Re: LARTC digest, Vol 1 #737 - 2 msgs

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I will be out of the office from 8/19 until 8/23.  I will be returning on Monday
afternoon, 8/26, and will reply then.

Thank you,

Michael Pellegrino
Softerware, Inc.

___________________________________________________________________________
Subject: LARTC digest, Vol 1 #737 - 2 msgs
From: lartc@mailman.ds9a.nl
Date: 08/25/02 01:27:57

Send LARTC mailing list submissions to
	lartc@mailman.ds9a.nl

To subscribe or unsubscribe via the World Wide Web, visit
	http://mailman.ds9a.nl/mailman/listinfo/lartc
or, via email, send a message with subject or body 'help' to
	lartc-request@mailman.ds9a.nl

You can reach the person managing the list at
	lartc-admin@mailman.ds9a.nl

When replying, please edit your Subject line so it is more specific
than "Re: Contents of LARTC digest..."


Today's Topics:

   1. Re: LARTC digest, Vol 1 #736 - 4 msgs (mikep02@softerware.com)
   2. traffic id by iproute2 for iptables (Nic Ivy)

--__--__--

Message: 1
Date: Sat, 24 Aug 2002 00:29:23 -0400
To: lartc@mailman.ds9a.nl
From: mikep02@softerware.com
Reply-To: mikep02@softerware.com
Subject:  Re: LARTC digest, Vol 1 #736 - 4 msgs

I will be out of the office from 8/19 until 8/23.  I will be returning on Monday
afternoon, 8/26, and will reply then.

Thank you,

Michael Pellegrino
Softerware, Inc.

___________________________________________________________________________
Subject: LARTC digest, Vol 1 #736 - 4 msgs
From: lartc@mailman.ds9a.nl
Date: 08/24/02 01:27:48

Send LARTC mailing list submissions to
	lartc@mailman.ds9a.nl

To subscribe or unsubscribe via the World Wide Web, visit
	http://mailman.ds9a.nl/mailman/listinfo/lartc
or, via email, send a message with subject or body 'help' to
	lartc-request@mailman.ds9a.nl

You can reach the person managing the list at
	lartc-admin@mailman.ds9a.nl

When replying, please edit your Subject line so it is more specific
than "Re: Contents of LARTC digest..."


Today's Topics:

   1. Re: LARTC digest, Vol 1 #735 - 3 msgs (mikep02@softerware.com)
   2. Re: Is TC flow-aware? (Anton Yurchenko)
   3. htb doubts (Arindam Haldar)
   4. Re: htb doubts (Stef Coene)

-- __--__-- 

Message: 1
Date: Fri, 23 Aug 2002 00:33:28 -0400
To: lartc@mailman.ds9a.nl
From: mikep02@softerware.com
Reply-To: mikep02@softerware.com
Subject:  Re: LARTC digest, Vol 1 #735 - 3 msgs

I will be out of the office from 8/19 until 8/23.  I will be returning on Monday
afternoon, 8/26, and will reply then.

Thank you,

Michael Pellegrino
Softerware, Inc.

___________________________________________________________________________
Subject: LARTC digest, Vol 1 #735 - 3 msgs
From: lartc@mailman.ds9a.nl
Date: 08/23/02 01:27:45

Send LARTC mailing list submissions to
	lartc@mailman.ds9a.nl

To subscribe or unsubscribe via the World Wide Web, visit
	http://mailman.ds9a.nl/mailman/listinfo/lartc
or, via email, send a message with subject or body 'help' to
	lartc-request@mailman.ds9a.nl

You can reach the person managing the list at
	lartc-admin@mailman.ds9a.nl

When replying, please edit your Subject line so it is more specific
than "Re: Contents of LARTC digest..."


Today's Topics:

   1. Re: Q: best solution to stop traffic to huge amount of  unregisteredhosts (Gerry Creager N5JXS)
   2. psched_tod_diff function (Pedro Larroy)
   3. Re: HTB is in 2.4.20pre1,2 (Pedro Larroy)

--  __--__--  

Message: 1
Date: Thu, 22 Aug 2002 19:02:26 -0500
From: Gerry Creager N5JXS <n5jxs@tamu.edu>
Reply-To: n5jxs@tamu.edu
Organization: Da House
To: Karl Gaissmaier <karl.gaissmaier@rz.uni-ulm.de>
Cc: Linux Advanced Routing & Traffic Control <lartc@mailman.ds9a.nl>
Subject: Re:  Q: best solution to stop traffic to huge amount of  unregisteredhosts

Karl Gaissmaier wrote:
> Gerry Creager N5JXS schrieb:
> 
>>The answers are not necessarily pretty.
>>
>>I've done a similar task with a Juniper M5 router.  It will handle up to
>>about 180,000 rules at wire speed.  But it is expensive.
>>
>>If your switches were a little newer, we could use 802.1x to enable the
>>switch-use capability flag (:-) and solve the problem.
> 
> 
> you know, 10k hosts are never attached to a network with homogenous
> new network devices :-(

Unfortunately, I do.  We have 50k hosts, more or less, on 2 class B 
address spaces.  We have about 200 buildings, and I'm not sure how many 
wiring closet switches.  And worse, yet, how many wiring closet hubs!

Our (switched) dorm hosts are about 10k.

So, I understand the issues.  The comment about newer gear, and 802.1x, 
however, stands.  This will provide some capability to handle registered 
hosts in the future, perhaps... but I remain skeptical.

>>Instead of policing at a single edge point, you might consider policing
>>at dormatory and building edges, where the load is smaller and you can
>>use masking and diminsh the ruleset some more.
> 
> 
> but the management is very difficult, see above

Correct, but you have several management issues.  One is unnecessary 
delays while filtering, marking and queuing.  Another is device 
configuration.  I've found little existing useful software for real-life 
multiple device (and heterogeneous device) management.  And none I'm 
willing to pay for.  I _do_ have a team of graduate students who are 
working on a heterogeneous-environment configuration tool, but it's not 
nearly ready for prime time.

>>With a sufficiently fast box, or series of boxes, doing specific tasks,
>>you should be able to do this.  Folks like Juniper achieve it by being
>>able to classify and mark in ASIC without having to go to the processor.
> 
> 
> Netfilter and iproute2/tc is very good but I miss just a fast
> matching module for a "pool" of ip addresses and the missing tc-cref
> or better documented tc examples, especially dealing with general
> ingress policing.

We have experimented with A Juniper M5, as a shaping and filtering box 
for specific applications.  It worked well in the tests, but is an 
expensive toy for this.  You might consider a Sitara box for some off 
your work.

I prefer the Linux approach, too, but there are times where scalability, 
due to the state of the art (and certainly not for want of advancement 
in the state of the art!) means a commercial solution.  What HAS 
happened, though, is that my expectations for the commercial products 
are now higher than they were... and the salesmen are somewhat worried.

Regards,
Gerry


--  __--__--  

Message: 2
Date: Fri, 23 Aug 2002 04:33:31 +0200
To: lartc@mailman.ds9a.nl
From: Pedro Larroy <piotr@omega.resa.es>
Subject:  psched_tod_diff function

Hi
I don't understand what psched_tod_diff function in net/sched/sch_api.c
does, so I don't know what PSCHED_TDIFF_SAFE does in sch_tbf.c

Any help will be apreciated.
-- 
 ... ___________________________________________________________ ...
|   /|                                                         |\   | 
|  /-| Pedro Larroy Tovar. PiotR | http://omega.resa.es/piotr  |-\  |
| /--|            No MS-Office attachments please.             |--\ |
o-|--|              e-mail: piotr@omega.resa.es                |--|-o 
|  \-|    finger piotr@omega.resa.es for public key and info   |-/  | 
|...\|_________________________________________________________|/...| 

--  __--__--  

Message: 3
Date: Fri, 23 Aug 2002 04:36:12 +0200
To: lartc@mailman.ds9a.nl
Subject: Re:  HTB is in 2.4.20pre1,2
From: Pedro Larroy <piotr@omega.resa.es>

On Wed, Aug 14, 2002 at 11:32:05PM +0200, devik wrote:
> Hi,
> for those who haven't realized it yet. It is in 2.4.20pre2,
> 2.5.xx, should go into new iproute2 package and I have informations
> about possibility to have it in 2.2 soon.
> 
> devik

Congratulations devik :)

Regards.
-- 
 ... ___________________________________________________________ ...
|   /|                                                         |\   | 
|  /-| Pedro Larroy Tovar. PiotR | http://omega.resa.es/piotr  |-\  |
| /--|            No MS-Office attachments please.             |--\ |
o-|--|              e-mail: piotr@omega.resa.es                |--|-o 
|  \-|    finger piotr@omega.resa.es for public key and info   |-/  | 
|...\|_________________________________________________________|/...| 


--  __--__--  

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc


End of LARTC Digest



-- __--__-- 

Message: 2
Date: Fri, 23 Aug 2002 11:31:27 +0300
From: Anton Yurchenko <phila@dg.net.ua>
To: "George J. Jahchan" <LARTC@Tech.InteractiveNetworks.net>
Cc: Linux Advanced Routing & Traffic Control <lartc@mailman.ds9a.nl>
Subject: Re:  Is TC flow-aware?

George J. Jahchan wrote:

>Is TC flow-aware for individual flows (sessions) within a given class of
>traffic?
>
>For example, assuming 100Kbps allocated to a class and 100 simultaneous
>active flows within that class. Will each flow get approx. 1K, or  will the
>greedier
>flows capture the lion's share of the 100K, leaving the others struggling to
>go
>through?
>
if you set up an sfq qdisc attached to the class then the bandwidth will 
be devided between flows.
in a prety fair manner
I`m not shure though what happens with your second question.

>  
>
-- 

Anton Yurchenko<phila@dg.net.ua>
Digital Generation




-- __--__-- 

Message: 3
Date: Fri, 23 Aug 2002 18:08:05 +0530
From: Arindam Haldar <arindamhaldar@inbox.lv>
To: LARTC <lartc@mailman.ds9a.nl>
Subject:  htb doubts

hi all,
i want to clear a doubt i have for some time..
if my htb rules(part of) looks like this--->
...
...
  tc class add dev eth0 parent 1:10 classid 1:1005 htb rate 
${Netwk-64}kbit ceil ${Netwk}kbit
  tc qdisc add dev eth0 parent 1:1005 handle 1005 pfifo limit 2
...
  tc class add dev eth0 parent 1:20 classid 1:2000 htb rate ${Caf}kbit 
ceil ${All}kbit
tc qdisc add dev eth0 parent 1:2000 handle 2000 pfifo limit 2
...
tc class add dev eth0 parent 1:20 classid 1:2001 htb rate ${Ofice}kbit 
ceil $[All-64]kbit
tc qdisc add dev eth0 parent 1:2001 handle 2001 pfifo limit 2
...

what numeric should be used in for handle.. can i use the same numeric 
value as of **classid** for handle ?.. or should they be unique ?
for eg above i used classid 1:2001 and used handle 2001--will it work ?

awaiting your help in this....
A.H


-- __--__-- 

Message: 4
From: Stef Coene <stef.coene@docum.org>
Organization: None
To: Arindam Haldar <arindamhaldar@inbox.lv>,
	LARTC <lartc@mailman.ds9a.nl>
Subject: Re:  htb doubts
Date: Fri, 23 Aug 2002 19:11:35 +0200

> tc class add dev eth0 parent 1:20 classid 1:2001 htb rate ${Ofice}kbit
> ceil $[All-64]kbit
> tc qdisc add dev eth0 parent 1:2001 handle 2001 pfifo limit 2
> ...
>
> what numeric should be used in for handle.. can i use the same numeric
> value as of **classid** for handle ?.. or should they be unique ?
> for eg above i used classid 1:2001 and used handle 2001--will it work ?
>
> awaiting your help in this....
Yes.  Actually it's handle 2001:0

Stef

--=20

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net



-- __--__-- 

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc


End of LARTC Digest



--__--__--

Message: 2
Date: Sat, 24 Aug 2002 23:45:42 +1000 (ChST)
From: "Nic Ivy" <nji-lartc@njivy.org>
To: <lartc@mailman.ds9a.nl>
Subject:  traffic id by iproute2 for iptables

I have several parallel public networks attached to a single network
interface.  Each public network requires iptables to do a different SNAT
in the POSTROUTING table.  I think iproute2 can do multipath routing over
a single device, but can iptables recognize which network a packet is
destined for?
I have explored using the 'realm' match in iptables 1.2.8 (cvs), but
iproute2 apparently doesn't support realms in multipath routing
statements.  Can iproute2 mark packets another way such that iptables can
recognize it?
Nic Ivy




--__--__--

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc


End of LARTC Digest


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux