--6Vw0j8UKbyX0bfpA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
I have a colocated server with a bandwidth limitation, so I want to
throttle the maximum output to 256k, and use a PRIO with SFQ inside
this, so I'm using the following:
tc qdisc add dev eth0 root handle 1: htb default 1
tc class add dev eth0 parent 1: classid 1:1 htb rate 256kbit burst 15k
tc qdisc add dev eth0 parent 1:1 handle 10: prio
tc qdisc add dev eth0 parent 10:1 handle 11: sfq
tc qdisc add dev eth0 parent 10:2 handle 12: sfq
tc qdisc add dev eth0 parent 10:3 handle 13: sfq
This all works fine, ssh traffic falls straight into 11:, and scp
traffic into 13:, everything else into 12:.
My problems come when I try to filter outbound traffic from port80
into 13: (the lowpriority band).
This doesn't work:
tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip sport 80 =
0xffff flowid 13:
nor does:
tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip sport 80 =
0xffff flowid 10:3
nor does:
iptables -t mangle -A OUTPUT -p TCP --sport 80 -j TOS --set-tos Maximize-Th=
roughput
(the packet counters against the ruleset go up, but not the ones in the tc =
-s qdisc)
I also tried this with FORWARD & POSTROUTING, also no joy.
Interestingly it /does/ work if (and only if) I set the TOS in the
PREROUTING mangle chain on a firewall with these rules - but I can't
do this with my colo box.
Any ideas?
- Rob.
--=20
Robert Collier
rob@ossifrage.net
--6Vw0j8UKbyX0bfpA
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8f55E9T8IpFhj92kRApuKAKCBXFwvJ8LA3LLggVholVvJOuY7rACdFLJh
NkB7q7Hv2w9VMX8QrS0G0hM=
=1upG
-----END PGP SIGNATURE-----
--6Vw0j8UKbyX0bfpA--
