|
Hi!
I tried to make IMQ work for the past week, but i
keep getting a lot of trouble with it. First the latency is growing from 0.1ms
to 1.5ms and second the CPU usage is very high and is not very stable,
sometimes, after a day, there's a lot of packet loss. I'm using the latest
stable kernel 2.6.9 with latest imq patch. Is there any other alternative to IMQ
for limiting inbound and outbound traffic?
Will CLASSIFY from iptables work for both
upload and download?
I want to separate local traffic from internet
traffic, so can I create two classes, like this
| 1:1
|
| 1:10 | | 1:20 |
iptables -t nat -A PREROUTING -s 10.1.1.0/24 -j
CLASSIFY --set-class 1:10
(let's say for local traffic)
iptables -t nat -A PREROUTING -s 192.168.1.0/24 -j
CLASSIFY --set-class 1:20
now all local traffic will be in class 1:10 and
internet traffic in class 1:20 and i will make another class inside 1:10 for
every ip in lan.
tc class add dev eth0 parent 1:1 classid 1:10 htb
rate 100mbps
tc class add dev eth0 parent 1:10 classid 1:100 htb
rate 1000kbit ceil 1000kbit quantum 2000
tc qdisc add dev eth0 parent 1:100 handle 100: sfq
perturb 10
tc filter add dev eth0 parent 1:10 protocol ip prio
1 u32 match ip dst 10.1.1.1 flowid 1:100
Will this work? Also if i change -s with -d will it
work for upload?
PS: If i compile IMQ as a module after adding more
than a few rules in iptables with -j IMQ --to-dev 0 i cannot ping any host. It
is working for let's say 50-100, i don't know, but if i put more than 500 it
dies. If i compile it in kernel it is working with more than 500 but i get
packet loss after a while of using it..
|
