I copied and tried to adapt to my necessities the
excellent script of Pedro Larroy, but I am inexperienced in QoS and I have
doubts.
I have cablemodem to Internet 1024kbit down
and 256kbit up, through eth0. The LAN has eth1 and NAT.
I formed the band so that shaping goes by
the eth1 (of the LAN) with bandwidth maximum CEIL=768.
But I observe that the traffic sometimes
accelerates and other moments stops.
Please, you they could say to me what is bad of
script that I paste below??? (iptables mangle mark ports 54xxx is for
emule)
Thanks for its patience.
----------paste
script-------------------------------------------------
CEIL=768
#Primero borrar todas las bandas que pudiera
haber
tc qdisc del dev eth1 root
#Se crea la banda principal root 1, cuyos paquetes
por defecto van a la banda 1
tc qdisc add dev eth1 root handle 1: htb default
15
tc class add dev eth1 parent 1: classid 1:1 htb
rate ${CEIL}kbit ceil ${CEIL}kbit
tc class add dev eth1 parent 1:1 classid 1:10 htb
rate 270kbit ceil 270kbit prio 0
tc class add dev eth1 parent 1:1 classid 1:11 htb
rate 270kbit ceil ${CEIL}kbit prio 1
tc class add dev eth1 parent 1:1 classid 1:12 htb
rate 68kbit ceil ${CEIL}kbit prio 2
tc class add dev eth1 parent 1:1 classid 1:13 htb
rate 68kbit ceil ${CEIL}kbit prio 2
tc class add dev eth1 parent 1:1 classid 1:14 htb
rate 34kbit ceil ${CEIL}kbit prio 3
tc class add dev eth1 parent 1:1 classid 1:15 htb
rate 100kbit ceil ${CEIL}kbit prio 1
#Se asocia la cola sfq con la banda
hija
tc qdisc add dev eth1 parent 1:11 handle 110: sfq
perturb 10
tc qdisc add dev eth1 parent 1:12 handle 120: sfq
perturb 10
tc qdisc add dev eth1 parent 1:13 handle 130: sfq
perturb 10
tc qdisc add dev eth1 parent 1:14 handle 140: sfq
perturb 10
tc qdisc add dev eth1 parent 1:15 handle 150: sfq
perturb 10
#Se asocian las marcas que hubiera en iptables
mangle con las bandas respectivas
tc filter add dev eth1 protocol ip parent 1:0 prio
1 handle 1 fw classid 1:10
tc filter add dev eth1 protocol ip parent 1:0 prio
2 handle 2 fw classid 1:11
tc filter add dev eth1 protocol ip parent 1:0 prio
3 handle 3 fw classid 1:12
tc filter add dev eth1 protocol ip parent 1:0 prio
4 handle 4 fw classid 1:13
tc filter add dev eth1 protocol ip parent 1:0 prio
5 handle 5 fw classid 1:14
tc filter add dev eth1 protocol ip parent 1:0 prio
6 handle 6 fw classid 1:15
#Se dan las reglas iptables para marcar lo que nos
interesa
$IPTABLES -t mangle -A PREROUTING -p icmp -j MARK
--set-mark 0x1
$IPTABLES -t mangle -A PREROUTING -p icmp -j
RETURN
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Minimize-Delay -j MARK --set-mark 0x1
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Minimize-Delay -j RETURN
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Minimize-Cost -j MARK --set-mark 0x5
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Minimize-Cost -j RETURN
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Maximize-Throughput -j MARK --set-mark 0x6
$IPTABLES -t mangle -A PREROUTING -m tos --tos
Maximize-Throughput -j RETURN
#Esto prioriza paquetes del puerto
seteado
$IPTABLES -t mangle -A PREROUTING -p tcp -m tcp
--sport 80 -j MARK --set-mark 0x2
$IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 80 -j RETURN $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 80 -j MARK --set-mark 0x2 $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 80 -j RETURN $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54661 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54661 -j RETURN $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54662 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54662 -j RETURN $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 56881 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 56881 -j RETURN $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54711 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --sport 54711 -j RETURN $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 54665 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 54665 -j RETURN $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 54672 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 54672 -j RETURN $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 56881 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A PREROUTING -p udp -m udp --sport 56881 -j RETURN #Esto prioriza paquetes al comienzo de conexiones
tcp con SYN flag
$IPTABLES -t mangle -A PREROUTING -p tcp -m tcp
--tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x1
$IPTABLES -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j RETURN #Cierra reglas de la tabla prerouting
mangle
$IPTABLES -t mangle -A PREROUTING -j MARK
--set-mark 0x6
#Todo lo mismo que lo anterior, pero en OUTPUT,
para trafico generado localmente
$IPTABLES -t mangle -A OUTPUT -p icmp -j MARK
--set-mark 0x1
$IPTABLES -t mangle -A OUTPUT -p icmp -j
RETURN
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Minimize-Delay -j MARK --set-mark 0x1
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Minimize-Delay -j RETURN
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Minimize-Cost -j MARK --set-mark 0x5
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Minimize-Cost -j RETURN
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Maximize-Throughput -j MARK --set-mark 0x6
$IPTABLES -t mangle -A OUTPUT -m tos --tos
Maximize-Throughput -j RETURN
#Esto prioriza paquetes del puerto
seteado
$IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport
80 -j MARK --set-mark 0x2
$IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 80 -j RETURN $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 80 -j MARK --set-mark 0x2 $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 80 -j RETURN $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54661 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54661 -j RETURN $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54662 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54662 -j RETURN $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 56881 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 56881 -j RETURN $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54711 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --sport 54711 -j RETURN $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 54665 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 54665 -j RETURN $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 54672 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 54672 -j RETURN $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 56881 -j MARK --set-mark 0x6 $IPTABLES -t mangle -A OUTPUT -p udp -m udp --sport 56881 -j RETURN #Esto prioriza paquetes al comienzo de conexiones
tcp con SYN flag
$IPTABLES -t mangle -A OUTPUT -p tcp -m tcp
--tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x1
$IPTABLES -t mangle -A OUTPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j RETURN #Cierra reglas de la tabla OUTPUT
mangle
$IPTABLES -t mangle -A OUTPUT -j MARK --set-mark
0x3
--------------------------end
paste---------------------------------------------- |
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc