I think I have an issue with the Wonder Shaper script. I setup my firewall to use the Wonder Shaper script with HTB (instead of CBQ). My firewall has Squid running in transparent proxy mode, but I setup my browser to point to port 3128 (default Squid port). I ran a ping session to www.yahoo.com and did an SSH at the same time that I downloaded the Linux kernel (~20MB). It appears that most (if not all) of the traffic is being placed into the high priority class (queue? don't really know the difference yet) 10:. Isn't it supposed to go to 20: if it's not SSH or ICMP or ACK packets? Here are the ping times from Yahoo! while doing the kernel download: sh-2.05# ping www.yahoo.com PING www.yahoo.akadns.net (64.58.76.227): 56 data bytes 64 bytes from 64.58.76.227: icmp_seq=0 ttl=241 time=1959.8 ms 64 bytes from 64.58.76.227: icmp_seq=1 ttl=241 time=1993.4 ms 64 bytes from 64.58.76.227: icmp_seq=2 ttl=241 time=2018.8 ms 64 bytes from 64.58.76.227: icmp_seq=3 ttl=241 time=1872.8 ms 64 bytes from 64.58.76.227: icmp_seq=4 ttl=241 time=1895.7 ms 64 bytes from 64.58.76.227: icmp_seq=5 ttl=241 time=2003.9 ms 64 bytes from 64.58.76.227: icmp_seq=6 ttl=241 time=2026.3 ms 64 bytes from 64.58.76.227: icmp_seq=7 ttl=241 time=2049.0 ms 64 bytes from 64.58.76.227: icmp_seq=8 ttl=241 time=2075.7 ms --- www.yahoo.akadns.net ping statistics --- 11 packets transmitted, 9 packets received, 18% packet loss round-trip min/avg/max = 1872.8/1988.3/2075.7 ms As you can see, they are very high, on the order of 2 seconds!!!?? When I stopped the kernel download, the ping results dropped to: sh-2.05# ping www.yahoo.com PING www.yahoo.akadns.net (64.58.76.176): 56 data bytes 64 bytes from 64.58.76.176: icmp_seq=0 ttl=241 time=178.1 ms 64 bytes from 64.58.76.176: icmp_seq=1 ttl=241 time=179.1 ms 64 bytes from 64.58.76.176: icmp_seq=2 ttl=241 time=179.1 ms 64 bytes from 64.58.76.176: icmp_seq=3 ttl=241 time=179.3 ms 64 bytes from 64.58.76.176: icmp_seq=4 ttl=241 time=179.6 ms 64 bytes from 64.58.76.176: icmp_seq=5 ttl=241 time=179.2 ms --- www.yahoo.akadns.net ping statistics --- 6 packets transmitted, 6 packets received, 0% packet loss round-trip min/avg/max = 178.1/179.0/179.6 ms Here is the output of 'tc -s qdisc list': sh-2.05# tc -s qdisc list qdisc ingress ffff: dev eth0 Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc sfq 20: dev eth0 quantum 1514b perturb 10sec Sent 44775 bytes 401 pkts (dropped 0, overlimits 0) qdisc sfq 10: dev eth0 quantum 1514b perturb 10sec Sent 166751 bytes 2494 pkts (dropped 0, overlimits 0) qdisc htb 1: dev eth0 r2q 10 default 20 dcache 0 deq_util 1/1000000 deq_rate 0 trials_per_deq 0 dcache_hits 0 direct_packets 0 Sent 211526 bytes 2895 pkts (dropped 0, overlimits 0) During the download and the ping, the SSH session is extremely sluggish. But once both are stopped, the SSH session is very usable. I'm using the 2.4.16 kernel patched with the HTB patch. -- Jason A. Pattie pattieja@pcxperience.com
