Hello, I am chasing some infomation of using iproute2 tools to implement somee QOS rules on my FW/ Bandwidth shaping machine. I have successfully set up a scenario using CBQ and SFQ as per Rusty (and other) docs. This meets half my requirement, allowing me to shape traffic appropriately. However, I can't seem to find some good solid doco on using some of the other disciplines. WHat I really need to do is to allow certain traffic to queue jump. Specifically I need to prioritise http/s traffic between the internet and a host on the DMZ. I don't want "other" traffic drowning out this feed, and I don't want to have to limit other use without necessity. I have 256K outgoing and 1.5Mbit incoming to play with. The incoming traffic to this system is just as likely to be as heavy as the outgoing. I could do the following: NonDmz -> Outgoing : 64k guaranteed unbounded (out of 256k) DMZ -> Outgoing : 196K guaranteed unbounded (Out of 256k) with similar rules for the incoming traffic. I would prefer a more graceful method where I could simply allow the high priority traffic to queue jump ahead of everything else when required. Does anyone have such as system in place, or could someone point me in the direction of some solid doco that outlines some of the other queueing disciplines/filters which would allow me to do this. Below is a copy of my current qdisc int script. The "Internet" route is represented as the 172.249.16.0/24, the DMZ as 10.100.8.0/24 and the Internal network represented as 168.217.172.0/24. These values are within my test environment only. PS: For those wishing to test their configurations of this software, I recommend this use of a tool called iperf. It's small, easy to install on both linux and windows platforms as has been invaluable to me in proving my rules work between different networks. http://dast.nlanr.net/Projects/Iperf1.1.1/release.html regards, Steve Kelly ============ # Clear out existing Queueing disciplines for INTERFACE in eth0 eth1 eth2 eth3 do tc qdisc del root dev $INTERFACE echo QDISC reset on $INTERFACE done ############ # eth3 - INTERNET # 256KB Out # Root definitions tc qdisc add dev eth3 root handle 30: cbq bandwidth 100Mbit avpkt 1000 tc class add dev eth3 parent 30:0 classid 30:1 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 20 avpkt 1000 # ADSL Class tc class add dev eth3 parent 30:1 classid 30:100 cbq bandwidth 100Mbit rate 250Kbit allot 1514 weight 20Kbit prio 5 maxburst 15 avpkt 1000 bounded isolated tc qdisc add dev eth3 parent 30:100 sfq quantum 1514b perturb 15 # Filters tc filter add dev eth3 parent 30:0 protocol ip prio 50 u32 match ip src 0.0.0.0/0 flowid 30:100 echo Queue configured on eth3 ############## # eth1 INTERNAL # 1.5Mbs out from INTERNET # Root definitions tc qdisc add dev eth1 root handle 10: cbq bandwidth 100Mbit avpkt 1000 tc class add dev eth1 parent 10:0 classid 10:1 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 20 avpkt 1000 # ADSL Class tc class add dev eth1 parent 10:1 classid 10:100 cbq bandwidth 100Mbit rate 1.5Mbit allot 1514 weight 150Kbit prio 5 maxburst 20 avpkt 1000 bounded isolated tc qdisc add dev eth1 parent 10:100 sfq quantum 1514b perturb 15 # LAN Class tc class add dev eth1 parent 10:1 classid 10:200 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 1 maxburst 20 avpkt 1000 tc qdisc add dev eth1 parent 10:200 sfq quantum 1514b perturb 15 # Filters tc filter add dev eth1 parent 10:0 protocol ip prio 10 u32 match ip src 10.100.8.0/24 flowid 10:200 tc filter add dev eth1 parent 10:0 protocol ip prio 50 u32 match ip src 0.0.0.0/0 flowid 10:100 echo Queue configured on eth1 ################## # eth2 DMZ # 1.5MBS out from INTERNET # Root definitions tc qdisc add dev eth2 root handle 20: cbq bandwidth 100Mbit avpkt 1000 tc class add dev eth2 parent 20:0 classid 20:1 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 20 avpkt 1000 # ADSL Class tc class add dev eth2 parent 20:1 classid 20:100 cbq bandwidth 100Mbit rate 1.5Mbit allot 1514 weight 150Kbit prio 5 maxburst 20 avpkt 1000 bounded isolated tc qdisc add dev eth2 parent 20:100 sfq quantum 1514b perturb 15 # LAN Class tc class add dev eth2 parent 20:1 classid 20:200 cbq bandwidth 100Mbit rate 100Mbit allot 1514 weight 10Mbit prio 1 maxburst 20 avpkt 1000 tc qdisc add dev eth2 parent 20:200 sfq quantum 1514b perturb 15 # Filters tc filter add dev eth2 parent 20:0 protocol ip prio 10 u32 match ip src 168.217.172.0/24 flowid 20:200 tc filter add dev eth2 parent 20:0 protocol ip prio 50 u32 match ip src 0.0.0.0/0 flowid 20:100 echo Queue configured on eth2 ========================== ## Stephen Kelly ## Technical Services Specialist ## Beacon Technology ## http://www.beacon.com.au ## ph + 61 8 9486 8500 (x231) ## steve@xxxxxxxxxxxxx ========================== "Drawing on my fine command of language, I said nothing."
