Hi guys.. Just introduce some HTB traffic shaping on my Bearing RC4 Box.../Shorewall 1.3.9b I'm using a P120 / 32Mb Ram 10Mbit HDX NIC connected to the DSL Link, and a 100Mbit FDX NIC connected to the local net via a Switch It took me some time, reading and understanding how it works, and some copy and pasting some ideas.. But this is the scenario
I have created 3 class My uplink is 128kbits My classes are 80 30 and 18kbits respectively # lsmod Module Pages Used by sch_sfq 3168 3 sch_htb 12032 1 cls_fw 2108 3 ip_nat_irc 2400 0 (unused) ip_nat_ftp 3008 0 (unused) ip_conntrack_irc 3104 1 ip_conntrack_ftp 3840 1 8139too 13308 1 mii 912 0 [8139too] 3c59x 24696 1 3c509 6564 1 Here's my tcstart: run_tc qdisc add dev eth1 root handle 1: htb default 11 run_tc class add dev eth1 parent 1: classid 1:1 htb rate 128kbit ceil 128kbit echo " Added Top Level Class -- rate 128kbit" run_tc class add dev eth1 parent 1:1 classid 1:10 htb rate 80kbit ceil 128kbit prio 1 run_tc class add dev eth1 parent 1:1 classid 1:11 htb rate 30kbit ceil 128kbit prio 2 run_tc class add dev eth1 parent 1:1 classid 1:12 htb rate 18kbit ceil 64kbit prio 3 echo " Added Second Level Classes -- rates 80kbit, 30kbit, 18kbit" run_tc qdisc add dev eth1 parent 1:10 handle 120: sfq perturb 10 run_tc qdisc add dev eth1 parent 1:11 handle 130: sfq perturb 10 run_tc qdisc add dev eth1 parent 1:12 handle 140: sfq perturb 10 echo " Enabled SFQ on Second Level Classes" run_tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10 run_tc filter add dev eth1 parent 1:0 protocol ip prio 2 handle 2 fw classid 1:11 run_tc filter add dev eth1 parent 1:0 protocol ip prio 3 handle 3 fw classid 1:12 echo " Defined fwmark filters" Heres my TCRules: #MARK SOURCE DEST PROTO PORT(S) CLIENT PORT(S) 1 0.0.0.0/0 0.0.0.0/0 tcp www 1 0.0.0.0/0 0.0.0.0/0 tcp 443 1 0.0.0.0/0 0.0.0.0/0 tcp 1494 1 0.0.0.0/0 0.0.0.0/0 tcp 6502 2 0.0.0.0/0 0.0.0.0/0 tcp ftp 3 0.0.0.0/0 0.0.0.0/0 tcp smtp 3 0.0.0.0/0 0.0.0.0/0 tcp pop-3 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE My problem is as follows: I have the smtp/pop3 traffic all in the 18Kbits class with a ceiling of 64kbits Http, Remote Control, HTTPS, ICA, protocol in the 80Kbits class with a max ceiling of 128 And my default is the 30Kbits, with a max ceiling of 128, and by default ftp falls also into this class When I run the "tc -s class show dev eth1" I can clearly see that traffice is passing thru the correct class tc -s class show dev eth1 class htb 1:11 parent 1:1 leaf 130: prio 2 rate 30Kbit ceil 128Kbit burst 1637b cburst 1762b Sent 1358320 bytes 18185 pkts (dropped 0, overlimits 0) rate 5bps lended: 18185 borrowed: 0 giants: 0 injects: 0 tokens: 320427 ctokens: 81350 class htb 1:1 root prio 0 rate 128Kbit ceil 128Kbit burst 1762b cburst 1762b Sent 10356183 bytes 31450 pkts (dropped 0, overlimits 0) rate 12bps lended: 3849 borrowed: 0 giants: 0 injects: 0 tokens: 81350 ctokens: 81350 class htb 1:10 parent 1:1 leaf 120: prio 1 rate 80Kbit ceil 128Kbit burst 1701b cburst 1762b Sent 948608 bytes 7929 pkts (dropped 0, overlimits 4) rate 6bps lended: 7904 borrowed: 25 giants: 0 injects: 0 tokens: 132320 ctokens: 85750 class htb 1:12 parent 1:1 leaf 140: prio 3 rate 18Kbit ceil 64Kbit burst 1622b cburst 1680b Sent 8049255 bytes 5336 pkts (dropped 0, overlimits 0) lended: 1512 borrowed: 3824 giants: 0 injects: 0 tokens: 551126 ctokens: 163300 # shorewall show tc Shorewall-1.3.9b Traffic Control at gw-homenet - Fri Nov 22 08:55:04 CET 2002 Device eth1: qdisc sfq 140: quantum 1514b limit 128p flows 128/1024 perturb 10sec Sent 8049255 bytes 5336 pkts (dropped 0, overlimits 0) qdisc sfq 130: quantum 1514b limit 128p flows 128/1024 perturb 10sec Sent 7157415 bytes 22376 pkts (dropped 0, overlimits 0) qdisc sfq 120: quantum 1514b limit 128p flows 128/1024 perturb 10sec Sent 1296849 bytes 10594 pkts (dropped 0, overlimits 0) qdisc htb 1: r2q 10 default 11 dcache 0 deq_util 1/1000000 deq_rate 20 trials_per_deq 1 dcache_hits 0 direct_packets 0 Sent 16503519 bytes 38306 pkts (dropped 0, overlimits 12635) class htb 1:11 parent 1:1 leaf 130: prio 2 rate 30Kbit ceil 128Kbit burst 1637b/8 mpu 0b cburst 1762b/8 mpu 0b quantum 384 level 0 Sent 7157415 bytes 22376 pkts (dropped 0, overlimits 0) rate 13974bps 9pps lended: 19535 borrowed: 2841 giants: 0 injects: 0 tokens: -82003 ctokens: -40344 class htb 1:1 root prio 0 rate 128Kbit ceil 128Kbit burst 1762b/8 mpu 0b cburst 1762b/8 mpu 0b quantum 1638 level 3 Sent 16503519 bytes 38306 pkts (dropped 0, overlimits 0) rate 13958bps 9pps lended: 6690 borrowed: 0 giants: 0 injects: 0 tokens: -40344 ctokens: -40344 class htb 1:10 parent 1:1 leaf 120: prio 1 rate 80Kbit ceil 128Kbit burst 1701b/8 mpu 0b cburst 1762b/8 mpu 0b quantum 1024 level 0 Sent 1296849 bytes 10594 pkts (dropped 0, overlimits 4) lended: 10569 borrowed: 25 giants: 0 injects: 0 tokens: 128481 ctokens: 83351 class htb 1:12 parent 1:1 leaf 140: prio 3 rate 18Kbit ceil 64Kbit burst 1622b/8 mpu 0b cburst 1680b/8 mpu 0b quantum 230 level 0 Sent 8049255 bytes 5336 pkts (dropped 0, overlimits 0) lended: 1512 borrowed: 3824 giants: 0 injects: 0 tokens: 551126 ctokens: 163300 My mean reason for this packet shapping, is because, when SMTP traffic (attachments) is being sent out it even makes my MSN Messenger connections CRAWL, like a turtle, sometimes even disconnecting the MSN chat session. I did the following test..once I had HTB Up and running Sent out an e-mail with 3 attachments (about 1.1Mb each), to ONE e-mail address... Once the email was sent, I execucted the "tc -s class show dev eth1" in my findings, the SMTP traffic, was in the right class I had a PING session from the local net running, which was very well, nice responses, all so in the correct class (30kbit - the default) But to my surprise, once the SMTP traffic started flowing thru the router, all I received was REQUEST TIMEOUTS from the ping session... So this brought me back to where I was originally was without the HTB Traffic shaping, can some one tell me what I have wrong in my configs.. thnks __________________________________________________________________ Reginald Richardson ICQ#: 365841 Current ICQ status: + More ways to contact me __________________________________________________________________ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
