>>> Also for HFSC.
>> My understanding was that you ignore the PRIORITY column in tcclasses
>> for HFSC as it doesn't support it.
>
> No, I don't ignore it. It is still used for prioritizing the filters.
>
> Attached are the tcdevices and tcclasses files from one of my test hfsc
> configurations. Also attached is the output of 'shorewall show
> classifiers' with that configuration running. In that output, the 'pref'
> setting is the filter priority.
A couple of things:
You introduced this <class priority> << 8 | XX malarkey with RC1, which was
released a couple of hours ago. Your test results and the files you have
attached in your previous post have used this not-yet-released RC1 version of
shorewall!
My name is not Mystic Meg and I don't have a crystal ball to see whether you
are going to release a new version of shorewall in which to include this << 8 |
XX calculation. My testing and subsequent results were based on the latest
released version of shorewall at the time (Beta3), with the exception of the
patches you have provided me with.
> Note that the firewall mark classifiers all have their priority set to (
> <class priority> << 8 ) | 20 and that the tcp-ack and tos-minimize-delay
> rules have priority ( <class priority> << 8 ) | 10.
Care to explain the reason behind this priority calculation - why ( <class
priority> << 8 ) | 10?
Also, you have used MARK - I don't use that. May be that is why I am not
getting any priorities set at all when I use HFSC? When I use HTB (again,
without MARK being specified!) all class priority values are set *exactly* as
specified in tclasses, which is what I wanted in the first place.
> The classifiers would look exactly the same if HTB were used.
See above - when I do *not* use MARK and with HFSC specified, I don't have any
priorities set.
When I employ HTB (again, with *no* MARK specified), I see the priorities
values set *exactly* as specified in tcclassess/tcfilters - this has all being
tested with Beta3, as well as the newly-released RC1 - the end result is the
same as far as priorities go, with the exception of automatic priority
numbering (1-X) in RC1 in all "tc filter add" statements if I do not specify
any priority value in tcfilters, which is to be expected really.
So, for avoidance of any doubt and to stop us going round circles I am
attaching a couple of files:
1. tcrules, tcclasses & tcdevices - these are exactly the same as I attached to
you previously, with the only exception being that in tcdevices "hfsc" and
"htb" can be interchanged for testing different disciplines.
2. tcfilters - the new PRIORITY column has been used which mirrors its counter
part in tcclasses. Please note that in two of the tests (see
firewall_tc_*_rc1_no_prio attached) I did not have anything in PRIORITY
(tcfilters) to see how this is going to translate in the resulting file.
3. firewall_tc_hfsc_rc1_no_prio - HFSC discipline used and no PRIORITY in
tcfilters is specified. Please note the absence of any class priorities (which
you, apparently, have when hfsc & mark is used).
4. firewall_tc_hfsc_rc1 - same as 3 above, but this time with PRIORITY in
tcfilters specified. Again, even though there are "filter" priorities set,
there are no class priorities specified of any kind.
5. firewall_tc_htb_rc1_no_prio - HTB discipline used, with no priorities
specified in tcfilters. Please note that the value of all class priorities is
set exactly as specified in tcclasses - none of this << 8 | XX malarkey, which
is what I wanted really. Also, the filter priorities are 1-X (in that order)
which is normal as I did not specify any in tcfilters.
6. firewall_tc_htb_rc1 - same as 5 above, but with priorities specified in
tcfilters - all "prio" values are set *exactly* as specified in
tcclasses/tcfilters in the resulting compilation - none of this << 8 | XX
malarkey, which is what I wanted really.
The results of the Beta3 testing I did yesterday are very similar and I can
attach these files, if needed - let me know if that is the case.
#
# Shorewall version 4 - Tcrules File
#
# For information about entries in this file, type "man shorewall-tcrules"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
# For usage in selecting among multiple ISPs, see
# http://shorewall.net/MultiISP.html
#
# See http://shorewall.net/PacketMarking.html for a detailed description of
# the Netfilter/Shorewall packet marking mechanism.
######################################################################################################################
#MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH
TOS CONNBYTES HELPER
# PORT(S) PORT(S)
e:12 $FW 1.2.1.12
e:13 $FW 1.2.1.13
e:14 $FW 1.2.1.14
e:15 $FW 1.2.1.15
e:16 $FW 1.2.1.16
e:17 $FW 1.2.1.17
#
# Shorewall version 4 - Tcclasses File
#
# For information about entries in this file, type "man shorewall-tcclasses"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
###############################################################################
#INTERFACE:CLASS MARK RATE: CEIL
PRIORITY OPTIONS
# DMAX:UMAX
e:10 - 10*full/100 full 1
tcp-ack
e:11 - 300kbps 50mbit 4
e:11:12 - 100kbps full 4
e:11:13 - 150kbps full 5
e:11:14 - 50kbps full 6
e:15 - 50kbps full 2
e:16 - 50*full/100 full 3
e:17 - 9*full/100 full 7
default
be:20 - 10*full/100 full 1
tcp-ack
be:21 - 400kbps 50mbit 4
be:21:22 - 150kbps full 4
be:21:23 - 150kbps full 5
be:21:24 - 100kbps full 6
be:25 - 50kbps full 2
be:26 - 50*full/100 full 3
be:27 - 9*full/100 full 7
default
#
# Shorewall version 4 - Tcdevices File
#
# For information about entries in this file, type "man shorewall-tcdevices"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
###############################################################################
#NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED
#INTERFACE INTERFACES
e:eth0 - 1000mbit classify,htb
be:ifb0 - 1000mbit htb eth0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
################################################################################################
#INTERFACE: SOURCE DEST PROTO DEST SOURCE TOS
LENGTH PRIORITY
#CLASS PORT(S) PORT(S)
#
# ifb0->eth0
#
be:22 1.1.1.22 - - - - -
- 4
be:23 1.1.1.23 - - - - -
- 5
be:24 1.1.1.24 - - - - -
- 6
be:26 1.1.1.26 - - - - -
- 3
be:25 1.1.1.25 - - - - -
- 2
be:27 1.1.1.27 - - - - -
- 7
#
# Configure Traffic Shaping for eth0
#
setup_eth0_tc() {
if interface_is_up eth0; then
qt $TC qdisc del dev eth0 root
qt $TC qdisc del dev eth0 ingress
eth0_mtu=$(get_device_mtu eth0)
eth0_mtu1=$(get_device_mtu1 eth0)
run_tc qdisc add dev eth0 root handle e: hfsc default 17
run_tc class add dev eth0 parent e: classid e:1 hfsc sc rate
1000000kbit ul rate 1000000kbit
[ $eth0_mtu -gt 2500 ] && quantum=$eth0_mtu || quantum=2500
run_tc class add dev eth0 parent e:1 classid e:10 hfsc sc rate
100000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:10 handle 1: sfq limit 127 perturb 10
run_tc filter add dev eth0 parent e:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid e:10
progress_message " TC Class e:10 defined."
[ $eth0_mtu -gt 60 ] && quantum=$eth0_mtu || quantum=60
run_tc class add dev eth0 parent e:1 classid e:11 hfsc sc rate 2400kbit
ul rate 50000kbit
progress_message " TC Class e:11 defined."
[ $eth0_mtu -gt 20 ] && quantum=$eth0_mtu || quantum=20
run_tc class add dev eth0 parent e:11 classid e:12 hfsc sc rate 800kbit
ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:12 handle 2: sfq limit 127 perturb 10
progress_message " TC Class e:12 defined."
[ $eth0_mtu -gt 30 ] && quantum=$eth0_mtu || quantum=30
run_tc class add dev eth0 parent e:11 classid e:13 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:13 handle 3: sfq limit 127 perturb 10
progress_message " TC Class e:13 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:11 classid e:14 hfsc sc rate 400kbit
ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:14 handle 4: sfq limit 127 perturb 10
progress_message " TC Class e:14 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:1 classid e:15 hfsc sc rate 400kbit
ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:15 handle 5: sfq limit 127 perturb 10
progress_message " TC Class e:15 defined."
[ $eth0_mtu -gt 12500 ] && quantum=$eth0_mtu || quantum=12500
run_tc class add dev eth0 parent e:1 classid e:16 hfsc sc rate
500000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:16 handle 6: sfq limit 127 perturb 10
progress_message " TC Class e:16 defined."
[ $eth0_mtu -gt 2250 ] && quantum=$eth0_mtu || quantum=2250
run_tc class add dev eth0 parent e:1 classid e:17 hfsc sc rate
90000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:17 handle 7: sfq limit 127 perturb 10
progress_message " TC Class e:17 defined."
progress_message " TC Device eth0 defined."
else
error_message "WARNING: Device eth0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for ifb0
#
setup_ifb0_tc() {
if interface_is_up ifb0; then
qt $TC qdisc del dev ifb0 root
qt $TC qdisc del dev ifb0 ingress
ifb0_mtu=$(get_device_mtu ifb0)
ifb0_mtu1=$(get_device_mtu1 ifb0)
run_tc qdisc add dev ifb0 root handle be: hfsc default 27
run_tc class add dev ifb0 parent be: classid be:1 hfsc sc rate
1000000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 handle ffff: ingress
run_tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0
action mirred egress redirect dev ifb0 > /dev/null
[ $ifb0_mtu -gt 2500 ] && quantum=$ifb0_mtu || quantum=2500
run_tc class add dev ifb0 parent be:1 classid be:20 hfsc sc rate
100000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:20 handle 8: sfq limit 127 perturb
10
run_tc filter add dev ifb0 parent be:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid be:20
progress_message " TC Class be:20 defined."
[ $ifb0_mtu -gt 80 ] && quantum=$ifb0_mtu || quantum=80
run_tc class add dev ifb0 parent be:1 classid be:21 hfsc sc rate
3200kbit ul rate 50000kbit
progress_message " TC Class be:21 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:22 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:22 handle 9: sfq limit 127 perturb
10
progress_message " TC Class be:22 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:23 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:23 handle a: sfq limit 127 perturb
10
progress_message " TC Class be:23 defined."
[ $ifb0_mtu -gt 20 ] && quantum=$ifb0_mtu || quantum=20
run_tc class add dev ifb0 parent be:21 classid be:24 hfsc sc rate
800kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:24 handle b: sfq limit 127 perturb
10
progress_message " TC Class be:24 defined."
[ $ifb0_mtu -gt 10 ] && quantum=$ifb0_mtu || quantum=10
run_tc class add dev ifb0 parent be:1 classid be:25 hfsc sc rate
400kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:25 handle c: sfq limit 127 perturb
10
progress_message " TC Class be:25 defined."
[ $ifb0_mtu -gt 12500 ] && quantum=$ifb0_mtu || quantum=12500
run_tc class add dev ifb0 parent be:1 classid be:26 hfsc sc rate
500000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:26 handle d: sfq limit 127 perturb
10
progress_message " TC Class be:26 defined."
[ $ifb0_mtu -gt 2250 ] && quantum=$ifb0_mtu || quantum=2250
run_tc class add dev ifb0 parent be:1 classid be:27 hfsc sc rate
90000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:27 handle f: sfq limit 127 perturb
10
progress_message " TC Class be:27 defined."
run_tc filter add dev ifb0 protocol ip parent be:0 prio 1 u32\
match ip src 1.1.1.22/32\
flowid be:22
run_tc filter add dev ifb0 protocol ip parent be:0 prio 2 u32\
match ip src 1.1.1.23/32\
flowid be:23
run_tc filter add dev ifb0 protocol ip parent be:0 prio 3 u32\
match ip src 1.1.1.24/32\
flowid be:24
run_tc filter add dev ifb0 protocol ip parent be:0 prio 4 u32\
match ip src 1.1.1.26/32\
flowid be:26
run_tc filter add dev ifb0 protocol ip parent be:0 prio 5 u32\
match ip src 1.1.1.25/32\
flowid be:25
run_tc filter add dev ifb0 protocol ip parent be:0 prio 6 u32\
match ip src 1.1.1.27/32\
flowid be:27
progress_message " TC Device ifb0 defined."
else
error_message "WARNING: Device ifb0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for eth0
#
setup_eth0_tc() {
if interface_is_up eth0; then
qt $TC qdisc del dev eth0 root
qt $TC qdisc del dev eth0 ingress
eth0_mtu=$(get_device_mtu eth0)
eth0_mtu1=$(get_device_mtu1 eth0)
run_tc qdisc add dev eth0 root handle e: hfsc default 17
run_tc class add dev eth0 parent e: classid e:1 hfsc sc rate
1000000kbit ul rate 1000000kbit
[ $eth0_mtu -gt 2500 ] && quantum=$eth0_mtu || quantum=2500
run_tc class add dev eth0 parent e:1 classid e:10 hfsc sc rate
100000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:10 handle 1: sfq limit 127 perturb 10
run_tc filter add dev eth0 parent e:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid e:10
progress_message " TC Class e:10 defined."
[ $eth0_mtu -gt 60 ] && quantum=$eth0_mtu || quantum=60
run_tc class add dev eth0 parent e:1 classid e:11 hfsc sc rate 2400kbit
ul rate 50000kbit
progress_message " TC Class e:11 defined."
[ $eth0_mtu -gt 20 ] && quantum=$eth0_mtu || quantum=20
run_tc class add dev eth0 parent e:11 classid e:12 hfsc sc rate 800kbit
ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:12 handle 2: sfq limit 127 perturb 10
progress_message " TC Class e:12 defined."
[ $eth0_mtu -gt 30 ] && quantum=$eth0_mtu || quantum=30
run_tc class add dev eth0 parent e:11 classid e:13 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:13 handle 3: sfq limit 127 perturb 10
progress_message " TC Class e:13 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:11 classid e:14 hfsc sc rate 400kbit
ul rate 50000kbit
run_tc qdisc add dev eth0 parent e:14 handle 4: sfq limit 127 perturb 10
progress_message " TC Class e:14 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:1 classid e:15 hfsc sc rate 400kbit
ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:15 handle 5: sfq limit 127 perturb 10
progress_message " TC Class e:15 defined."
[ $eth0_mtu -gt 12500 ] && quantum=$eth0_mtu || quantum=12500
run_tc class add dev eth0 parent e:1 classid e:16 hfsc sc rate
500000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:16 handle 6: sfq limit 127 perturb 10
progress_message " TC Class e:16 defined."
[ $eth0_mtu -gt 2250 ] && quantum=$eth0_mtu || quantum=2250
run_tc class add dev eth0 parent e:1 classid e:17 hfsc sc rate
90000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 parent e:17 handle 7: sfq limit 127 perturb 10
progress_message " TC Class e:17 defined."
progress_message " TC Device eth0 defined."
else
error_message "WARNING: Device eth0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for ifb0
#
setup_ifb0_tc() {
if interface_is_up ifb0; then
qt $TC qdisc del dev ifb0 root
qt $TC qdisc del dev ifb0 ingress
ifb0_mtu=$(get_device_mtu ifb0)
ifb0_mtu1=$(get_device_mtu1 ifb0)
run_tc qdisc add dev ifb0 root handle be: hfsc default 27
run_tc class add dev ifb0 parent be: classid be:1 hfsc sc rate
1000000kbit ul rate 1000000kbit
run_tc qdisc add dev eth0 handle ffff: ingress
run_tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0
action mirred egress redirect dev ifb0 > /dev/null
[ $ifb0_mtu -gt 2500 ] && quantum=$ifb0_mtu || quantum=2500
run_tc class add dev ifb0 parent be:1 classid be:20 hfsc sc rate
100000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:20 handle 8: sfq limit 127 perturb
10
run_tc filter add dev ifb0 parent be:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid be:20
progress_message " TC Class be:20 defined."
[ $ifb0_mtu -gt 80 ] && quantum=$ifb0_mtu || quantum=80
run_tc class add dev ifb0 parent be:1 classid be:21 hfsc sc rate
3200kbit ul rate 50000kbit
progress_message " TC Class be:21 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:22 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:22 handle 9: sfq limit 127 perturb
10
progress_message " TC Class be:22 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:23 hfsc sc rate
1200kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:23 handle a: sfq limit 127 perturb
10
progress_message " TC Class be:23 defined."
[ $ifb0_mtu -gt 20 ] && quantum=$ifb0_mtu || quantum=20
run_tc class add dev ifb0 parent be:21 classid be:24 hfsc sc rate
800kbit ul rate 50000kbit
run_tc qdisc add dev ifb0 parent be:24 handle b: sfq limit 127 perturb
10
progress_message " TC Class be:24 defined."
[ $ifb0_mtu -gt 10 ] && quantum=$ifb0_mtu || quantum=10
run_tc class add dev ifb0 parent be:1 classid be:25 hfsc sc rate
400kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:25 handle c: sfq limit 127 perturb
10
progress_message " TC Class be:25 defined."
[ $ifb0_mtu -gt 12500 ] && quantum=$ifb0_mtu || quantum=12500
run_tc class add dev ifb0 parent be:1 classid be:26 hfsc sc rate
500000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:26 handle d: sfq limit 127 perturb
10
progress_message " TC Class be:26 defined."
[ $ifb0_mtu -gt 2250 ] && quantum=$ifb0_mtu || quantum=2250
run_tc class add dev ifb0 parent be:1 classid be:27 hfsc sc rate
90000kbit ul rate 1000000kbit
run_tc qdisc add dev ifb0 parent be:27 handle f: sfq limit 127 perturb
10
progress_message " TC Class be:27 defined."
run_tc filter add dev ifb0 protocol ip parent be:0 prio 4 u32\
match ip src 1.1.1.22/32\
flowid be:22
run_tc filter add dev ifb0 protocol ip parent be:0 prio 5 u32\
match ip src 1.1.1.23/32\
flowid be:23
run_tc filter add dev ifb0 protocol ip parent be:0 prio 6 u32\
match ip src 1.1.1.24/32\
flowid be:24
run_tc filter add dev ifb0 protocol ip parent be:0 prio 3 u32\
match ip src 1.1.1.26/32\
flowid be:26
run_tc filter add dev ifb0 protocol ip parent be:0 prio 2 u32\
match ip src 1.1.1.25/32\
flowid be:25
run_tc filter add dev ifb0 protocol ip parent be:0 prio 7 u32\
match ip src 1.1.1.27/32\
flowid be:27
progress_message " TC Device ifb0 defined."
else
error_message "WARNING: Device ifb0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for eth0
#
setup_eth0_tc() {
if interface_is_up eth0; then
qt $TC qdisc del dev eth0 root
qt $TC qdisc del dev eth0 ingress
eth0_mtu=$(get_device_mtu eth0)
eth0_mtu1=$(get_device_mtu1 eth0)
run_tc qdisc add dev eth0 root handle e: htb default 17 r2q 5000
run_tc class add dev eth0 parent e: classid e:1 htb rate 1000000kbit
$eth0_mtu1
[ $eth0_mtu -gt 2500 ] && quantum=$eth0_mtu || quantum=2500
run_tc class add dev eth0 parent e:1 classid e:10 htb rate 100000kbit
ceil 1000000kbit prio 1 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:10 handle 1: sfq quantum $quantum
limit 127 perturb 10
run_tc filter add dev eth0 parent e:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid e:10
progress_message " TC Class e:10 defined."
[ $eth0_mtu -gt 60 ] && quantum=$eth0_mtu || quantum=60
run_tc class add dev eth0 parent e:1 classid e:11 htb rate 2400kbit
ceil 50000kbit prio 4 $eth0_mtu1 quantum $quantum
progress_message " TC Class e:11 defined."
[ $eth0_mtu -gt 20 ] && quantum=$eth0_mtu || quantum=20
run_tc class add dev eth0 parent e:11 classid e:12 htb rate 800kbit
ceil 50000kbit prio 4 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:12 handle 2: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:12 defined."
[ $eth0_mtu -gt 30 ] && quantum=$eth0_mtu || quantum=30
run_tc class add dev eth0 parent e:11 classid e:13 htb rate 1200kbit
ceil 50000kbit prio 5 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:13 handle 3: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:13 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:11 classid e:14 htb rate 400kbit
ceil 50000kbit prio 6 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:14 handle 4: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:14 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:1 classid e:15 htb rate 400kbit ceil
1000000kbit prio 2 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:15 handle 5: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:15 defined."
[ $eth0_mtu -gt 12500 ] && quantum=$eth0_mtu || quantum=12500
run_tc class add dev eth0 parent e:1 classid e:16 htb rate 500000kbit
ceil 1000000kbit prio 3 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:16 handle 6: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:16 defined."
[ $eth0_mtu -gt 2250 ] && quantum=$eth0_mtu || quantum=2250
run_tc class add dev eth0 parent e:1 classid e:17 htb rate 90000kbit
ceil 1000000kbit prio 7 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:17 handle 7: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:17 defined."
progress_message " TC Device eth0 defined."
else
error_message "WARNING: Device eth0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for ifb0
#
setup_ifb0_tc() {
if interface_is_up ifb0; then
qt $TC qdisc del dev ifb0 root
qt $TC qdisc del dev ifb0 ingress
ifb0_mtu=$(get_device_mtu ifb0)
ifb0_mtu1=$(get_device_mtu1 ifb0)
run_tc qdisc add dev ifb0 root handle be: htb default 27 r2q 5000
run_tc class add dev ifb0 parent be: classid be:1 htb rate 1000000kbit
$ifb0_mtu1
run_tc qdisc add dev eth0 handle ffff: ingress
run_tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0
action mirred egress redirect dev ifb0 > /dev/null
[ $ifb0_mtu -gt 2500 ] && quantum=$ifb0_mtu || quantum=2500
run_tc class add dev ifb0 parent be:1 classid be:20 htb rate 100000kbit
ceil 1000000kbit prio 1 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:20 handle 8: sfq quantum $quantum
limit 127 perturb 10
run_tc filter add dev ifb0 parent be:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid be:20
progress_message " TC Class be:20 defined."
[ $ifb0_mtu -gt 80 ] && quantum=$ifb0_mtu || quantum=80
run_tc class add dev ifb0 parent be:1 classid be:21 htb rate 3200kbit
ceil 50000kbit prio 4 $ifb0_mtu1 quantum $quantum
progress_message " TC Class be:21 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:22 htb rate 1200kbit
ceil 50000kbit prio 4 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:22 handle 9: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:22 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:23 htb rate 1200kbit
ceil 50000kbit prio 5 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:23 handle a: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:23 defined."
[ $ifb0_mtu -gt 20 ] && quantum=$ifb0_mtu || quantum=20
run_tc class add dev ifb0 parent be:21 classid be:24 htb rate 800kbit
ceil 50000kbit prio 6 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:24 handle b: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:24 defined."
[ $ifb0_mtu -gt 10 ] && quantum=$ifb0_mtu || quantum=10
run_tc class add dev ifb0 parent be:1 classid be:25 htb rate 400kbit
ceil 1000000kbit prio 2 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:25 handle c: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:25 defined."
[ $ifb0_mtu -gt 12500 ] && quantum=$ifb0_mtu || quantum=12500
run_tc class add dev ifb0 parent be:1 classid be:26 htb rate 500000kbit
ceil 1000000kbit prio 3 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:26 handle d: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:26 defined."
[ $ifb0_mtu -gt 2250 ] && quantum=$ifb0_mtu || quantum=2250
run_tc class add dev ifb0 parent be:1 classid be:27 htb rate 90000kbit
ceil 1000000kbit prio 7 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:27 handle f: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:27 defined."
run_tc filter add dev ifb0 protocol ip parent be:0 prio 1 u32\
match ip src 1.1.1.22/32\
flowid be:22
run_tc filter add dev ifb0 protocol ip parent be:0 prio 2 u32\
match ip src 1.1.1.23/32\
flowid be:23
run_tc filter add dev ifb0 protocol ip parent be:0 prio 3 u32\
match ip src 1.1.1.24/32\
flowid be:24
run_tc filter add dev ifb0 protocol ip parent be:0 prio 4 u32\
match ip src 1.1.1.26/32\
flowid be:26
run_tc filter add dev ifb0 protocol ip parent be:0 prio 5 u32\
match ip src 1.1.1.25/32\
flowid be:25
run_tc filter add dev ifb0 protocol ip parent be:0 prio 6 u32\
match ip src 1.1.1.27/32\
flowid be:27
progress_message " TC Device ifb0 defined."
else
error_message "WARNING: Device ifb0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for eth0
#
setup_eth0_tc() {
if interface_is_up eth0; then
qt $TC qdisc del dev eth0 root
qt $TC qdisc del dev eth0 ingress
eth0_mtu=$(get_device_mtu eth0)
eth0_mtu1=$(get_device_mtu1 eth0)
run_tc qdisc add dev eth0 root handle e: htb default 17 r2q 5000
run_tc class add dev eth0 parent e: classid e:1 htb rate 1000000kbit
$eth0_mtu1
[ $eth0_mtu -gt 2500 ] && quantum=$eth0_mtu || quantum=2500
run_tc class add dev eth0 parent e:1 classid e:10 htb rate 100000kbit
ceil 1000000kbit prio 1 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:10 handle 1: sfq quantum $quantum
limit 127 perturb 10
run_tc filter add dev eth0 parent e:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid e:10
progress_message " TC Class e:10 defined."
[ $eth0_mtu -gt 60 ] && quantum=$eth0_mtu || quantum=60
run_tc class add dev eth0 parent e:1 classid e:11 htb rate 2400kbit
ceil 50000kbit prio 4 $eth0_mtu1 quantum $quantum
progress_message " TC Class e:11 defined."
[ $eth0_mtu -gt 20 ] && quantum=$eth0_mtu || quantum=20
run_tc class add dev eth0 parent e:11 classid e:12 htb rate 800kbit
ceil 50000kbit prio 4 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:12 handle 2: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:12 defined."
[ $eth0_mtu -gt 30 ] && quantum=$eth0_mtu || quantum=30
run_tc class add dev eth0 parent e:11 classid e:13 htb rate 1200kbit
ceil 50000kbit prio 5 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:13 handle 3: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:13 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:11 classid e:14 htb rate 400kbit
ceil 50000kbit prio 6 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:14 handle 4: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:14 defined."
[ $eth0_mtu -gt 10 ] && quantum=$eth0_mtu || quantum=10
run_tc class add dev eth0 parent e:1 classid e:15 htb rate 400kbit ceil
1000000kbit prio 2 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:15 handle 5: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:15 defined."
[ $eth0_mtu -gt 12500 ] && quantum=$eth0_mtu || quantum=12500
run_tc class add dev eth0 parent e:1 classid e:16 htb rate 500000kbit
ceil 1000000kbit prio 3 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:16 handle 6: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:16 defined."
[ $eth0_mtu -gt 2250 ] && quantum=$eth0_mtu || quantum=2250
run_tc class add dev eth0 parent e:1 classid e:17 htb rate 90000kbit
ceil 1000000kbit prio 7 $eth0_mtu1 quantum $quantum
run_tc qdisc add dev eth0 parent e:17 handle 7: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class e:17 defined."
progress_message " TC Device eth0 defined."
else
error_message "WARNING: Device eth0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
#
# Configure Traffic Shaping for ifb0
#
setup_ifb0_tc() {
if interface_is_up ifb0; then
qt $TC qdisc del dev ifb0 root
qt $TC qdisc del dev ifb0 ingress
ifb0_mtu=$(get_device_mtu ifb0)
ifb0_mtu1=$(get_device_mtu1 ifb0)
run_tc qdisc add dev ifb0 root handle be: htb default 27 r2q 5000
run_tc class add dev ifb0 parent be: classid be:1 htb rate 1000000kbit
$ifb0_mtu1
run_tc qdisc add dev eth0 handle ffff: ingress
run_tc filter add dev eth0 parent ffff: protocol all u32 match u32 0 0
action mirred egress redirect dev ifb0 > /dev/null
[ $ifb0_mtu -gt 2500 ] && quantum=$ifb0_mtu || quantum=2500
run_tc class add dev ifb0 parent be:1 classid be:20 htb rate 100000kbit
ceil 1000000kbit prio 1 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:20 handle 8: sfq quantum $quantum
limit 127 perturb 10
run_tc filter add dev ifb0 parent be:0 protocol ip prio 266 u32\
match ip protocol 6 0xff\
match u8 0x05 0x0f at 0\
match u16 0x0000 0xffc0 at 2\
match u8 0x10 0xff at 33 flowid be:20
progress_message " TC Class be:20 defined."
[ $ifb0_mtu -gt 80 ] && quantum=$ifb0_mtu || quantum=80
run_tc class add dev ifb0 parent be:1 classid be:21 htb rate 3200kbit
ceil 50000kbit prio 4 $ifb0_mtu1 quantum $quantum
progress_message " TC Class be:21 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:22 htb rate 1200kbit
ceil 50000kbit prio 4 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:22 handle 9: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:22 defined."
[ $ifb0_mtu -gt 30 ] && quantum=$ifb0_mtu || quantum=30
run_tc class add dev ifb0 parent be:21 classid be:23 htb rate 1200kbit
ceil 50000kbit prio 5 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:23 handle a: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:23 defined."
[ $ifb0_mtu -gt 20 ] && quantum=$ifb0_mtu || quantum=20
run_tc class add dev ifb0 parent be:21 classid be:24 htb rate 800kbit
ceil 50000kbit prio 6 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:24 handle b: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:24 defined."
[ $ifb0_mtu -gt 10 ] && quantum=$ifb0_mtu || quantum=10
run_tc class add dev ifb0 parent be:1 classid be:25 htb rate 400kbit
ceil 1000000kbit prio 2 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:25 handle c: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:25 defined."
[ $ifb0_mtu -gt 12500 ] && quantum=$ifb0_mtu || quantum=12500
run_tc class add dev ifb0 parent be:1 classid be:26 htb rate 500000kbit
ceil 1000000kbit prio 3 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:26 handle d: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:26 defined."
[ $ifb0_mtu -gt 2250 ] && quantum=$ifb0_mtu || quantum=2250
run_tc class add dev ifb0 parent be:1 classid be:27 htb rate 90000kbit
ceil 1000000kbit prio 7 $ifb0_mtu1 quantum $quantum
run_tc qdisc add dev ifb0 parent be:27 handle f: sfq quantum $quantum
limit 127 perturb 10
progress_message " TC Class be:27 defined."
run_tc filter add dev ifb0 protocol ip parent be:0 prio 4 u32\
match ip src 1.1.1.22/32\
flowid be:22
run_tc filter add dev ifb0 protocol ip parent be:0 prio 5 u32\
match ip src 1.1.1.23/32\
flowid be:23
run_tc filter add dev ifb0 protocol ip parent be:0 prio 6 u32\
match ip src 1.1.1.24/32\
flowid be:24
run_tc filter add dev ifb0 protocol ip parent be:0 prio 3 u32\
match ip src 1.1.1.26/32\
flowid be:26
run_tc filter add dev ifb0 protocol ip parent be:0 prio 2 u32\
match ip src 1.1.1.25/32\
flowid be:25
run_tc filter add dev ifb0 protocol ip parent be:0 prio 7 u32\
match ip src 1.1.1.27/32\
flowid be:27
progress_message " TC Device ifb0 defined."
else
error_message "WARNING: Device ifb0 is not in the UP state --
traffic-shaping configuration skipped"
fi
}
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
