Hello list,
I need to realize a complicated custom shaping setup, and given very
little experience with shaping I just can''t wrap my head around it. I
am
not seeking a complete script, I just need an idea/a set of pointers on
how to best subdivide traffic accordingly to my needs, and which shapers
to place on every leaf. I am very experienced with netfilter and have
minor experience with HTB so keep it concise and technical. Enough
blabber here is the setup:
----------- -----------
- wan_a - - wan_b -
- 1.1.1.1 - - 5.5.5.5 -
- 1.1.1.2 - - -
----------- -----------
\ /
\ /
----------------------
- Server/Router -
----------------------
/ \
/ \
------------ ------------
- lan_a - - lan_b -
- 10.1.0.0 - - 10.2.0.0 -
------------ ------------
* Both wan links are synchronous, so excessive queuing is not a problem
* Traffic from both lans is balanced between both 1.1.1.1 and 5.5.5.5
using the statistic/random match, and every connection is kept where it
started using CONNMARK
* The default gateway of Server is either 1.1.1.1 or 5.5.5.5, adjusted
depending on the circumstances
* 1.1.1.2 is used only by a specific process (PROC) on the Server and
nothing else, all other services listen on 0.0.0.0
* The network of lan_a is a /24 logically subdivided into 4 /26
segments: A1 A2 A3 and A4
Here are the goals:
==================
* All small packets get best treatment no matter where they come from. I
am not sure what "small" exactly is but I obviously want to serve ARP,
SYN, ACK, small TCP (HTTP requests, SSH sessions) and small UDP (skype)
with utmost priority.
* If I understand correctly I do not have much control on what comes
FROM the internet destined for processes on the Server itself, so it is
left as is.
* The rest of the traffic coming FROM the internet is forwarded with
diminishing priority to: A1 A2 A3 lan_b A4
* Outgoing traffic TO the internet is sent with this priority: A1 A2 A3
Server lan_b A4 PROC
I sort of imagine how to do every single one of these, but when it comes
to combining it all I can''t figure it out. Any help would be greatly
appreciated.
Lately I had time to make some progress on the problem stated at the start of this thread. Now however I am facing a problem with HTB not working correctly. Since I use the same rules on multiple interfaces, I use the same impossibly high ceil for all of them (1Gbyte), and rely on priorities in order to distribute traffic. However it does not seem to work, although the docs state it should. Here is a minimized example: root@Arzamas:/etc/init.d# tc -d class show dev wan_a class htb 1:1 root rate 8000Mbit ceil 8000Mbit burst 1Kb/8 mpu 0b overhead 0b cburst 1Kb/8 mpu 0b overhead 0b level 7 class htb 1:80 parent 1:1 prio 0 quantum 1000 rate 40000bit ceil 8000Mbit burst 1600b/8 mpu 0b overhead 0b cburst 1Kb/8 mpu 0b overhead 0b level 0 class htb 1:48 parent 1:1 prio 4 quantum 1000 rate 40000bit ceil 960000bit burst 1600b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0 class htb 1:58 parent 1:1 prio 6 quantum 1000 rate 40000bit ceil 1200Kbit burst 1600b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0 root@Arzamas:/etc/init.d# Traffic flowing into 1:58 is correctly shaped at 150kbytes/s. However when traffic starts coming down 1:48 it only gets up to the actual link speed less 1:58, which is about 40kbytes/s in my case. If however I cap the ceil of the master class to 190kbytes/s - everything works as expected: root@Arzamas:/etc/init.d# tc -d class show dev wan_a class htb 1:1 root rate 1520Kbit ceil 1520Kbit burst 1599b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 7 class htb 1:80 parent 1:1 prio 0 quantum 1000 rate 40000bit ceil 1520Kbit burst 1600b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0 class htb 1:48 parent 1:1 prio 4 quantum 1000 rate 40000bit ceil 960000bit burst 1600b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0 class htb 1:58 parent 1:1 prio 6 quantum 1000 rate 40000bit ceil 1200Kbit burst 1600b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0 root@Arzamas:/etc/init.d# My question is - how can I shape traffic by priority (deliberately allowing starvation), without knowing beforehand the speed of the underlying link? Thank you Peter