|
  `-.}   `=._,.-=-._.,  @ @._,
     `._ _,-.   )      _,.-''
        `    G.m-"^m`m''        Dmytro O. Redchuk

On 1/12/06, Dmytro O. Redchuk <dor@ldc.net> wrote:
> The problem is that eth0 is connected to Internet?
Yes it is connected to internet, but what is the difference if it is
connected to internet or LAN?
> Do you really want to shape outgoing (ACK?) packets?
Yes, I have router and web server in one box. So I want that
outgoing/incoming  office traffic and web servers traffic would be
with the high priority.

In what place of iptables this htb traffic control is handled?
My rules are ok when I set the same rate and ceil.

Now my guess once you have told that it is connected to a router the
packet information about destiny and source port changes in between lan
device and router device. So then you want to mark packets always by
the LAN side no matter what you are shapping or what way (inbound or
outbound).

I hope this works.

-Diego

Jonas Jasas escribió:

On 1/12/06, Dmytro O. Redchuk  wrote:

The problem is that eth0 is connected to Internet?

connected to internet or LAN?

Do you really want to shape outgoing (ACK?) packets?

outgoing/incoming  office traffic and web servers traffic would be
with the high priority.

In what place of iptables this htb traffic control is handled?
My rules are ok when I set the same rate and ceil.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-- 

Firma

Diego Cabrero

Ingeniero en Automática y Electrónica Ind.

      diego.cabrero@e-attico.net

Tel. 983 36 13 23 - Fax 983 34 19 86

Fundación ATTICO

      Fundación de Apoyo Tecnológico a la Transformación
      Industrial y para la Competitividad Empresarial

      Sede Social:

      C/ Camino del Cabildo 40,

47009 Valladolid

====================== CLÁUSULA DE CONFIDENCIALIDAD
=======================
Este correo y sus anexos pueden contener información confidencial o
legalmente protegida. Si le hubiera llegado por error, notifíquelo
inmediatamente al remitente y por favor elimínelo sin revisarlo ni
reenviarlo; cualquier copia, divulgación, distribución o uso de los
contenidos está prohibida. Gracias por su colaboración.

==========================CONFIDENTIALITY NOTE
===========================
This email, including any attached files, may contain confidential or
legally privileged information. If you received it by error, please
notify
the sender immediately and destroy it without reading or forwarding it;
any
copying, disclosure, distribution or use of its contents is strictly
prohibited. Thank you for your collaboration.


_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

On Thu, Jan 12, 2006 at 10:48:13AM +0200, Jonas Jasas
wrote:
> On 1/12/06, Dmytro O. Redchuk <dor@ldc.net> wrote:
> > The problem is that eth0 is connected to Internet?
> Yes it is connected to internet, but what is the difference if it is
> connected to internet or LAN?
> 
> > Do you really want to shape outgoing (ACK?) packets?
> Yes, I have router and web server in one box. So I want that
> outgoing/incoming  office traffic and web servers traffic would be
> with the high priority.
> 
> In what place of iptables this htb traffic control is handled?
> My rules are ok when I set the same rate and ceil.
Then, sorry, I didn''t understand which traffic you would like to
control
and in which way. And still can not understand.

Can you draw a picture? Let''s say, a client (who wants to download), a
server (who offers web or ftp services), a box (who should perform a
traffic control), thier interfaces...

-- 
  _,-=._              /|_/|
  `-.}   `=._,.-=-._.,  @ @._,
     `._ _,-.   )      _,.-''
        `    G.m-"^m`m''        Dmytro O. Redchuk