We need to split a 128Kbps line to 2 companies guaranteeing each at least 64Kbps (they should be able to use all available bandwidth if the link is idle). We would also like to implement fairly simplistic QoS... I'm still totally confused after reading through the LARTC guide (although this is most likely my problem and not the HOWTO authors's)... Herewith the script I've managed to scratch together, does anyone see any "Argh!"'s in it? # (ISP) eth1 ------ cbq box ------ eth0 (192.168.1.0/24 and 192.168.2.0/24 are 2 clients) # Note. NAT is done upstream... # Bandwidth Management and Quality of Service: # 1: # | # 1:1 # / \ # / \ # / \ # / \ # 1:10 1:20 # / \ / \ # / \ / \ # / \ / \ #1:100 1:110 1:200 1:210 # | | | | # 100: 110: 200: 210: # Towards Gerber Computer Services (GCS) tc qdisc del dev eth0 root 2> /dev/null > /dev/null tc qdisc del dev eth0 ingress 2> /dev/null > /dev/null tc qdisc add dev eth0 root handle 1: cbq bandwidth 100Mbit avpkt 1000 cell 8 tc class add dev eth0 parent 1: classid 1:1 cbq bandwidth 100Mbit rate 128kbit weight 12.8kbit allot 1514 prio 8 cell 8 maxburst 20 avpkt 1000 bounded tc class add dev eth0 parent 1:1 classid 1:10 cbq bandwidth 100Mbit rate 64kbit weight 6.4kbit allot 1514 prio 5 cell 8 maxburst 20 avpkt 1000 tc class add dev eth0 parent 1:1 classid 1:20 cbq bandwidth 100Mbit rate 64kbit weight 6.4kbit allot 1514 prio 5 cell 8 maxburst 20 avpkt 1000 tc class add dev eth0 parent 1:10 classid 1:100 cbq rate 60kbit allot 1514 prio 1 avpkt 1000 tc class add dev eth0 parent 1:10 classid 1:110 cbq rate 54kbit allot 1514 prio 2 avpkt 1000 tc class add dev eth0 parent 1:20 classid 1:200 cbq rate 60kbit allot 1514 prio 1 avpkt 1000 tc class add dev eth0 parent 1:20 classid 1:210 cbq rate 54kbit allot 1514 prio 2 avpkt 1000 tc qdisc add dev eth0 parent 1:100 handle 100: sfq perturb 10 tc qdisc add dev eth0 parent 1:110 handle 110: sfq perturb 10 tc qdisc add dev eth0 parent 1:200 handle 200: sfq perturb 10 tc qdisc add dev eth0 parent 1:210 handle 210: sfq perturb 10 tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip dst 192.168.1.0/24 match ip tos 0x10 0xff flowid 1:100 tc filter add dev eth0 parent 1: protocol ip prio 10 u32 match ip dst 192.168.2.0/24 match ip tos 0x10 0xff flowid 1:200 tc filter add dev eth0 parent 1: protocol ip prio 11 u32 match ip dst 192.168.1.0/24 match ip protocol 1 0xff flowid 1:100 tc filter add dev eth0 parent 1: protocol ip prio 11 u32 match ip dst 192.168.2.0/24 match ip protocol 1 0xff flowid 1:200 tc filter add dev eth0 parent 1: protocol ip prio 12 u32 match ip dst 192.168.1.0/24 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:100 tc filter add dev eth0 parent 1: protocol ip prio 12 u32 match ip dst 192.168.2.0/24 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:200 tc filter add dev eth0 parent 1: protocol ip prio 13 u32 match ip dst 192.168.1.0/24 match ip src 0.0.0.0/0 flowid 1:110 tc filter add dev eth0 parent 1: protocol ip prio 13 u32 match ip dst 192.168.2.0/24 match ip src 0.0.0.0/0 flowid 1:210 # Towards Internet Solutions (IS) tc qdisc del dev eth1 root 2> /dev/null > /dev/null tc qdisc del dev eth1 ingress 2> /dev/null > /dev/null tc qdisc add dev eth1 root handle 1: cbq bandwidth 100Mbit avpkt 1000 cell 8 tc class add dev eth1 parent 1: classid 1:1 cbq bandwidth 100Mbit rate 128kbit weight 12.8kbit allot 1514 prio 8 cell 8 maxburst 20 avpkt 1000 bounded tc class add dev eth1 parent 1:1 classid 1:10 cbq bandwidth 100Mbit rate 64kbit weight 6.4kbit allot 1514 prio 5 cell 8 maxburst 20 avpkt 1000 tc class add dev eth1 parent 1:1 classid 1:20 cbq bandwidth 100Mbit rate 64kbit weight 6.4kbit allot 1514 prio 5 cell 8 maxburst 20 avpkt 1000 tc class add dev eth1 parent 1:10 classid 1:100 cbq rate 60kbit allot 1514 prio 1 avpkt 1000 tc class add dev eth1 parent 1:10 classid 1:110 cbq rate 54kbit allot 1514 prio 2 avpkt 1000 tc class add dev eth1 parent 1:20 classid 1:200 cbq rate 60kbit allot 1514 prio 1 avpkt 1000 tc class add dev eth1 parent 1:20 classid 1:210 cbq rate 54kbit allot 1514 prio 2 avpkt 1000 tc qdisc add dev eth1 parent 1:100 handle 100: sfq perturb 10 tc qdisc add dev eth1 parent 1:110 handle 110: sfq perturb 10 tc qdisc add dev eth1 parent 1:200 handle 200: sfq perturb 10 tc qdisc add dev eth1 parent 1:210 handle 210: sfq perturb 10 tc filter add dev eth1 parent 1: protocol ip prio 10 u32 match ip src 192.168.1.0/24 match ip tos 0x10 0xff flowid 1:100 tc filter add dev eth1 parent 1: protocol ip prio 10 u32 match ip src 192.168.2.0/24 match ip tos 0x10 0xff flowid 1:200 tc filter add dev eth1 parent 1: protocol ip prio 11 u32 match ip src 192.168.1.0/24 match ip protocol 1 0xff flowid 1:100 tc filter add dev eth1 parent 1: protocol ip prio 11 u32 match ip src 192.168.2.0/24 match ip protocol 1 0xff flowid 1:200 tc filter add dev eth1 parent 1: protocol ip prio 12 u32 match ip src 192.168.1.0/24 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:100 tc filter add dev eth1 parent 1: protocol ip prio 12 u32 match ip src 192.168.2.0/24 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:200 tc filter add dev eth1 parent 1: protocol ip prio 13 u32 match ip dst 0.0.0.0/0 match ip src 192.168.1.0/24 flowid 1:110 tc filter add dev eth1 parent 1: protocol ip prio 13 u32 match ip dst 0.0.0.0/0 match ip src 192.168.2.0/24 flowid 1:210 # QoS: /sbin/iptables -t mangle -A PREROUTING -p tcp --sport 21 -j TOS --set-tos Minimize-Delay /sbin/iptables -t mangle -A PREROUTING -p tcp --sport 22 -j TOS --set-tos Minimize-Delay /sbin/iptables -t mangle -A PREROUTING -p tcp --sport 23 -j TOS --set-tos Minimize-Delay Regards David Herselman =- 12 Coronation Road http://www.syrex.co.za Sandhurst +27-(0)11-883-2246 Voice 2196 +27-(0)11-884-7945 Fax
