Hi. there is a way to MARK udp VOIP (SIP) traffic, in order to put in a highest prio class ? Traffic flow seems start on udp 5060 port, but next both server and client seems jump to a random(?) port. I can''t use CONNMARK because is udp traffic. I only see a pattern for L7 patch in order to SIP traffic identification , but I run 2.4 kernel series . When you patch 2.4 kernel with L7 patch, later, Connmark (patch o matic ) can''t apply. (conflicts) thank you. -- Andres
Hi I am pretty much a newbie, I found with sip if I match ports 5060 and 10000 - 20000 it works I noticed on some phones the use 13000 - 14000 and others use 18000 - 19000. there is a new sip-contrack out although I haven''t tried it yet. william -----Original Message----- From: lartc-bounces@mailman.ds9a.nl [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of LinuXKiD Sent: 17 April 2006 15:59 To: lartc Subject: [LARTC] Sip Traffic Hi. there is a way to MARK udp VOIP (SIP) traffic, in order to put in a highest prio class ? Traffic flow seems start on udp 5060 port, but next both server and client seems jump to a random(?) port. I can''t use CONNMARK because is udp traffic. I only see a pattern for L7 patch in order to SIP traffic identification , but I run 2.4 kernel series . When you patch 2.4 kernel with L7 patch, later, Connmark (patch o matic ) can''t apply. (conflicts) thank you. -- Andres _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
mmm... intresting.... http://sipx-wiki.calivia.com/index.php/HowTo_configure_iptables ip_conntrack_sip Someone has tried it ? works on 2.4 kernel series ? thanks -> -> -> Hi I am pretty much a newbie, I found with sip if I match ports 5060 and -> 10000 - 20000 it works I noticed on some phones the use 13000 - 14000 and -> others use 18000 - 19000. there is a new sip-contrack out although I -> haven''t tried it yet. -> -> william -> -> -----Original Message----- -> From: lartc-bounces@mailman.ds9a.nl -> [mailto:lartc-bounces@mailman.ds9a.nl] -> On Behalf Of LinuXKiD -> Sent: 17 April 2006 15:59 -> To: lartc -> Subject: [LARTC] Sip Traffic -> -> -> Hi. -> -> there is a way to MARK udp VOIP (SIP) traffic, -> in order to put in a highest prio class ? -> -> Traffic flow seems start on udp 5060 port, but -> next both server and client seems jump to a -> random(?) port. -> -> I can''t use CONNMARK because is udp traffic. -> -> I only see a pattern for L7 patch in order to -> SIP traffic identification , but I run 2.4 -> kernel series . -> -> When you patch 2.4 kernel with L7 patch, -> later, Connmark (patch o matic ) can''t apply. -> (conflicts) -> -> thank you. -> -- -> Andres -> _______________________________________________ -> LARTC mailing list -> LARTC@mailman.ds9a.nl -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ->
Mensaje citado por: LinuXKiD <gregoriandres@yahoo.com.ar>:> > mmm... intresting....:) indeed..> Someone has tried it ?I suppose, i have received very goog feedback about it.> works on 2.4 kernel series ?Only > 2.6.11. (rusty newnat api) BTW, using the \"helper\" extension in IPTABLES is possible to mark sip related traffic easily> thanksCheers. __________________________________ Registrate desde http://servicios.arnet.com.ar/registracion/registracion.asp?origenid=9 y participá de todos los beneficios del Portal Arnet.
L7 filter works very well too: http://l7-filter.sourceforge.net/ Although I didn''t try it with sip, I use it to control my P2P and server applications and have a very usable ADSL link at almost 100% utilization of my upstream. El Martes, 18 de Abril de 2006 07:45, LinuXKiD escribió:> mmm... intresting.... > > http://sipx-wiki.calivia.com/index.php/HowTo_configure_iptables > > ip_conntrack_sip > > Someone has tried it ? > > works on 2.4 kernel series ? > > thanks > > > > > -> > -> > -> Hi I am pretty much a newbie, I found with sip if I match ports 5060 and > -> 10000 - 20000 it works I noticed on some phones the use 13000 - 14000 > and -> others use 18000 - 19000. there is a new sip-contrack out although > I -> haven''t tried it yet. > -> > -> william > -> > -> -----Original Message----- > -> From: lartc-bounces@mailman.ds9a.nl > -> [mailto:lartc-bounces@mailman.ds9a.nl] > -> On Behalf Of LinuXKiD > -> Sent: 17 April 2006 15:59 > -> To: lartc > -> Subject: [LARTC] Sip Traffic > -> > -> > -> Hi. > -> > -> there is a way to MARK udp VOIP (SIP) traffic, > -> in order to put in a highest prio class ? > -> > -> Traffic flow seems start on udp 5060 port, but > -> next both server and client seems jump to a > -> random(?) port. > -> > -> I can''t use CONNMARK because is udp traffic. > -> > -> I only see a pattern for L7 patch in order to > -> SIP traffic identification , but I run 2.4 > -> kernel series . > -> > -> When you patch 2.4 kernel with L7 patch, > -> later, Connmark (patch o matic ) can''t apply. > -> (conflicts) > -> > -> thank you. > -> -- > -> Andres > -> _______________________________________________ > -> LARTC mailing list > -> LARTC@mailman.ds9a.nl > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > -> > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On Thursday 20 April 2006 22:19, Francisco wrote:> L7 filter works very well too: > http://l7-filter.sourceforge.net/ > > Although I didn''t try it with sip, I use it to control my P2P and server > applications and have a very usable ADSL link at almost 100% utilization of > my upstream.Does any of that include eMule traffic? I stopped having success with eMule protocols and L7 a year or two ago and the pattern hasn''t been updated in ages. -- Jason Boxman http://edseek.com/ - Linux and FOSS stuff
About SIP: the traffic does not "jump" at a random port, it is another type of traffic that you see afterwards, it''s the RTP stream. SIP is used only for signaling a session hence the name Session Initiation Protocol. The SIP messages contain the IP Address + Port where the RTP flow will appear. The RTP might not have the same IP address as the SIP destination. If you want to prioritize SIP and RTP you can use your own SIP Proxy (i''m using SER from www.iptel.org) with somekind of gateway (RTPPROXY may be just enough for an end user). By the way, if some SIP clients do not find port 5060 free, they choose cvasi-randomly another port. Marius On 4/21/06, Francisco <ranmakun@arnet.com.ar> wrote:> > L7 filter works very well too: > http://l7-filter.sourceforge.net/ > > Although I didn''t try it with sip, I use it to control my P2P and server > applications and have a very usable ADSL link at almost 100% utilization > of > my upstream. > > > El Martes, 18 de Abril de 2006 07:45, LinuXKiD escribió: > > mmm... intresting.... > > > > http://sipx-wiki.calivia.com/index.php/HowTo_configure_iptables > > > > ip_conntrack_sip > > > > Someone has tried it ? > > > > works on 2.4 kernel series ? > > > > thanks > > > > > > > > > > -> > > -> > > -> Hi I am pretty much a newbie, I found with sip if I match ports 5060 > and > > -> 10000 - 20000 it works I noticed on some phones the use 13000 - 14000 > > and -> others use 18000 - 19000. there is a new sip-contrack out > although > > I -> haven''t tried it yet. > > -> > > -> william > > -> > > -> -----Original Message----- > > -> From: lartc-bounces@mailman.ds9a.nl > > -> [mailto:lartc-bounces@mailman.ds9a.nl] > > -> On Behalf Of LinuXKiD > > -> Sent: 17 April 2006 15:59 > > -> To: lartc > > -> Subject: [LARTC] Sip Traffic > > -> > > -> > > -> Hi. > > -> > > -> there is a way to MARK udp VOIP (SIP) traffic, > > -> in order to put in a highest prio class ? > > -> > > -> Traffic flow seems start on udp 5060 port, but > > -> next both server and client seems jump to a > > -> random(?) port. > > -> > > -> I can''t use CONNMARK because is udp traffic. > > -> > > -> I only see a pattern for L7 patch in order to > > -> SIP traffic identification , but I run 2.4 > > -> kernel series . > > -> > > -> When you patch 2.4 kernel with L7 patch, > > -> later, Connmark (patch o matic ) can''t apply. > > -> (conflicts) > > -> > > -> thank you. > > -> -- > > -> Andres > > -> _______________________________________________ > > -> LARTC mailing list > > -> LARTC@mailman.ds9a.nl > > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > -> > > > > _______________________________________________ > > LARTC mailing list > > LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi, I was wondering if there is any alternative to netem drop probability... the reason I ask is that whenever I turn it on I get about 500KB/sec less throughput with 0% packet loss The caveat is that it must work with 2.4.32 :) Thanks! George Jason Boxman wrote:>On Thursday 20 April 2006 22:19, Francisco wrote: > > >>L7 filter works very well too: >>http://l7-filter.sourceforge.net/ >> >>Although I didn''t try it with sip, I use it to control my P2P and server >>applications and have a very usable ADSL link at almost 100% utilization of >>my upstream. >> >> > >Does any of that include eMule traffic? I stopped having success with eMule >protocols and L7 a year or two ago and the pattern hasn''t been updated in >ages. > > >
sounds good :-) BTW, someone has tried "ip_conntrack_sip" module from netfilter ???? (in order match and priorize VoIP Traffic ? -SIP and RTP- ) thank you -> -----Mensaje original----- -> De: lartc-bounces@mailman.ds9a.nl -> [mailto:lartc-bounces@mailman.ds9a.nl]En nombre de Francisco -> Enviado el: Jueves, 20 de Abril de 2006 11:19 p.m. -> Para: lartc@mailman.ds9a.nl -> Asunto: Re: [LARTC] Sip Traffic -> -> -> L7 filter works very well too: -> http://l7-filter.sourceforge.net/ -> -> Although I didn''t try it with sip, I use it to control my P2P and server -> applications and have a very usable ADSL link at almost 100% -> utilization of -> my upstream. -> -> -> El Martes, 18 de Abril de 2006 07:45, LinuXKiD escribió: -> > mmm... intresting.... -> > -> > http://sipx-wiki.calivia.com/index.php/HowTo_configure_iptables -> > -> > ip_conntrack_sip -> > -> > Someone has tried it ? -> > -> > works on 2.4 kernel series ? -> > -> > thanks -> > -> > -> > -> > -> > -> -> > -> -> > -> Hi I am pretty much a newbie, I found with sip if I match -> ports 5060 and -> > -> 10000 - 20000 it works I noticed on some phones the use -> 13000 - 14000 -> > and -> others use 18000 - 19000. there is a new sip-contrack -> out although -> > I -> haven''t tried it yet. -> > -> -> > -> william -> > -> -> > -> -----Original Message----- -> > -> From: lartc-bounces@mailman.ds9a.nl -> > -> [mailto:lartc-bounces@mailman.ds9a.nl] -> > -> On Behalf Of LinuXKiD -> > -> Sent: 17 April 2006 15:59 -> > -> To: lartc -> > -> Subject: [LARTC] Sip Traffic -> > -> -> > -> -> > -> Hi. -> > -> -> > -> there is a way to MARK udp VOIP (SIP) traffic, -> > -> in order to put in a highest prio class ? -> > -> -> > -> Traffic flow seems start on udp 5060 port, but -> > -> next both server and client seems jump to a -> > -> random(?) port. -> > -> -> > -> I can''t use CONNMARK because is udp traffic. -> > -> -> > -> I only see a pattern for L7 patch in order to -> > -> SIP traffic identification , but I run 2.4 -> > -> kernel series . -> > -> -> > -> When you patch 2.4 kernel with L7 patch, -> > -> later, Connmark (patch o matic ) can''t apply. -> > -> (conflicts) -> > -> -> > -> thank you. -> > -> -- -> > -> Andres -> > -> _______________________________________________ -> > -> LARTC mailing list -> > -> LARTC@mailman.ds9a.nl -> > -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> > -> -> > -> > _______________________________________________ -> > LARTC mailing list -> > LARTC@mailman.ds9a.nl -> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> _______________________________________________ -> LARTC mailing list -> LARTC@mailman.ds9a.nl -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-> About SIP: the traffic does not "jump" at a random port, it is -> another type of traffic that you see afterwards, it''s the RTP stream. OK!, Thank you. I understand. -> SIP is used only for signaling a session hence the name Session -> Initiation Protocol. The SIP messages contain the IP Address + -> Port where the RTP flow will appear. The RTP might not have the -> same IP address as the SIP destination. If you want to -> prioritize SIP and RTP you can use your own SIP Proxy (i''m using -> SER from www.iptel.org) with somekind of gateway (RTPPROXY may -> be just enough for an end user). Ok, thank you. I''m newbie with VoIP . AFAIK , Ser is a router. But I need to priorize SIP traffic on my (very)custom router linux.2.4.28. There is a way to integrate openSer with it ? best regards andres
eMule detection works very well, this has really changed the way I use my upload bandwidth. El Jueves, 20 de Abril de 2006 23:25, Jason Boxman escribió:> On Thursday 20 April 2006 22:19, Francisco wrote: > > L7 filter works very well too: > > http://l7-filter.sourceforge.net/ > > > > Although I didn''t try it with sip, I use it to control my P2P and server > > applications and have a very usable ADSL link at almost 100% utilization > > of my upstream. > > Does any of that include eMule traffic? I stopped having success with > eMule protocols and L7 a year or two ago and the pattern hasn''t been > updated in ages.
Why not just prioritize everything that comes to/from that SIP phone? So forget about ports, just prioritize the IP Address? Use the IP Address to identify traffic you want to move with elevated priority. Just a thought... - Greg -----Original Message----- From: lartc-bounces@mailman.ds9a.nl [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of Francisco Sent: Friday, April 21, 2006 10:17 PM To: lartc@mailman.ds9a.nl Subject: Re: [LARTC] Sip Traffic eMule detection works very well, this has really changed the way I use my upload bandwidth. El Jueves, 20 de Abril de 2006 23:25, Jason Boxman escribió:> On Thursday 20 April 2006 22:19, Francisco wrote: > > L7 filter works very well too: > > http://l7-filter.sourceforge.net/ > > > > Although I didn''t try it with sip, I use it to control my P2P and server > > applications and have a very usable ADSL link at almost 100% utilization > > of my upstream. > > Does any of that include eMule traffic? I stopped having success with > eMule protocols and L7 a year or two ago and the pattern hasn''t been > updated in ages._______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>Why not just prioritize everything that comes to/from that SIP phone? Soforget about ports, just prioritize the IP >Address? Use the IP Address to identify traffic you want to move with elevated priority. Just a thought... If we got to this, what if the end user is a laptop and wants to do e-mule too? I am just asking, maybe there is an idea here... Marius _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi,
Why don\''t just use \"--helper sip\" extension in
IPTABLES with ip_conntrack_sip loaded. That would see, and track RTP trafic in
the machine.
Please, if you do send me feed about the module.
Thanks.
CH.
Mensaje citado por: Marius Corici <coricim@gmail.com>:
> >Why not just prioritize everything that comes to/from that SIP phone?
So
> forget about ports, just prioritize the IP >Address? Use the IP Address
to
> identify traffic you want to move with elevated priority. Just a
> thought..> .
>
> If we got to this, what if the end user is a laptop and wants to do e-mule
> too? I am just asking, maybe there is an idea here...
>
> Marius
>
__________________________________
Registrate desde
http://servicios.arnet.com.ar/registracion/registracion.asp?origenid=9 y
participá de todos los beneficios del Portal Arnet.
Hi all, I setup a Linux machine to act as Lan Authentication server. So, the same script that redirect the http connection to a login web page, it create some queues to limit traffic, login by login. The PC uses only 1 ethernet interface that receive the packets source routed to it and forward/nat to the external gateway using the same interface. For each login I create a queue like that: tc class add dev ''.$if_externa.'' parent 1:1 classid 1:''.$filaDown.'' htb rate ''.$banda_down.''kbit ceil ''.$banda_down.''kbit prio 1'' tc filter add dev $if_externa protocol ip parent 1:0 prio 1 handle ::$filaDown u32 match ip dst $ipcliente/32 flowid 1:$filaDown My problem is that most of the queues created does NOT get full rate as defined. I can see the packets entering backlog with much less rate than defined, ex: class htb 1:b1 parent 1:1 prio 1 rate 256Kbit ceil 256Kbit burst 1926b cburst 1926b Sent 6644151 bytes 5435 pkts (dropped 0, overlimits 0) rate 669bps backlog 107p Some help ? Thanks in advance, Luciano Lima
This post is from Samuel Garcia. (thank you ) -> -> I tried it with kernel 2.6.15.x and many pom-ng patches and those modules -> (conntrack and nat) hangs up the system. -> -> I don''t recommend it, at least for now over 2.6.x kernel series. -> -> Regards -> -> -> Hi, -> Why don\''t just use \"--helper sip\" extension in -> IPTABLES with ip_conntrack_sip loaded. That would see, and track -> RTP trafic in the machine. -> -> Please, if you do send me feed about the module. -> Thanks. -> CH. -> -> Mensaje citado por: Marius Corici <coricim@gmail.com>: -> -> > >Why not just prioritize everything that comes to/from that -> SIP phone? So -> > forget about ports, just prioritize the IP >Address? Use the -> IP Address to -> > identify traffic you want to move with elevated priority. Just a -> > thought..> . -> > -> > If we got to this, what if the end user is a laptop and wants -> to do e-mule -> > too? I am just asking, maybe there is an idea here... -> > -> > Marius -> > -> -> __________________________________ -> Registrate desde http://servicios.arnet.com.ar/registracion/registracion.asp?origenid=9 y participá de todos los beneficios del Portal Arnet. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi, well there\''s a line to change in ip_conntrack_sip.c. The \''hangup\'' if because the ip_ct_refresh() function. That\''s documented BTW in the netfilter list. I\''m sorry don\''t have the time to submit a patch to the netfilter svn. I\''ll try to do it. Cheers. Christian Hentschel Mensaje citado por: LinuXKiD <gregoriandres@yahoo.com.ar>:> > > This post is from Samuel Garcia. (thank you ) > > -> > -> I tried it with kernel 2.6.15.x and many pom-ng patches and those > modules > -> (conntrack and nat) hangs up the system. > -> > -> I don\''t recommend it, at least for now over 2.6.x kernel series. > -> > -> Regards > -> > > > > > > > > > -> > -> Hi, > -> Why don\\\''t just use \\\"--helper sip\\\" extension in > -> IPTABLES with ip_conntrack_sip loaded. That would see, and track > -> RTP trafic in the machine. > -> > -> Please, if you do send me feed about the module. > -> Thanks. > -> CH. > -> > -> Mensaje citado por: Marius Corici <coricim@gmail.com>: > -> > -> > >Why not just prioritize everything that comes to/from that > -> SIP phone? So > -> > forget about ports, just prioritize the IP >Address? Use the > -> IP Address to > -> > identify traffic you want to move with elevated priority. Just a > -> > thought..> . > -> > > -> > If we got to this, what if the end user is a laptop and wants > -> to do e-mule > -> > too? I am just asking, maybe there is an idea here... > -> > > -> > Marius > -> > > -> > -> __________________________________ > -> Registrate desde > http://servicios.arnet.com.ar/registracion/registracion.asp?origenid=9 y > participá de todos los beneficios del Portal Arnet. > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >__________________________________ Registrate desde http://servicios.arnet.com.ar/registracion/registracion.asp?origenid=9 y participá de todos los beneficios del Portal Arnet.
Luciano wrote:> Hi all, > > I setup a Linux machine to act as Lan Authentication server. So, the > same script that redirect the http connection to a login web page, it > create some queues to limit traffic, login by login. > > The PC uses only 1 ethernet interface that receive the packets source > routed to it and forward/nat to the external gateway using the same > interface. > > For each login I create a queue like that: > > tc class add dev ''.$if_externa.'' parent 1:1 classid 1:''.$filaDown.'' htb > rate ''.$banda_down.''kbit ceil ''.$banda_down.''kbit prio 1'' > tc filter add dev $if_externa protocol ip parent 1:0 prio 1 handle > ::$filaDown u32 match ip dst $ipcliente/32 flowid 1:$filaDown > > My problem is that most of the queues created does NOT get full rate as > defined. I can see the packets entering backlog with much less rate than > defined, ex: > > class htb 1:b1 parent 1:1 prio 1 rate 256Kbit ceil 256Kbit burst 1926b > cburst 1926b > Sent 6644151 bytes 5435 pkts (dropped 0, overlimits 0) > rate 669bps backlog 107pHtb rate average can be quite long and misleading. I would tcpdump and see whether the rate looks OK with that. If not see what the dequeue behaviour is - you don''t show all your rules, if you are using htb default class on root and shaping eth remember arp will get delayed there unless you filter it elsewhere. Andy.
Hi Andy, I´m not sure if I understood what you told about arp packets. I use htb default but the problem occurs even when the default queue rate is low (it is almost always low in rate and pps). The attached files are: Rc.local - criation of the basic queues including default Regras.inc - criation of each queue when the user login Queues - statistics of the basic queues Thanks for help, Luciano -----Mensagem original----- De: Andy Furniss [mailto:andy.furniss@dsl.pipex.com] Enviada em: segunda-feira, 24 de abril de 2006 20:33 Para: Luciano Cc: lartc@mailman.ds9a.nl; Jader@elo.com.br Assunto: Re: [LARTC] Backlog with less rate than defined Luciano wrote:> Hi all, > > I setup a Linux machine to act as Lan Authentication server. So, the > same script that redirect the http connection to a login web page, it > create some queues to limit traffic, login by login. > > The PC uses only 1 ethernet interface that receive the packets source > routed to it and forward/nat to the external gateway using the same > interface. > > For each login I create a queue like that: > > tc class add dev ''.$if_externa.'' parent 1:1 classid 1:''.$filaDown.''htb> rate ''.$banda_down.''kbit ceil ''.$banda_down.''kbit prio 1'' > tc filter add dev $if_externa protocol ip parent 1:0 prio 1 handle > ::$filaDown u32 match ip dst $ipcliente/32 flowid 1:$filaDown > > My problem is that most of the queues created does NOT get full rateas> defined. I can see the packets entering backlog with much less ratethan> defined, ex: > > class htb 1:b1 parent 1:1 prio 1 rate 256Kbit ceil 256Kbit burst 1926b > cburst 1926b > Sent 6644151 bytes 5435 pkts (dropped 0, overlimits 0) > rate 669bps backlog 107pHtb rate average can be quite long and misleading. I would tcpdump and see whether the rate looks OK with that. If not see what the dequeue behaviour is - you don''t show all your rules, if you are using htb default class on root and shaping eth remember arp will get delayed there unless you filter it elsewhere. Andy. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Luciano wrote:> Hi Andy, > > I´m not sure if I understood what you told about arp packets. > I use htb default but the problem occurs even when the default queue > rate is low (it is almost always low in rate and pps).It''s still not ideal even if it''s not the cause - sfq default length is 128 packets so if they were mtu size when it''s full thats 1.5sec delay + drops - and the stats show drops. class htb 1:efff parent 1:1 leaf efff: prio 1 rate 1Mbit ceil 1Mbit burst 2909b cburst 2909b Sent 1113213839 bytes 9059857 pkts (dropped 61529, overlimits 0) rate 1130bps 13pps lended: 9059857 borrowed: 0 giants: 0 I would not use default on eth. Also 100mbit eth is not 100mbit at ip level, which is almost what htb sees (ip+14), so 1:1 needs to be less - but if children don''t add up to that then it won''t hurt. You could just send all unmatched ip to 1:efff with a low prio filter - tc filter add dev eth0 protocol ip parent 1:0 prio 99 u32 match u32 0 0 flowid 1:efff then arp will not get shaped. I notice you use handle on filters maybe OK but I usually only see it with hashing or fw.> > The attached files are: > Rc.local - criation of the basic queues including default > Regras.inc - criation of each queue when the user login > Queues - statistics of the basic queuesHave you measured the rate another way? Andy.
what about using a sip proxy? I''m not sure, but the rtp traffic goes though the sip proxy does it? then you can prioritize traffic with the sip proxy process user id (assuming that you can have a proxy on your router) I have a much more basic question: I installed a qos script based on wondershaper, which is htb based. With voip, the result is not correct (I''ve lot of bandwidth with max prio) How can I mix absolute priority (for voip) with htb? Thanks LinuXKiD wrote:>Hi. > >there is a way to MARK udp VOIP (SIP) traffic, >in order to put in a highest prio class ? > >Traffic flow seems start on udp 5060 port, but >next both server and client seems jump to a >random(?) port. > >I can''t use CONNMARK because is udp traffic. > >I only see a pattern for L7 patch in order to >SIP traffic identification , but I run 2.4 >kernel series . > >When you patch 2.4 kernel with L7 patch, >later, Connmark (patch o matic ) can''t apply. >(conflicts) > >thank you. >-- >Andres >_______________________________________________ >LARTC mailing list >LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > >
I think RTP traffic doesn`t flow through SIP proxy. Only SIP packets flows through SIP proxy and RTP traffic flows end to end. correct me if i`m not. Regards, Suresh Babu On 4/26/06, sophana <sophana@zizi.ath.cx> wrote:> > what about using a sip proxy? > I''m not sure, but the rtp traffic goes though the sip proxy does it? > then you can prioritize traffic with the sip proxy process user id > (assuming that you can have a proxy on your router) > > I have a much more basic question: > I installed a qos script based on wondershaper, which is htb based. > With voip, the result is not correct (I''ve lot of bandwidth with max prio) > How can I mix absolute priority (for voip) with htb? > > Thanks >_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Suresh Babu wrote:> I think RTP traffic doesn`t flow through SIP proxy. Only SIP packets > flows through SIP proxy and RTP traffic flows end to end. > > correct me if i`m not. >would it depend on the kind of sip proxy? I thought that one of the sip proxy functions was to resolve rtp NAT problems.> > I have a much more basic question: > I installed a qos script based on wondershaper, which is htb based. > With voip, the result is not correct (I''ve lot of bandwidth with > max prio) > How can I mix absolute priority (for voip) with htb? > > Thanks >can someone please answer that (surely basic) question? What structure should I have? prio on top?
the RTP traffic does not go through the SIP Proxy. Some solutions to control the voice traffic exist. One is RTP Proxy which communicates with a SER (SIP Express Router) or OpenSER and does as stated in the name, proxying for RTP. As a side efect the outbound ports are known. SIP Proxies do more then nat traversal (in fact this is one of the weak points in the SIP Protocol). For more info read RFC 3261. Marius On 4/26/06, sophana <sophana@zizi.ath.cx> wrote:> > Suresh Babu wrote: > > > I think RTP traffic doesn`t flow through SIP proxy. Only SIP packets > > flows through SIP proxy and RTP traffic flows end to end. > > > > correct me if i`m not. > > > would it depend on the kind of sip proxy? > I thought that one of the sip proxy functions was to resolve rtp NAT > problems. > > > > > I have a much more basic question: > > I installed a qos script based on wondershaper, which is htb based. > > With voip, the result is not correct (I''ve lot of bandwidth with > > max prio) > > How can I mix absolute priority (for voip) with htb? > > > > Thanks > > > can someone please answer that (surely basic) question? > What structure should I have? > prio on top? > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Hi Andy, I changed the configuration with no default on htb, sending unmatched ip packets to a limited queue. It´s now working fine. Thanks a lot. Luciano -----Mensagem original----- De: Andy Furniss [mailto:andy.furniss@dsl.pipex.com] Enviada em: terça-feira, 25 de abril de 2006 20:16 Para: Luciano Cc: lartc@mailman.ds9a.nl; Jader@elo.com.br Assunto: Re: RES: [LARTC] Backlog with less rate than defined Luciano wrote:> Hi Andy, > > I´m not sure if I understood what you told about arp packets. > I use htb default but the problem occurs even when the default queue > rate is low (it is almost always low in rate and pps).It''s still not ideal even if it''s not the cause - sfq default length is 128 packets so if they were mtu size when it''s full thats 1.5sec delay + drops - and the stats show drops. class htb 1:efff parent 1:1 leaf efff: prio 1 rate 1Mbit ceil 1Mbit burst 2909b cburst 2909b Sent 1113213839 bytes 9059857 pkts (dropped 61529, overlimits 0) rate 1130bps 13pps lended: 9059857 borrowed: 0 giants: 0 I would not use default on eth. Also 100mbit eth is not 100mbit at ip level, which is almost what htb sees (ip+14), so 1:1 needs to be less - but if children don''t add up to that then it won''t hurt. You could just send all unmatched ip to 1:efff with a low prio filter - tc filter add dev eth0 protocol ip parent 1:0 prio 99 u32 match u32 0 0 flowid 1:efff then arp will not get shaped. I notice you use handle on filters maybe OK but I usually only see it with hashing or fw.> > The attached files are: > Rc.local - criation of the basic queues including default > Regras.inc - criation of each queue when the user login > Queues - statistics of the basic queuesHave you measured the rate another way? Andy.