On Mon, 2007-04-09 at 12:48 +0100, Donovan Baarda wrote: [...] > Then I noticed the "HTB: quantum of class 10001 is big. Consider r2q > change." message in dmesg and /var/log/syslog. Online searches showed > that quantum should be less than 60000, so I modified > "calculate_quantum()" in /usr/share/shorewall/compiler so that it > limited quantum to 60000. This didn't help, though the warning message > continued to show after I did this... "shorewall show tc" did show that > class 1:14 had the limited quantum, but I suspect that my change only > affected the "leaf" classes, so maybe this is still the problem.
So I hacked away at /usr/share/shorewall/compiler, fixing some bad mbit/kbit conversions (network bandwidth uses 1000, not 1024), and adding calculation of r2q based on the interface outband speed. This made the quantum warning go away, but it didn't help. I also read in the HTB docs that a qdisk with a default of 0 will make unclassified packets bypass the classes and be sent at hardware speed. So I modified /usr/share/shorewall/compiler to support having no default class for an interface so that unclassified packets bypass TC... this didn't help either. > In summary, I don't think this is a problem with shorewall... it looks > like a problem between HTB TC and NFS. It's rather strange that it only > affects writes, but I suspect this is because writes use more back and > forth traffic to verify write success, and this is different to the more > continuous streaming of reads. [...] I've now figured it out; a Doh! moment. The difference between nfs reads and writes is one is outgoing traffic, the other is incoming traffic... the problem was the ingress stuff. I haven't figured out exactly why the ingress was a problem, but I did notice an undocumented feature; set in-bandwidth to 0mbit in tcdevices and shorewall will not set up the ingress stuff. This means I can turn off the ingress stuff and NFS writes are nice and fast again. There could be something about how shorewall sets up the ingress stuff that is bad for 100mbit speeds, or it could just be that the TC ingress handling just can't work at that speed... I dunno, but for me turning ingress stuff off is good enough. I don't know if anyone is interested in my mods to /usr/share/shorewall/compiler. The "no default" change allows me to set the eth0 device at 512kbit and only classify the ADSL traffic. All unclassified local traffic bypasses the TC stuff and goes a full 100mbit speed. The fixes to 1000/1024 mbit/kbit conversions should probably go upstream. The r2q calculation that makes the quantum warning go away is probably only a niceness. -- Donovan Baarda <[EMAIL PROTECTED]> http://minkirri.apana.org.au/~abo/ ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
