[LARTC] Traffic shapping - problems with filtering & need your comments

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey everyone,
Yes, I have read the docs and the man pages and the examples bla bla ;-).
Ok, here is my setup:
Linux - router, 4 interfaces (3 hardware & 1 virtual), which follow:
eth0 - optical fiber 100mbit full-duplex (limited by the ISP at 10mbit
full duplex - like it's connected @ 100mbit full-dupex but I can't get
more than 1.2, 1.3MB/s);
eth1 & eth2 (with two aliases on eth1), the interfaces I need to do
routing for;
kappa0 - gre tunnel over eth0 - dunno if it matters, but to be safe, I
include it here.
This is what I want to do: I want to prioritize and guarantee bandwidth
for important traffic (which is web, smtp, ssh, irc, pop, imap) and let
the bulk traffic (peer to peer, ftp etc.) come second.
So I've attached a HTB root qdisc to eth0, then two HTB classes; the one
for the important traffic has a prio qdisc which has sfq leaves.
This is what I've done:
----*excerpts for the shapping script*----
tc qdisc add dev eth0 root handle 1: htb default 12
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit burst 12kb
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 4mbit ceil 10mbit \
    burst 6kb prio 1
tc class add dev eth0 parent 1:1 classid 1:12 htb rate 6mbit ceil 10mbit \
    burst 6kb prio 2
tc qdisc add dev eth0 parent 1:12 sfq perturb 10
tc qdisc add dev eth0 parent 1:11 handle 11: prio
tc qdisc add dev eth0 parent 11:1 sfq perturb 10
tc qdisc add dev eth0 parent 11:2 sfq perturb 10
tc qdisc add dev eth0 parent 11:3 sfq perturb 10
----*end*----
That's my basic setup (hope it's correct). I've addded the prio qdisc to
minimize latency for some applications (like ssh, irc etc.).
I would like to hear any comments on the above...
Now, regarding filtering. Say I want to direct web traffic to class 11:3.
Why doesn't this work (or what's wrong with what I understand about
filtering)?
tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip \
    dport 80 0xffff flowid 11:3
I guess that's about all (for the moment :-;), thanks alot for your time,
and I'm eager to hear your comments, suggestions etc.

Best regards,
Radu-Mihail Obada
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux