[LARTC] Two-way Shared Traffic shaping and NAT

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

	We are doing traffic shaping with tc command of iproute2. With NATMAP our
internal (Say)192.168.1.X class is mapped with routable 172.16.1.X class. We
can successfully implement traffic shaping on either upload or download. We
are using "red" scheduling and "fw" filter classifier for this.

# /sbin/iptables -t nat -A PREROUTING    -d 192.168.1.0/24 -j NETMAP   \
--to 172.16.1.0/24
# /sbin/iptables -t nat -A POSTROUTING   -s 172.16.1.0/24 -j NETMAP   \
--to 192.168.1.0/24
To restrict Downloads:
# /sbin/iptables ?t mangle ?I PREROUTING ?d 172.16.1.57 ?j MARK --set-mark
57
# /sbin/tc qdisc add dev eth0 root handle 10: cbq bandwidth 100Mbit avpkt
1000 cell 8
# /sbin/tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 100Mbit
\
rate 100Mbit allot 1514 cell 8 weight 10Mbit prio 8 maxburst 20 avpkt 1000
# /sbin/tc class add dev eth0 parent 10:1 classid 10:010 cbq bandwidth
100Mbit  \
rate 120Kbit allot 1514 cell 8 weight 12Kbit prio 5 maxburst 20 avpkt 1000
bounded
# /sbin/tc qdisc add dev eth0 parent 10:10 red max 12288 min 6100 limit
12288  \
avpkt 1000 burst 12
# /sbin/tc filter add dev eth0 parent 10:0 protocol ip prio 100 handle 57 fw
classid 10:10

To restrict Uploads:
# /sbin/iptables ?t mangle ?I PREROUTING ?s 192.168.1.57 ?j MARK --set-mark
57
# /sbin/tc qdisc add dev eth1 root handle 11: cbq bandwidth 100Mbit avpkt
1000 cell 8
# /sbin/tc class add dev eth1 parent 11:0 classid 11:1 cbq bandwidth 100Mbit
\
rate 100Mbit allot 1514 cell 8 weight 10Mbit prio 8 maxburst 20 avpkt 1000
# /sbin/tc class add dev eth1 parent 11:1 classid 11:010 cbq bandwidth
100Mbit  \
rate 120Kbit allot 1514 cell 8 weight 12Kbit prio 5 maxburst 20 avpkt 1000
bounded
# /sbin/tc qdisc add dev eth1 parent 11:010 red max 12288 min 6100 limit
12288  \
avpkt 1000 burst 12
# /sbin/tc filter add dev eth1 parent 11:0 protocol ip prio 100 handle 57 fw
classid 11:10

	Though in Advance-Routing-HOWTO Section 9.1 its clearly stated that "With
queueing we determine the way in which data is sent. It is important to
realise that we can only shape data that we transmit". I wanted to work on
setup someting describe below.

	Now instead of this 12Kbytes for individual upload and download; I want let
user have total 12Kbytes; and sum of upload and download should not be more
then this 12Kbytes. Is there any way to implementing traffic shaping over
"from and to" an IP say 192.168.1.1?

	We did a little with "u32" classifier too. in that "match ip src" seems not
work and/or work only while downloads and "match ip dst" works with uploads.
	Thanks for any support or hints. I'd like to even go for any
beta-developmet going on this issue.

Regards,
-- Sumit




[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux