RE: [LARTC] How could I do this?

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You can't mark packet with bandwidth and suppose that
TC subsys will dynamically create shaped flows for you ;-)
See other mail I send you. devik

On Sun, 9 Dec 2001, yangrunhua wrote:

> Thanks for your answer,
> Now, I modified netfilter/iptables source,
> I can mark every packet with some number attached with it's src ip(such as it's bandwidth);
> My question is: how can i limit every src ip's bandwidth with high effiency if I use tc?
>
> -----Original Message-----
> From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx] On Behalf Of devik
> Sent: 2001ĺš´12ć??8ć?Ľ 23:12
> To: yangrunhua
> Cc: lartc@xxxxxxxxxxxxxxx
> Subject: RE: [LARTC] How could I do this?
>
> I only wanted to mention it as interesting possibility
> but it can't be done in O(1). However it can be simply done
> in O(N^(1/M)) where M is integer > 1. You can do it by (untested):
>
> ipchains -N sub
> ipchains -A sub -s 0.0.0.1/0.0.0.255 -m +1
> ipchains -A sub -s 0.0.0.2/0.0.0.255 -m +2
> ..
> ..
> ipchains -A input 192.168.1.0/24 -m 0x10000 -j sub
> ipchains -A input 192.168.2.0/24 -m 0x10100 -j sub
> ..
> ..
>
> you would need 512 lines to handle 65536 adresses
> in 256 lookups on average. By creating another '-j subsub'
> level then you will end up with 96 rules for 65536
> addresses with 60 lookups on average.
>
> I didn't tested it, it is only idea. But should work.
>
> hth, devik
>
> On Sat, 8 Dec 2001, yangrunhua wrote:
>
> > But how I design a filter( O(1) ) to classify based on fwmark(hash on fwmark)?
> >
> > -----Original Message-----
> > From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx] On Behalf Of devik
> > Sent: 2001ĺť´12Ä?Ĺ?Â?8Ä?â??Ä˝ 18:18
> > To: yangrunhua
> > Cc: lartc@xxxxxxxxxxxxxxx
> > Subject: RE: [LARTC] How could I do this?
> >
> > Ehh sorry it is a lot of writting. Look at LARTC HOWTO
> > 12.4 section. Basicaly if you have ip A.B.C.D then you
> > can base hash source on D for several fixed A.B.C.
> > Then you will end with at most N/256+1 lookups for N
> > ip addresses.
> >
> > devik
> >
> > On Sat, 8 Dec 2001, yangrunhua wrote:
> >
> > > Can you give me an example?
> > > Thanks.
> > >
> > > -----Original Message-----
> > > From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx]
> > > On Behalf Of Martin Devera
> > > Sent: 2001Ä?â??Ă?â?˘12Ä?â??Ä?â??8Ă?Ĺ?ÄšÂ? 15:58
> > > To: yangrunhua
> > > Cc: lartc@xxxxxxxxxxxxxxx
> > > Subject: Re: [LARTC] How could I do this?
> > >
> > > IMHO u32 with hashes could be used for this. Other interesting
> > > way is that CBQ & HTB allows you to set packet's class from
> > > priority. When priority is 0x10003 then the packet is queued
> > > directly into 1:3 queue.
> > > You can simly modify classifier (in fact I will do it for
> > > HTB) to allow such selection thru fwmark.
> > > You can then mark flows by iptables .... --set-mark 0x10003 to
> > > assign packet into 1:3 class ..
> > >
> > > HTH, devik
> > >
> > > On Sat, 8 Dec 2001, yangrunhua wrote:
> > >
> > > > If I want to limit bandwidth from a lot of ip addresses( every ip has
> > > a
> > > > limit),
> > > > How could I improve performance( If I could use netfilter  to mark the
> > > > ip packet with the bandwidth assigned to
> > > > the src ip of packet), normally, this could only be done only by: one
> > > > qdisc per ip, then there will be too many
> > > > filters to classify them based on fwmark(and u32 + hash can't satisfy
> > > my
> > > > demand that limit bandwidth for every ip, not for ip group),
> > > > but it try to match line by line, then if many, the performance will
> > > go
> > > > down.
> > > > Many thanks
> > > >
> > >
> > >
> > > _______________________________________________
> > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
> > > http://ds9a.nl/2.4Routing/
> > >
> > >
> >
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
> >
> >
>
>
> _______________________________________________
> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
>
>




[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux