On Monday 24 May 2004 18:37, George Adams wrote: > My previous message > (http://mailman.ds9a.nl/pipermail/lartc/2004q2/012285.html) didn't generate > any replies, so I thought I'd try posting what I've done trying to solve my > own problem, in hopes that someone will take pity and show me if/where I'm > going wrong. > > Just to recap, I'm trying to accomplish this on my server, which streams > RealAudio files and allows HTTP downloads of large files. > > 1) SSH connections (port 22) (i.e. me connecting remotely) should get all > the bandwidth they can consume (highest priority). > > 2) RealAudio streaming clients (port 554) should get all the bandwidth left > after #1 that they can consume. > > 3) Web downloaders (port 80) should get all the bandwidth left after #1 and > #2 that they can consume (lowest priority). > > I've tried adapting an existing tcng script into this: I had little success using TCNG, although it was a nice tool to use and the ruleset is easy and straight forward. I am having considerable, nearly out-of-the-box success using IPTables with the CLASSIFY extension (for 2.4 and 2.6) and a few raw `tc` commands to create the actual shaping classes. <snip> > class ( <$ssh> ) if tcp_sport == 22 ; > class ( <$audio> ) if tcp_sport == 554 || tcp_sport == 7070 ; > class ( <$web> ) if tcp_sport == 80 ; > class ( <$other> ) if 1 ; ^^^^^^^^^^^^^ You grab those with IPTables and CLASSIFY, or if you really must, you can just use the MARK target and some extra `tc` filters to catch those marks. > htb () { > class ( rate 600kbps, ceil 600kbps ) { > $ssh = class ( rate 64kbps, ceil 128kbps ) { sfq; } ; > $audio = class ( rate 128kbps, ceil 128kbps ) { sfq; } ; > $web = class ( rate 256kbps, ceil 512kbps ) { sfq; } ; > $other = class ( rate 128kbps, ceil 384kbps ) { sfq; } ; > } > } Not too bad: tc qdisc add dev eth0 root handle 1: htb default 90 tc class add dev eth0 parent 1: classid 1:1 htb rate 600kbit ceil 600kbit tc class add dev eth0 parent 1:1 classid 1:10 htb rate 64kbit ceil 128kbit ... tc class add dev eth0 parent 1:1 classid 1:90 htb rate 8kbit ceil 64kbit SFQ for each: tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 20 ... tc qdisc add dev eth0 parent 1:90 handle 90: sfq perturb 20 Replace 'eth0' with your actual Internet facing interface. <snip tcc output> > I've tried loading them into tc, but I'm not really sure if it's working or > not. The only way I could think to test it was to get a friend (in another > state) to trying download 3 files via HTTP, which would normally cause my > SSH sessions to slow to a crawl. The 3 downloads started, and it still > seemed like the latency in my SSH sessions was high (i.e. it didn't appear > that they had any priority over the HTTP downloads). SSH is a lot of fun, and it doesn't flag things like tunnels or `scp` with the TOS flags that it should, so bear in mind without tweaks you will suffer if you perform any of those activities while using any SSH terminal sessions. Here's a rule to match all outbound packets trying to hit port 80 (i.e. HTTP requests by me to external sites): $IPTABLES -t mangle -A POSTROUTING -o $LOCALIF -p tcp --dport 80 \ -j CLASSIFY --set-class 1:20 Classify simply assigns it to the correct class, which will be whatever you define. I believe it only works in the POSTROUTING chain, however. > So am I totally on the wrong track here? Or am I on the right track but > just needing some tweaks to my script? > > Thanks to anyone who can help - I need it! Enjoy. -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
