-the packets enter eth0 -then they are marked by ipchains -then they enter eth1 and thus the 128kbit class I made -and then they are balanced
Sander
At 21:27 4-1-01 +0100, you wrote:
Is eth1 your lan of inet interface?
Thnx, Wouter
----- Original Message ----- From: "Sander" <thrill12@xxxxxxx> To: "Wouter Smit" <wouter@xxxxxxxxxxxx> Cc: <lartc@xxxxxxxxxxxxxxx> Sent: Thursday, January 04, 2001 7:17 PM Subject: Re: [LARTC] traffic shaping
> At 13:22 4-1-01 +0100, you wrote: > >Hello, > > > >I'm trying to limit all outgoing traffic by means of TC. With six students > >we are connected through the server (Debian 2.2 kernel 2.2.18) with a > >cablemodem. When one person uploads (usually with full bandwidth available > >15KB/s) none of the others can make use of the internet because no requests > >for information can be send. > > > >So, i want to limit the maximum individual upload to 5KB/s so this doesnt > >disturb others useing the internet. > > > >Situation: > > > >Server: 192.168.1.1 > >Clients: 192.168.1.2 - 192.168.1.7 > >eth0: LAN > >eth1: Cablemodem > > > >Below is what I came up with myself but it doesnt seem to work. Also when do > >i activate this rules? pre- of post configuring interfaces? > > > >Thnx, > >Wouter Smit > > > >------------------------------------------------ > >#!/bin/sh > > > >TC="/sbin/tc" > >IF="eth1" > > > >echo Configure queueing discipline > >$TC qdisc add dev $IF root handle 10: cbq bandwidth 120Kbit avpkt 1000 > > > >echo Configure root class > >$TC class add dev $IF parent 10:0 classid 10:1 cbq bandwidth 120Kbit rate \ > > 120Kbit allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000 > > > >echo Configure class divisions > >$TC class add dev $IF parent 10:1 classid 10:100 cbq bandwidth 120Kbit rate > >\ > > 40Kbit allot 1514 weight 4Kbit prio 5 maxburst 20 avpkt 1000 bounded > > > >echo Configure queue management > >$TC qdisc add dev $IF parent 10:100 sfq perturb 15 quantum 1514 > > > >echo Configure which packets belong to which class > >$TC filter add dev $IF parent 10:0 protocol ip prio 25 u32 match ip src \ > > 192.168.1.0/24 flowid 10:100 > > We have the exact same situation, so here is our configuration script, with > a little tweaking you should be able to implement it. Most important is > that you MARK the packets that enter the router with ipchains. > > # setup packetforwarding > /sbin/ipchains -P forward DENY > # here we mark the packets with -m > /sbin/ipchains -A forward -s 192.168.0.1/32 -j MASQ -m 0x1 > /sbin/ipchains -A forward -s 192.168.0.4/32 -j MASQ -m 0x4 > /sbin/ipchains -A forward -s 192.168.0.3/32 -j MASQ -m 0x3 > /sbin/ipchains -A forward -s 192.168.0.6/32 -j MASQ -m 0x6 > /sbin/ipchains -A forward -s 192.168.0.7/32 -j MASQ -m 0x7 > /sbin/ipchains -A forward -s 192.168.0.10/32 -j MASQ -m 0xa > # eliminate spoofing > /sbin/ipchains -A forward -i $extip -s 192.168.0.0/24 -d 0.0.0.0/0 -j DENY > > #root device for upstream, divided in various subclasses to more or less > guarantee a fair loadbalancing (see below..) > /usr/bin/tc qdisc add dev eth1 root handle 1: cbq bandwidth 128Kbit avpkt 1000 > /usr/bin/tc class add dev eth1 parent 1:0 classid 1:1 cbq bandwidth 128Kbit > rate 128Kbit \ > allot 1514 weight 12Kbit prio 8 maxburst 20 avpkt 1000 > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:2 cbq bandwidth 128Kbit > rate 64Kbit \ > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000 > /usr/bin/tc class add dev eth1 parent 1:1 classid 1:3 cbq bandwidth 128Kbit > rate 64Kbit \ > allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000 > > # configure ip 1 here for 40 kbit (to ensure fairnes..) WITH borrowing > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:11 cbq bandwidth > 128Kbit rate 40Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2 > /usr/bin/tc qdisc add dev eth1 parent 1:11 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 1 fw > classid 1:11 > #192.168.0.3 > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:13 cbq bandwidth > 128Kbit rate 40Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2 > /usr/bin/tc qdisc add dev eth1 parent 1:13 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 3 fw > classid 1:13 > #192.168.0.4 > /usr/bin/tc class add dev eth1 parent 1:2 classid 1:14 cbq bandwidth > 128Kbit rate 35Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:2 > /usr/bin/tc qdisc add dev eth1 parent 1:14 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 4 fw > classid 1:14 > #192.168.0.6 > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:16 cbq bandwidth > 128Kbit rate 40Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3 > /usr/bin/tc qdisc add dev eth1 parent 1:16 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 6 fw > classid 1:16 > #192.168.0.7 > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:17 cbq bandwidth > 128Kbit rate 40Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3 > /usr/bin/tc qdisc add dev eth1 parent 1:17 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 7 fw > classid 1:17 > #192.168.0.10 > /usr/bin/tc class add dev eth1 parent 1:3 classid 1:20 cbq bandwidth > 128Kbit rate 40Kbit \ > allot 1514 weight 2Kbit prio 5 maxburst 20 avpkt 1000 split 1:3 > /usr/bin/tc qdisc add dev eth1 parent 1:20 sfq quantum 1514b perturb 15 > /usr/bin/tc filter add dev eth1 parent 1:0 protocol ip prio 100 handle 10 > fw classid 1:20 > > So we now have 1 root class of 128 kbit, two subclasses of 64 kbit, each of > those subclass serving 3 people. > The 40kbit per person thing was done with one purpose: when 1 person starts > the upload, and another person kicks in, the first person still gets > 128Kbit - 40Kbit and the second one gets that 40 Kbit. This is more then > one would get when we would simply divide 128Kbit by 6. I don't yet know > how to get the loadbalancing system to divide the space evenly (1 > person=128 Kbit, 2 persons = 64Kbit, 3=43Kbit etc..), but haven't come up > with a solution yet. > > Sander
