Re: [Shorewall-users] traffic shaping

Wed, 12 Sep 2007 06:14:23 -0700 

    Hello Tom.
    Seams i find what is the matter in my problem.
    First, different is that i run follow 'tc' command by hand (in my test):

tc qdisc add dev eth1 root handle 1: htb default 0
tc qdisc add dev eth1 ingress
tc class add dev eth1 parent 1: classid 1:1 htb rate 500mbit ceil 500mbit

    But Shorewall generate same 'tc' commands with one 'filter':

tc qdisc add dev eth1 root handle 1: htb default 0
tc class add dev eth1 parent 1: classid 1:1 htb rate 500mbit
tc qdisc add dev eth1 handle ffff: ingress
tc filter add dev eth1 parent ffff: protocol ip prio 50 u32 match ip src 
0.0.0.0/0 police rate 500000kbit burst 10k drop flowid :1

    And second, that i use OpenVZ system and test traffic shaping between
two virtual machines. In this circumstance if i increase input rate for
interface not less than 12000mbit (in my case) all work fine (with Shorewall
'tc-filter' rule). But when i decrease input rate less than 12000mbit
(500mbit in my tests) download speed have fault.

'tcdevices':

$DMZ_IF         500mbit         500mbit

    May be this info will be interested for you.
    I posted this info to OpenVZ developers.
    Thank you very much for help.
    Alex


>> >> Hello Tom,
>> >>     Thank you very much for your attention to my question.
>> >>     I attached all additional info about you wrote. All data
>> >> from failing configuation (with added interface in 'tcdevices').
>> > 
>> > Thanks Alex -- but there is no trace file.
>> > 
>> >    shorewall trace restart 2> trace.out
>> >                                   ---------
>> 
>>     Sorry Tom,
>>     I attached this file.
> 
> Alex,
> 
> I see nothing unusual in the trace. Your TC setup is identical to mine
> and mine works exactly as expected.
> 
> -Tom
          

--------
20 сентября, 19:00, Дворец Спорта: МакSим, A'Studio, Сергей Лазарев, 
Ляпис Трубецкой на Музыкальных наградах MTV в Минске.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to