Hi All, I''m configuring my natting-firewall to do some tc shaping. Some traffic has to be shaped on 30mbit, some on 10mbit all the others are unlimited. The configuring and filtering works correctly. The traffic that is shaped at 30mbit is correct, but the traffic that is shapped at 10mbit only gets to 100KB/sec. It is on a device configured with bonding (both in and out interface). Any clue why shaped traffic at 10mbit only gets to 100KB/sec and not faster? Thx for any response, Johan Huysmans
Here is my tc config, maybe something is wrong with that config: /sbin/tc qdisc del dev bond1 root /sbin/tc qdisc add dev bond1 root handle 1: htb default 1 /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 1000mbit burst 1310720 /sbin/tc class add dev bond1 parent 1: classid 1:2 htb rate 30mbit burst 39321 /sbin/tc class add dev bond1 parent 1: classid 1:3 htb rate 10mbit burst 13107 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 1 fw flowid 1:2 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 2 fw flowid 1:3 Any help appreciated! Johan Huysmans wrote:> Hi All, > > I''m configuring my natting-firewall to do some tc shaping. Some > traffic has to be shaped on 30mbit, some on 10mbit all the others are > unlimited. > The configuring and filtering works correctly. The traffic that is > shaped at 30mbit is correct, but the traffic that is shapped at 10mbit > only gets to 100KB/sec. > > It is on a device configured with bonding (both in and out interface). > > Any clue why shaped traffic at 10mbit only gets to 100KB/sec and not > faster? > > Thx for any response, > Johan Huysmans > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Johan Huysmans wrote:> Here is my tc config, maybe something is wrong with that config: > > /sbin/tc qdisc del dev bond1 root > /sbin/tc qdisc add dev bond1 root handle 1: htb default 1 > /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 1000mbit > burst 1310720 > /sbin/tc class add dev bond1 parent 1: classid 1:2 htb rate 30mbit > burst 39321 > /sbin/tc class add dev bond1 parent 1: classid 1:3 htb rate 10mbit > burst 13107I think you should try to set "quantum" parameter of all leaf classes to the value at least as high as MTU, e.g. 1500 for Ethernet, and to increase the burst of 1:3 class.
none of these changes corrected my problem. Stanislav Kruchinin wrote:> Johan Huysmans wrote: > >> Here is my tc config, maybe something is wrong with that config: >> >> /sbin/tc qdisc del dev bond1 root >> /sbin/tc qdisc add dev bond1 root handle 1: htb default 1 >> /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 1000mbit >> burst 1310720 >> /sbin/tc class add dev bond1 parent 1: classid 1:2 htb rate 30mbit >> burst 39321 >> /sbin/tc class add dev bond1 parent 1: classid 1:3 htb rate 10mbit >> burst 13107 >> > > I think you should try to set "quantum" parameter of all leaf classes to > the value at least as high as MTU, e.g. 1500 for Ethernet, and to > increase the burst of 1:3 class. > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >
Johan Huysmans wrote:> Here is my tc config, maybe something is wrong with that config: > > /sbin/tc qdisc del dev bond1 rootI would see if it''s the same on normal eth and/or try using child queues on the classes - htb may be using a very small queuelen because there is no default queue on the bond.> /sbin/tc qdisc add dev bond1 root handle 1: htb default 1 > /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 1000mbit > burst 1310720This isn''t really shaping anyway (rate 1000 is too high because of overheads) so I would use default 0 (or don''t specify) which means unclassified traffic goes unshaped. HTB default also catches arp which is worth considering. There could be other reasons - timers maybe, or if your nic uses tcp segmentation offload then locally generated tcp may go through a super sized packets - this makes htb underlimit them and shows a giants on the output of - tc -s class ls dev .. you can turn TSO off with ethtool -k On the filters prio 0 is not the highest 1 is, thouh it won''t matter here. Andy.
My issue is solved. Andy Furniss has mailed me a new set of rules which are doing exactly what you expect. For the record, here are the rules: /sbin/tc qdisc del dev bond1 root /sbin/tc qdisc add dev bond1 root handle 1: htb /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 30mbit /sbin/tc qdisc add dev bond1 parent 1:1 handle 10: pfifo limit 300 /sbin/tc class add dev bond1 parent 1: classid 1:2 htb rate 10mbit /sbin/tc qdisc add dev bond1 parent 1:2 handle 20: pfifo limit 100 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 1 fw flowid 1:1 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 2 fw flowid 1:2 Thx for helping to fix this! Johan Johan Huysmans wrote:> Hi All, > > I''m configuring my natting-firewall to do some tc shaping. Some > traffic has to be shaped on 30mbit, some on 10mbit all the others are > unlimited. > The configuring and filtering works correctly. The traffic that is > shaped at 30mbit is correct, but the traffic that is shapped at 10mbit > only gets to 100KB/sec. > > It is on a device configured with bonding (both in and out interface). > > Any clue why shaped traffic at 10mbit only gets to 100KB/sec and not > faster? > > Thx for any response, > Johan Huysmans > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc