Hi,
Prio is a number between 0 and 7. prio 10 is actually prio 7.
It's reported before that using the uid in routing keys is not working. Maybe
it's the same problem. The marking is working, but I'm wondering why the fw
filter is not picking up the packets. Don't know.
Stef
On Saturday 26 October 2002 15:44, Aigars Mahinovs wrote:
> Hi all,
>
> I am trying to priorityse outgoing traffic basing on UID of the sender.
> Script follows:
>
> # First mark packets with their respective priority
>
> iptables -t mangle -F OUTPUT
>
> iptables -t mangle -A OUTPUT -m owner --uid-owner root -j MARK
> --set-mark 1
> iptables -t mangle -A OUTPUT -m owner --uid-owner aigarius -j MARK
> --set-mark 2
> iptables -t mangle -A OUTPUT -m owner --uid-owner bind -j MARK
> --set-mark 3
> iptables -t mangle -A OUTPUT -m owner --uid-owner proxy -j MARK
> --set-mark 4
> iptables -t mangle -A OUTPUT -m owner --uid-owner nobody -j MARK
> --set-mark 5
> iptables -t mangle -A OUTPUT -m owner --uid-owner www-data -j MARK
> --set-mark 6
> iptables -t mangle -A OUTPUT -m owner --uid-owner ftp -j MARK --set-mark
> 7
> iptables -t mangle -A OUTPUT -m owner --uid-owner ivarix -j MARK
> --set-mark 8
> iptables -t mangle -A OUTPUT -m owner --uid-owner blacky -j MARK
> --set-mark 9
> iptables -t mangle -A OUTPUT -j MARK --set-mark 666
>
> # now make outgoing traffic classes
> # clean existing qdiscs, hide errors
> /home/aigarius/bin/tc qdisc del dev eth0 root 2> /dev/null >
> /dev/null
>
> /home/aigarius/bin/tc qdisc add dev eth0 root handle 1: htb
> /home/aigarius/bin/tc class add dev eth0 parent 1: classid 1:1 htb rate
> 100mbit burst 64k
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:10 htb
> rate 100mbit burst 64k prio 1
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:20 htb
> rate 100mbit burst 64k prio 2
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:30 htb
> rate 100mbit burst 64k prio 3
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:40 htb
> rate 100mbit burst 64k prio 4
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:50 htb
> rate 100mbit burst 64k prio 5
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:60 htb
> rate 100mbit burst 64k prio 6
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:70 htb
> rate 100mbit burst 64k prio 7
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:80 htb
> rate 100mbit burst 64k prio 8
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:90 htb
> rate 100mbit burst 64k prio 9
> /home/aigarius/bin/tc class add dev eth0 parent 1:1 classid 1:666 htb
> rate 10mbit burst 64k prio 20
> # all get Stochastic Fairness:
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:10 handle 10: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:20 handle 20: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:30 handle 30: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:40 handle 40: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:50 handle 50: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:60 handle 60: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:70 handle 70: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:80 handle 80: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:90 handle 90: sfq
> perturb 10
> /home/aigarius/bin/tc qdisc add dev eth0 parent 1:666 handle 666: sfq
> perturb 10
> # Filter traffic into classes
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 1 fw flowid 1:10
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 2 fw flowid 1:20
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 3 fw flowid 1:30
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 4 fw flowid 1:40
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 5 fw flowid 1:50
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 6 fw flowid 1:60
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 7 fw flowid 1:70
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 8 fw flowid 1:80
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 9 fw flowid 1:90
> /home/aigarius/bin/tc filter add dev eth0 parent 1:0 protocol ip prio 10
> handle 666 fw flowid 1:666
>
> --- END OF SCRIPT ---
>
> Problem:
> no shaping is done
>
> # tc -s qdisc show
> qdisc sfq 666: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 679086470 bytes 985634 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 90: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 80: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 70: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 60: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 50: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 40: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 30: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 20: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 10: dev eth0 quantum 1514b limit 128p flows 128/1024 perturb
> 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc htb 1: dev eth0 r2q 10 default 0 direct_packets_stat 778 ver 3.6
> Sent 679175569 bytes 986412 pkts (dropped 0, overlimits 9647)
>
> #iptables -v -t mangle -L OUTPUT
> Chain OUTPUT (policy ACCEPT 25M packets, 16G bytes)
> pkts bytes target prot opt in out source
> destination
> 6782 802K MARK all -- any any anywhere
> anywhere OWNER UID match root MARK set 0x1
> 7439 393K MARK all -- any any anywhere
> anywhere OWNER UID match aigarius MARK set 0x2
> 7878 2018K MARK all -- any any anywhere
> anywhere OWNER UID match bind MARK set 0x3
> 65687 49M MARK all -- any any anywhere
> anywhere OWNER UID match proxy MARK set 0x4
> 752K 524M MARK all -- any any anywhere
> anywhere OWNER UID match nobody MARK set 0x5
> 24388 35M MARK all -- any any anywhere
> anywhere OWNER UID match www-data MARK set 0x6
> 44401 62M MARK all -- any any anywhere
> anywhere OWNER UID match ftp MARK set 0x7
> 7 600 MARK all -- any any anywhere
> anywhere OWNER UID match ivarix MARK set 0x8
> 0 0 MARK all -- any any anywhere
> anywhere OWNER UID match blacky MARK set 0x9
> 1019K 680M MARK all -- any any anywhere
> anywhere MARK set 0x29a
>
> As I see there is no shaping done -- the filters do not work.
> I also do routing based on firewall key -> it doesn't work either, but
> nothing shows any errors.
>
> Please help. Thanks.
>
> PS. I am using kernel 2.4.19 patched with htb3 and gr-security patch and
> htb3 precompiled tc on Debian unstable system.
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
