So I'm trying to setup a virtual web site that won't kill
my DSL line if it gets swamped.
I have all traffic with the virtual source address
filtered to a CBQ class to which I have allocated 128K
of my 384K adsl upchannel.
Traffic from my main source address is given the remaining
256K.
If my understanding of this QoS stuff is correct (I've read
Floyd and Van Jacobson's paper) what should happen is that
given sufficient load, I should see a 2:1 bandwidth split
between the classes.
But when I start two simultaneous transfers, one downloading
from each address, I see a 1:1 split.
If I set the class for the virtual address as bounded it
pegs right at 128k, so I know that I'm filtering properly.
I can also see that the traffic is being routed to the
proper classes here:
garth:~# tc -s class ls dev eth0
class cbq 1: root rate 384Kbit (bounded,isolated) prio no-transmit
Sent 31651590 bytes 53723 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 16146 undertime 0
class cbq 1:100 parent 1:1 leaf 8035: rate 256Kbit prio 3
Sent 17549470 bytes 42894 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 243992 undertime 0
class cbq 1:1 parent 1: rate 384Kbit prio no-transmit
Sent 27510885 bytes 49546 pkts (dropped 0, overlimits 0)
borrowed 2327 overactions 0 avgidle 16146 undertime 0
class cbq 1:200 parent 1:1 leaf 8038: rate 128Kbit prio 7
Sent 1914363 bytes 1278 pkts (dropped 0, overlimits 0)
borrowed 1242 overactions 0 avgidle -538694 undertime 572260
It even shows that the class for the virtual site is borrowing
from the parent. What I don't understand is why the virtual site
class is not being restricted in this case. To use Floyd and
Van Jacobson's terms, the main class is undersatisfied and
should have a backlog (although it doesn't show above), and
the virtual class is overlimit (also not shown above).
So either I'm really screwed up and this isn't what is supposed
to happen, or I managed to call tc with the wrong parameters.
Here's my setup script:
tc qdisc add dev eth0 root handle 1: cbq bandwidth 384Kbit cell 8 \
avpkt 1000
tc class add dev eth0 parent 1:0 classid 1:1 cbq bandwidth 384Kbit rate \
384Kbit allot 1514 cell 8 weight 38 prio 8 maxburst 21 \
avpkt 1000
tc class add dev eth0 parent 1:1 classid 1:100 cbq bandwidth 384Kbit rate \
256Kbit avpkt 1000 prio 3 allot 1514 weight 25 maxburst 21 \
split 1:0
tc class add dev eth0 parent 1:1 classid 1:200 cbq bandwidth 384Kbit rate \
128Kbit avpkt 1000 prio 7 allot 1514 weight 12 maxburst 21 \
split 1:0
tc qdisc add dev eth0 parent 1:100 pfifo
tc qdisc add dev eth0 parent 1:200 sfq quantum 1514b perturb 15
tc filter add dev eth0 parent 1:0 protocol ip prio 5 handle 10: u32 divisor 1
tc filter add dev eth0 parent 1:0 prio 5 u32 match ip src 64.220.150.81 \
flowid 1:100
tc filter add dev eth0 parent 1:0 prio 5 u32 match ip src 64.220.150.82 \
flowid 1:200
Thanks,
Brian
PGP signature
