On Monday 22 September 2003 10:24, al@xxxxxxxxxxxxxxxxx wrote:
> Ok, so I'm working on a traffic shaping configuration to roll out for my
> employers. However I'm no wizard @ this and have a few concerns.
>
> My script (attached) is completely hacked on wondershaper. What I need to
> do differently from wondershaper is I need seperate throttles for local and
> international traffic (I have a list of all the netblocks in my country).
>
> [QUERY 1]
>
> It's important for me to understand tc's rule matching properly: is the
> first matching rule taken or do multiple matches apply? At first I had
> duplicated all the rules for international and local traffic, with the
> rules for local traffic including a match ip dst $i for each local IP
> block. Now I match those addresses only and assign a flowid, which I make
> all my other rules children of- this will work?
First match is taken. The prio parameter can be used to change the order the
filters are matched.
> [QUERY 2]
>
> Ok, this is a strange one. In script attached you will find rules for
> TCP/ACK and ICMP matching, twice for local and international traffic. The
> rules for international traffic result in an "illegal "match"" unless I add
> them first in which case the local rules result in an "illegal "match""-
> what am I doing wrong?
No idea.
> [QUERY 3]
>
> How slow is tc's matching? I need a few rules, for about 800 IP blocks. Is
> there a way for me to index this?
The u32 is a fast filter.
> [QUERY 4]
>
> In-bound filtering: How to filter at different rates for local &
> international traffic?
Incoming traffic can be rate limited with a policer attached to filters. But
this is not very powerfull. If you have a dedicated shaping box, you can
shape on both interfaces. Or you can try to patch your kernel and iptables
binary so you can use the virutal imq devive.
> [QUERY 5]
>
> At first I had assumed these rules only apply to packets being routed?-
> Having run this on our mailserver and having users complain about slow-down
> :D I now know this is not the case. Does some-one have an example of how to
> implement tc on a machine which is used to provide services to a local
> network as-well?
Adding a qdisc to an interface shapes the outgoing traffic. No matters if
this is on a router or on a server.
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
