Bart Smaalders wrote: > Among other things, I run an http server on my home DSL line > (6M/768kbit). The content includes several large image > galleries, and when certain crawlers hit our server w/ > multiple large image uploads, we end up with large > ping time delays - sufficient to disrupt the kids' > on-line gaming. Attempts to control this with robots.txt > has not be very successful; Solaris IPQoS appears quite complex > to set up and the modem's IPQoS features just crash > the modem when configured. > > How can I use crossbow to limit the _outbound_ bandwidth > utilization of port 80-sourced traffic? Do I need to place > the Apache server in a zone? > > Thanks - > > - Bart > > >
After discovering that I couldn't turn down the bandwidth enough with the current crossbow design, out of desperation I revisited the IPQoS configuration issues. Upon reading the following blog entry: http://www.darkaslight.com/blog/entry/27-Limiting-Bandwidth-for-Solaris-Zones and the IPQoS administration guide http://docs.sun.com/app/docs/doc/816-4094 I cons'd up a IPQoS config file which appears to do the right thing (at least it greatly improves the lag issues we've been having): # Mandatory version number fmt_version 1.0 #This config file attempts to limit upload bandwidth #used by Apache. action { module ipgpc name ipgpc.classify params { global_stats TRUE } class { name web1 next_action cap enable_stats FALSE } filter { name httpout sport 80 #locally generated traffic only direction LOCAL_OUT # only on external interface if_name rge0 class web1 } } action { module tokenmt name cap params { committed_rate 524288 committed_burst 524288 peak_burst 524288 red_action_name drop green_action_name continue yellow_action_name continue global_stats TRUE } } Enable with # ipqosconf -a ipqos.conf I'm sure more tweaking is needed, but this is a start. W/ multiple recursive wgets running from sun, I could still access my home server via ssl w/o too much lag. My son also reported acceptable ping times and no dropped packets, unlike the situation w/o this in place. - Bart -- Bart Smaalders Solaris Kernel Performance barts at cyber.eng.sun.com http://blogs.sun.com/barts "You will contribute more with mercurial than with thunderbird."
