On 10/29/2012 10:19 AM, Simon Hobson wrote: > I'm in the process of building a new gateway to use the newer complex > traffic controls in Shorewall instead of hand-crafted tc commands. > > At present I have (considering only outbound traffic, and omitting > actual rates for clarity) : > > # External I/F > > run_tc qdisc add dev ethext root handle 1: htb default 12 > run_tc class add dev ethext parent 1: classid 1:1 htb rate ... > € > run_tc class add dev ethext parent 1:1 classid 1:10 htb rate ... prio 1 > > run_tc class add dev ethext parent 1:10 classid 1:11 htb rate ... prio 1 > run_tc class add dev ethext parent 1:10 classid 1:12 htb rate ... prio 2 > run_tc class add dev ethext parent 1:10 classid 1:13 htb rate ... prio 3 > run_tc class add dev ethext parent 1:10 classid 1:14 htb rate ... prio 4 > > run_tc qdisc add dev ethext parent 1:11 handle 11: sfq perturb 10 > run_tc qdisc add dev ethext parent 1:12 handle 12: sfq perturb 10 > run_tc qdisc add dev ethext parent 1:13 handle 13: sfq perturb 10 > run_tc qdisc add dev ethext parent 1:14 handle 14: sfq perturb 10 > € > And a load more groups of classes for different customers or groups of > servers. > > Am I right in thinking that this would translate to the following in > tcclasses ? > > #INTERFACE MARK RATE CEIL PRIORITY OPTIONS > €€ethext:1 - ... ... 1 > ethext:1:10 - ... ... 1 > ethext:10:11 - ... ... 1 tcp-ack,tos-minimize-delay > ethext:10:12 - ... ... 2 default > ethext:10:13 - ... ... 3 > €ethext:10:14 - ... ... 4 > € > €ethext:1:20 - ... ... 1 > ethext:20:11 - ... ... 1 tcp-ack,tos-minimize-delay > > and so on ... >
Yes. > > As for devices, at present I do inbound control on the internal > interface of the router. As I read it, to use an IFB device I just > need this in tcdevices : > #INTERFACE IN-BANDWIDTH OUT-BANDWIDTH OPTIONS REDIRECTED > ethext - 1024kbit classify > ifb0 - 1024kbit classify ethext > €and then use IFB0 as the interface in tcclasses. > Is that correct ? Yes, assuming that you can classify incoming traffic based on packets as they look on the wire. > > > Also, is there an error in > http://shorewall.net/manpages/shorewall-tcclasses.html€ ? It says : >> Name of interface. Each interface may be listed only once in this file.€ > while in fact it needs to be listed for each line. Copy and paste > oversight from tcdevices manage ? > Yes. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ The Windows 8 Center - In partnership with Sourceforge Your idea - your app - 30 days. Get started! http://windows8center.sourceforge.net/ what-html-developers-need-to-know-about-coding-windows-8-metro-style-apps/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
