On Sat, 22 Jan 2005 19:51:55 +0200, Vanatoru Mircea <[EMAIL PROTECTED]> wrote:
> Salut lume,
>
> Am si eu aceeasi problema. Daca tot ai reusit pune si tu scriptul aici
> sa ma luminez si eu. :)
> De o gramada de timp ma chinui sa separ traficul metropolitan si sa-l
> limitez separat.
Salut
la partea cu mark-ul e lumina dar la partea cu scriptul nu prea inca...
Sa o iau asa ca de la incepator la incepator...
Dupa ce adaugi cele 5 linii in iptables si executi un ./importbgp
ca sa verifici daca se marcheaza ceva dai un
iptables -L -t mangle -n
si o sa-ti apara o gramada de reguli mark. una din ele ar arata cam asa
Chain mark_horiz_src_193_22 (1 references)
target prot opt source destination
MARK all -- 193.22.95.0/24 0.0.0.0/0 MARK set 0x1
MARK all -- 193.22.141.0/24 0.0.0.0/0 MARK set 0x1
MARK all -- 193.22.173.0/24 0.0.0.0/0 MARK set 0x1
Acum urmeaza scriptul. eu am vrut sa am asa:
root-----LAN-client=tot LAN(nu avea rost sa impart tarficul pt fiecare
pana la server)
| |
| METRO- client1
| | |- client2
| | |- clientN
| |
| EXTERN (care este tot client pentru METRO)
| |- client1
| |- client2
| |- clientN
|
default
Ideea e ca banda de extern se scade din banda de metro si cea din urma
din cea de net. In cazul meu teortic am urmatoarele:
interfata net: eth0
interfata LAN: eth1
extern: rate 512 , ceil 512 kbit
metro: rate 1024 , ceil 1024 kbit
Am gandit ca suma rate-urilor pentru clientii de metro = rate banda de
metro - rate banda de extern
A rezultat urmatorul scriptuletz: ( am adaptat rate si ceil pt un singur client)
#!/bin/sh
# metropolitanul este marcat cu 0x1 de mipclases
DEV=eth1
TC=/sbin/tc
U32="$TC filter add dev $DEV protocol ip parent 1:0 prio 1 u32"
echo "Del prev root"
$TC qdisc del dev $DEV root
echo "Add new root class - handle 1:"
$TC qdisc add dev $DEV root handle 1: htb default 15
#asta e viteza maxima a interfetei spre LAN
echo "Add LAN band - classid 1:1, parent 1:"
$TC class add dev $DEV parent 1: classid 1:1 htb rate 50Mbit
ceil 100Mbit burst 128k
#se aduaga clientii benzii de lan care sunt defapt toata reteaua...
echo "Add from 192.168.0.0/26 to LAN IP class band - classid 1:0x11, parent 1:1"
$TC class add dev $DEV parent 1:1 classid 1:0x11 htb rate 50Mbit
ceil 100Mbit burst 128k
$U32 match ip dst 192.168.0.0/26 match ip src 192.168.0.0/26 flowid 1:0x11
$TC qdisc add dev $DEV parent 1:0x11 handle 0x11: pfifo
#urmeaza banda de metro
echo "Add Metropolitan band - classid 1:0x20, parent 1:1"
$TC class add dev $DEV parent 1:1 classid 1:0x20 htb rate
480kbit ceil 512kbit burst 2k
#acum incep clientii metro...
echo "Add client 192.168.0.2 metro band - classid 1:31, parent 1:0x20"
$TC class add dev $DEV parent 1:0x20 classid 1:0x31 htb rate
480kbit ceil 512kbit burst 2k prio 1
$TC filter add dev $DEV protocol ip parent 1:0x20 prio 1 handle
0x1 fw flowid 1:0x31
$TC qdisc add dev $DEV parent 1:0x31 handle 0x31: sfq perturb 10
#banda de extern care este copil pt banda de metro
echo "Add EXTERN band - classid 1:0x21, parent 1:0x20"
$TC class add dev $DEV parent 1:0x20 classid 1:0x21 htb rate
1024kbit ceil 1024kbit burst 2k
# clientii pt extern
echo "Add client 192.168.0.2 extern band - classid 1:61, parent 1:0x21"
$TC class add dev $DEV parent 1:0x21 classid 1:0x61 htb rate
512kbit ceil 1024kbit burst 2k prio 2
$U32 match ip dst 192.168.0.2/32 flowid 1:0x61
$TC qdisc add dev $DEV parent 1:0x61 handle 0x61: sfq perturb 10
#la sfarsit banda default .... trebuie pus quantum calumea..
echo "Add client default band - classid 1:15, parent 1:1"
$TC class add dev $DEV parent 1:1 classid 1:15 htb rate 12kbit
ceil 12kbit burst 2k
$TC qdisc add dev $DEV parent 1:15 handle 15: pfifo
#gata scriptu'
Eu nu am deocamdata decat o banda de max 512kbit atat intern si cat
extern si am testat scriptu cu valori f mici pt rate si ceil la
clientul de metro dar am constatat ca se aplica garantarile pentru
clientul benzii de extern. am obeservat acelasi lucru si cu /sbin/tc
-s -d class show dev eth1
Poate sa ma lamureasca si pe mine cineva ce greseli de logica si/sau
aplicare am facut.
Multumesc anticipat,
Alexban
---
Detalii despre listele noastre de mail: http://www.lug.ro/
