Re: htb and fw problems

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ok, 
here's my new htb config

#!/bin/bash

tc qdisc del dev eth1 root

tc qdisc add dev eth1 root handle 1: htb default 80 debug 3333333
tc class add dev eth1 parent 1: classid 1:1 htb rate 60kbit ceil 60kbit
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 20kbit ceil 65kbit prio 3
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 10kbit ceil 15kbit prio 0
tc class add dev eth1 parent 1:1 classid 1:30 htb rate 5kbit ceil 11kbit prio 2
tc class add dev eth1 parent 1:1 classid 1:40 htb rate 20kbit ceil 23kbit prio 1
tc class add dev eth1 parent 1:1 classid 1:80 htb rate 5kbit ceil 10kbit prio 4

tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10
tc qdisc add dev eth1 parent 1:80 handle 80: sfq perturb 10



tc filter add dev eth1 parent 1:0 protocol ip  handle 1 fw flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip  handle 2 fw flowid 1:20
tc filter add dev eth1 protocol ip parent 1:0  handle 3 fw flowid 1:30
tc filter add dev eth1 parent 1:0 protocol ip handle  4 fw flowid 1:40
tc filter add dev eth1 protocol ip parent 1:0  handle 80 fw flowid 1:80

whith the same effect.
Thanks for pointing out the parent's rate. it's my mistakes ^_^


> > > > > Here's my iptables rules*mangle
> > > > > :PREROUTING ACCEPT [1061:863210]
> > > > > :INPUT ACCEPT [1022:857788]
> > > > > :FORWARD ACCEPT [0:0]
> > > > > :OUTPUT ACCEPT [947:201743]
> > > > > :POSTROUTING ACCEPT [947:201743]
> > > > > -N personal
> > > > > -N others
> > > > > -N personal1
> > > > > #-A OUTPUT -p tcp -m tcp --sport 3128 -j MARK --set-mark 0x2
> > > > > -A OUTPUT -p tcp -m tcp --sport 3128 --destination 192.168.1.145 -j
> > > > personal
> > > > > #-A OUTPUT -p tcp -m tcp --dport 80 -j MARK --set-mark 20
> > > > > -A OUTPUT -p tcp -m tcp --dport 80 -j others
> > > > > -A personal -j MARK --set-mark 40
> > > > > -A others -j MARK --set-mark 20
> > > > >
> > > > >
> > > > > Here's my iptables -L -v -t mangle -x output
> > > > > Chain PREROUTING (policy ACCEPT 580535 packets, 176796832 bytes)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >
> > > > > Chain INPUT (policy ACCEPT 573475 packets, 174919251 bytes)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >
> > > > > Chain FORWARD (policy ACCEPT 5656 packets, 1810367 bytes)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >
> > > > > Chain OUTPUT (policy ACCEPT 598621 packets, 392036436 bytes)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >    11105 14785525 personal   tcp  --  any    any     anywhere
> > > > 192.168.1.145       tcp spt:webcache
> > > > >    28465  2233910 others     tcp  --  any    any     anywhere
> > > > anywhere            tcp dpt:www
> > > > >
> > > > > Chain POSTROUTING (policy ACCEPT 604295 packets, 393851150 bytes)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >
> > > > > Chain others (1 references)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >    28465  2233910 MARK       all  --  any    any     anywhere
> > > > anywhere            MARK set 0x14
> > > > >
> > > > > Chain personal (1 references)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >    11105 14785525 MARK       all  --  any    any     anywhere
> > > > anywhere            MARK set 0x28
> > > > >
> > > > > Chain personal1 (0 references)
> > > > >     pkts      bytes target     prot opt in     out     source
> > > > destination
> > > > >
> > > > > Here's my
> > > > >
> > > > > /sbin/tc -s qdisc show dev eth1
> > > > >
> > > > > qdisc sfq 80: limit 128p quantum 1514b perturb 10sec
> > > > >  Sent 386 bytes 5 pkts (dropped 0, overlimits 0)
> > > > > qdisc sfq 40: limit 128p quantum 1514b perturb 10sec
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > > qdisc sfq 30: limit 128p quantum 1514b perturb 10sec
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > > qdisc sfq 20: limit 128p quantum 1514b perturb 10sec
> > > > >  Sent 12272 bytes 72 pkts (dropped 0, overlimits 0)
> > > > > qdisc sfq 10: limit 128p quantum 1514b perturb 10sec
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > > qdisc htb 1: r2q 10 default 80 direct_packets_stat 0
> > > > >  Sent 12658 bytes 77 pkts (dropped 0, overlimits 0)
> > > > >
> > > > >
> > > > > tc -s -d filter show dev eth1
> > > > >
> > > > > filter parent 1: protocol ip pref 49151 fw
> > > > > filter parent 1: protocol ip pref 49151 fw handle 0x50 classid 1:80
> > > > > filter parent 1: protocol ip pref 49151 fw
> > > > > filter parent 1: protocol ip pref 49151 fw handle 0x28 classid 1:40
> > > > > filter parent 1: protocol ip pref 49151 fw
> > > > > filter parent 1: protocol ip pref 49151 fw handle 0x1e classid 1:30
> > > > > filter parent 1: protocol ip pref 49151 fw
> > > > > filter parent 1: protocol ip pref 49151 fw handle 0x14 classid 1:20
> > > > > filter parent 1: protocol ip pref 49152 fw
> > > > > filter parent 1: protocol ip pref 49152 fw handle 0xa classid 1:10
> > > > >
> > > > >
> > > > > tc -s class  show dev eth1
> > > > >
> > > > > class htb 1:1 root rate 520Kbit ceil 520Kbit burst 2264b cburst
> 2264b
> > > > >  Sent 174465 bytes 1142 pkts (dropped 0, overlimits 0)
> > > > >  rate 712bps 5pps
> > > > >  lended: 4 borrowed: 0 giants: 0
> > > > >  tokens: 34107 ctokens: 34107
> > > > >
> > > > > class htb 1:10 parent 1:1 leaf 10: prio 3 rate 160Kbit ceil 280Kbit
> > > burst
> > > > 1803b cburst 1957b
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > >  lended: 0 borrowed: 0 giants: 0
> > > > >  tokens: 90199 ctokens: 55942
> > > > >
> > > > > class htb 1:20 parent 1:1 leaf 20: prio 0 rate 40Kbit ceil 80Kbit
> burst
> > > > 1650b cburst 1701b
> > > > >  Sent 115721 bytes 990 pkts (dropped 0, overlimits 0)
> > > > >  rate 340bps 3pps
> > > > >  lended: 990 borrowed: 0 giants: 0
> > > > >  tokens: 320599 ctokens: 165400
> > > > >
> > > > > class htb 1:30 parent 1:1 leaf 30: prio 2 rate 64Kbit ceil 88Kbit
> burst
> > > > 1680b cburst 1711b
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > >  lended: 0 borrowed: 0 giants: 0
> > > > >  tokens: 210124 ctokens: 155635
> > > > >
> > > > > class htb 1:40 parent 1:1 leaf 40: prio 1 rate 184Kbit ceil 320Kbit
> > > burst
> > > > 1834b cburst 2008b
> > > > >  Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > > > >  lended: 0 borrowed: 0 giants: 0
> > > > >  tokens: 79781 ctokens: 50224
> > > > >
> > > > > class htb 1:80 parent 1:1 leaf 80: prio 4 rate 64Kbit ceil 80Kbit
> burst
> > > > 1680b cburst 1701b
> > > > >  Sent 58744 bytes 152 pkts (dropped 0, overlimits 0)
> > > > >  rate 3Kbit 1pps
> > > > >  lended: 148 borrowed: 4 giants: 0
> > > > >  tokens: 202125 ctokens: 163799
> > > > > _______________________________________________
> > > > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> > > > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
> http://lartc.org/
> > > >
> > >
> > > _______________________________________________
> > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> > >
> > _______________________________________________
> > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> 
> _______________________________________________
> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> 
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux