Hello, I'm Alexandra AlvaradoI've been working with linux and CBQ with a long time, but know I
want to migrate to HTB, and I'm testing it in a linux with the next features:- Pentium IV 1.7 Ghz
- 256 MB
- 1 3Com 3C905B
- 1 3Com 3C905C
- Red Hat 8.0
- Kernel 2.4.20
- iproute-2.4.7-7
- Squid - Transparent Proxy
- VPN
- Named
- Reiserfs
- SNMP
- HTB (The configuration is in the attached file)My problem is that rrdtool graph shows :
ETH0 IN: 596.99Kbps
ETH0 OUT: 100.71KbpsETH1 IN: 74.44Kbps
ETH1 OUT: 150.13KbpsAnd the configuration has a ceil of 384Kbit
What I'm doing wrong??
I suppose that it could be with Squid Transparent Proxy, but in HTB I have a default classid 20,
that is where must go any not specified traffic, how can I solve my problem?Thanks
Alexandra Alvarado
#!/bin/sh iptables -F -t mangle# ===>> Control de Trafico de Salida << === # # ===>> PC1 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.194 -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.194 -j MARK --set-mark 1 # ===>> PC2 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.199 -j MARK --set-mark 3 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.199 -j MARK --set-mark 3 # ===>> PC3 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.201 -j MARK --set-mark 5 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.201 -j MARK --set-mark 5 # ===>> Resto de la Red Privada <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.0/25 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.0/25 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.128/26 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.128/26 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.192 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.192 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.193 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.193 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.195 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.195 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.196 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.196 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.197 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.197 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.198 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.198 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.200 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.200 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.202 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.202 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.203 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.203 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.204 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.204 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.205 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.205 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.206 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.206 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.207 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.207 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.208/28 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.208/28 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.224/27 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.224/27 -j MARK --set-mark 7 tc qdisc del dev eth0 root handle 1: tc qdisc add dev eth0 root handle 1: htb default 20 tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 384kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:11 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:12 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:13 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:14 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:20 htb rate 100kbit ceil 128kbit burst 2k tc filter add dev eth0 parent 1: protocol ip prio 1 handle 1 fw classid 1:10 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3 fw classid 1:11 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 5 fw classid 1:12 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 7 fw classid 1:13 # ===>> Control de Trafico de Entrada << === # # ===>> PC1 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.194 -j MARK --set-mark 2 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.194 -j MARK --set-mark 2 # ===>> PC2 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.199 -j MARK --set-mark 4 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.199 -j MARK --set-mark 4 # ===>> PC3 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.201 -j MARK --set-mark 6 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.201 -j MARK --set-mark 6 # ===>> Resto de la Red Privada <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.0/25 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.0/25 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.128/26 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.128/26 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.192 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.192 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.193 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.193 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.195 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.195 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.196 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.196 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.197 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.197 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.198 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.198 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.200 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.200 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.202 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.202 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.203 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.203 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.204 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.204 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.205 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.205 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.206 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.206 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.207 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.207 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.208/28 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.208/28 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.224/27 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.224/27 -j MARK --set-mark 8 tc qdisc del dev eth1 root handle 1: tc qdisc add dev eth1 root handle 1: htb default 20 tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit ceil 384kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:10 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:11 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:12 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:13 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:20 htb rate 100kbit ceil 128kbit burst 2k tc filter add dev eth1 parent 1: protocol ip prio 1 handle 2 fw classid 1:10 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 4 fw classid 1:11 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 6 fw classid 1:13 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 8 fw classid 1:14 # === >> Fin << === #
- Re: [LARTC] Problem with HTB accurancy Alexandra Alvarado
- Re: [LARTC] Problem with HTB accurancy Stef Coene
- Re: [LARTC] Problem with HTB accurancy Alexandra Alvarado
- [LARTC] Problem with HTB accurancy Alexandra Alvarado
- Re: [LARTC] Problem with HTB accurancy Stef Coene
