[LARTC] Problem with HTB accurancy

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello, I'm Alexandra Alvarado

I've been working with linux and CBQ with a long time, but know  I
want to migrate to HTB, and I'm testing it in a linux with the next features:

- Pentium IV 1.7 Ghz
- 256 MB
- 1 3Com 3C905B
- 1 3Com 3C905C
- Red Hat 8.0
- Kernel 2.4.20
- iproute-2.4.7-7
- Squid - Transparent Proxy
- VPN
- Named
- Reiserfs
- SNMP
- HTB (The configuration is in the attached file)

My problem is that rrdtool graph shows :

    ETH0 IN:        596.99Kbps
    ETH0 OUT:    100.71Kbps

    ETH1 IN:        74.44Kbps
    ETH1 OUT:    150.13Kbps

And the configuration has a ceil of 384Kbit

What I'm doing wrong??

I suppose that it could be with Squid Transparent Proxy, but in HTB I have a default classid 20,
that is where must go any not specified traffic, how can I solve my problem?

Thanks

Alexandra Alvarado
 
 


#!/bin/sh iptables -F -t mangle # ===>> Control de Trafico de Salida << === # # ===>> PC1 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.194 -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.194 -j MARK --set-mark 1 # ===>> PC2 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.199 -j MARK --set-mark 3 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.199 -j MARK --set-mark 3 # ===>> PC3 <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.201 -j MARK --set-mark 5 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.201 -j MARK --set-mark 5 # ===>> Resto de la Red Privada <<=== # iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.0/25 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.0/25 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.128/26 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.128/26 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.192 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.192 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.193 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.193 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.195 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.195 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.196 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.196 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.197 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.197 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.198 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.198 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.200 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.200 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.202 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.202 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.203 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.203 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.204 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.204 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.205 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.205 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.206 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.206 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.207 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.207 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.208/28 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.208/28 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p tcp -s 207.100.136.224/27 -j MARK --set-mark 7 iptables -A PREROUTING -t mangle -p udp -s 207.100.136.224/27 -j MARK --set-mark 7 tc qdisc del dev eth0 root handle 1: tc qdisc add dev eth0 root handle 1: htb default 20 tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 384kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:11 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:12 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:13 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:14 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth0 parent 1:1 classid 1:20 htb rate 100kbit ceil 128kbit burst 2k tc filter add dev eth0 parent 1: protocol ip prio 1 handle 1 fw classid 1:10 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3 fw classid 1:11 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 5 fw classid 1:12 tc filter add dev eth0 parent 1: protocol ip prio 3 handle 7 fw classid 1:13 # ===>> Control de Trafico de Entrada << === #  # ===>> PC1 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.194 -j MARK --set-mark 2 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.194 -j MARK --set-mark 2 # ===>> PC2 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.199 -j MARK --set-mark 4 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.199 -j MARK --set-mark 4 # ===>> PC3 <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.201 -j MARK --set-mark 6 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.201 -j MARK --set-mark 6 # ===>> Resto de la Red Privada <<=== # iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.0/25 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.0/25 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.128/26 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.128/26 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.192 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.192 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.193 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.193 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.195 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.195 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.196 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.196 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.197 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.197 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.198 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.198 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.200 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.200 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.202 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.202 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.203 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.203 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.204 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.204 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.205 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.205 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.206 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.206 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.207 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.207 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.208/28 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.208/28 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p tcp -d 207.100.136.224/27 -j MARK --set-mark 8 iptables -A POSTROUTING -t mangle -p udp -d 207.100.136.224/27 -j MARK --set-mark 8 tc qdisc del dev eth1 root handle 1: tc qdisc add dev eth1 root handle 1: htb default 20 tc class add dev eth1 parent 1: classid 1:1 htb rate 100mbit ceil 384kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:10 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:11 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:12 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:13 htb rate 56kbit ceil 64kbit burst 2k tc class add dev eth1 parent 1:1 classid 1:20 htb rate 100kbit ceil 128kbit burst 2k tc filter add dev eth1 parent 1: protocol ip prio 1 handle 2 fw classid 1:10 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 4 fw classid 1:11 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 6 fw classid 1:13 tc filter add dev eth1 parent 1: protocol ip prio 3 handle 8 fw classid 1:14 # === >> Fin << === #

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux