limiting bandwidth on a sequence of ports.

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello.
I have just started using iproute2 commands, and I am having a go at
making bittorrent use the same bandwidth for upload as for download. 

I am stuck I think in understanding speeds
I connect to the internet through a router modem which gets the real IP
and assigns me a private ip through dhcp. So this router can handle a
private network, and route it to the internet, pressumably with nat.
It is a 2wire ruter-modem

I have come up with the next small script, which doesn't works as I
expected:
------------
#!/bin/sh

DEV=eth0
NET="172.16.0.1/16"

# Internal network works at 100mbps, which is also supported by the
router. I don't understand burst that much, I used that value out of the
examples from the HOW-TO.
tc class add dev $DEV parent 1: classid 1:1 htb rate 100mbit burst 15k
#The ADS connection is 256/126 kbps, So I set up another class for
connections to the internet.
tc class add dev $DEV parent 1: classid 1:2 htb rate 128kbit burst 1024
                                                                                                                                                             
# These also out from the HOW-TO.
# I will filter the internal network 172.16.0.1/16 into the class 1:1,
and let class 1:2 be the default
tc qdisc add dev $DEV parent 1:1 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:2 handle 20: sfq perturb 10
                                                                                                                                                             
# Here I filter connections with a FLAG 20, which I assign through
iptables to every conection with destination network 172.16.0.1/16.
# So far so good
tc filter add dev $DEV parent 1:0 protocol ip prio 1 handle 20 fw flowid
1:1
iptables -A OUTPUT -t mangle -o $DEV -d $NET -j MARK --set-mark 20

# Now I want to limit badwidth for connections between the client (which
is running iptables here) and the internet in ports 6881:6999
# So I flag connections with source not in the private network, and
ports 6881:6999 with flag 21, and have an ingress qdisc created with id
ffff:0

tc qdisc add dev $DEV handle ffff: ingress
iptables -A PREROUTING -t mangle -i $DEV -s '!' $NET -p tcp
--source-port "6881:6999" -j MARK --set-mark 21
iptables -A PREROUTING -t mangle -i $DEV -s '!' $NET -p tcp
--destination-port "6881:6999" -j MARK --set-mark 21
# And add a filter to the ingress to drop packages that come faster than
128 kbps.
tc filter add dev $DEV parent ffff: protocol ip prio 5 handle 21 fw
police burst 5k rate 128kbps avrate 128kbps drop flowid :1

-----------------

Any Idea what am I doing wrong? If I lower the burst, which I Think I
haven't understood yet, to like 1k, the bandwidth will drop to zero.
Else, it will barely move. Maybe I got the rate wrong?

Just one extra question, the flowid I also got it from the examples, but
I havent found and explanation yet why its ":1" instead of a full id in
the examples.

Thank you for any advice you could give me.

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux