Hi,
I have a question about policy filters. All I want is incoming traffic
being restricted to a specific rate. At the moment, I get way lower rates
than specified. So far, I did use a filter much like Wondershaper does:
tc filter add dev $DEV parent ffff: protocol ip prio 50 \
u32 match ip src 0.0.0.0/0 \
police rate ${DOWNLINK}kbit burst 10k drop flowid :1
However, it seems that this doesn't work well for all rates. After a change
of the DOWNLINK value, I found that this filter dropped far too many
packets (resulting rate was somewhat 1/10 of DOWNLINK). It looks like this
has something to do with the 'burst' parameter.
LARTC Howto says: "If your buffer is too small, packets may be dropped
because more tokens arrive per timer tick than fit in your bucket." So I
thought, hum, maybe 10k burst is too small. However, when I raised the
value to 20, 30, 40k, the rate got even worse.
Since I don't have any real idea what this burst parameter actually does,
is here anyone with the experience which values are best to use? Since it
seems to depend on the rate used, I'd prefer some kind of formula that
calculates the ideal burst/buffer/maxburst (what's the difference?) value
depending on $DOWNLINK.
For the time being, I just removed the ingress altogether, since I already
have HTB shaping in both directions (on ppp0 for outgoing, and eth1 for
incoming). Does ingress even make sense when there's already HTB on the
LAN device to do the shaping? I thought it may be a good thing since it
considers local incoming traffic, too.
TIA,
Andreas
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
