[LARTC] CBQ and load balancing

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi there,

I got a question about CBQ, hope anybody can help me (did not found
anything
in the archives).
My setup is like this:
all hosts are Athlon 800MHZ, 256 MByte RAM and 3com9x Netcards (100MBit)
Distribution SuSE 7.0 -> Kernel 2.2.16

Host Setup:

			 ---www_server_1
			/
--------------|-------------www_server_2
	load balancer   \
	(with CBQ)	 ---www_server_3
	192.168.10.17	 


all I want to do is shaping the INCOMING traffic this means
that if I define a special IP only 200Kbit of HTTP request 
traffic (as an example) is forwarded to the webservers from
that IP.
The load balancer (Linux Virtual Server) works on IP basis and
is integrated as a patch into the system-kernel. It distributes
the packets via "direct routing" this means load balancer and
www_server_X have all the same IP. If a package is received by
the LB it changes the MAC Address of the package and forward it
to the right www_server_X.
The following attempts did not work:

using the fw filter:
implementing one of the following rules via ipchains did not work:
(ip 192.168.10.15 is the client I want to restrict bandwidth)

ipchains -A forward -p ip -d 192.168.10.17 m 1 -j ACCEPT
or
ipchains -A output -p ip -d 192.168.10.17 m 1 -j ACCEPT
or
ipchains -A forward -p ip -s 192.168.10.15 m 1 -j ACCEPT
or
ipchains -A output -p ip -s 192.168.10.15 m 1 -j ACCEPT

the filter was set up with the following rule

tc filter add dev eth0 protocol ip parent 100:0 prio 100 handle 1 fw
classid 100:100

I far as I know with one of the first two rules the whole incoming
traffic
should be reduced to to let´s say 200Kbit, with the last two rules
traffic
from source IP 192.168.10.15 sould be reduced to 200Kbit. Non did work.

using the u32 filter:

tc filter add dev eth0 parent 100:0 protocol ip prio 100 u32 match ip
src 192.168.10.15 flowid 100:100

did not work either

I tried if CBQ really works with a setup like this

client ---- www_server

and an ipchains rule like

ipchains -A output -p ip -d 192.168.10.15 m 1 -j ACCEPT

the whole outgoing traffic was reduced to 200Kbit.
So if anybody has an idea what I did wrong in first place I would be
very 
happy if you could tell me. Or is it impossible to shape incomming
traffic 
like this. If you need any further information please ask me. 

thanks,
  Joern

P.S.: sorry for my bad english
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux