Hi,
My home setup is as following:
- 1024/128 kbit ADSL
- FC3
I set up HTB to prioritize traffic. I am not very pleased with the
obtained results.
The scope of my setup is to have some ssh sessions with remote servers
while browsing websites and running aMule Nothing complicated (I
think... ;).
The very high priority traffic (ssh), gets stuck when I start aMule and
make an FTP download. Although there is an improvement.
High priority (WEB) traffic has some delay when I have a lot of bulk
traffic (aMule, FTP). It waits a few seconds for DNS lookup, and other
synchronizations and then in a blink of the eye the whole page appears.
I think that this means that the queue is still to long.
So, I have some questions:
1) Do I need to use ppp0 or eth0 for shaping traffic?
2) Are the default values for quantum, burst, cburst acceptable or
should I tune these values?
3) I've seen in some tutorials that decreasing the queue (as I know it
is 100 in Linux as the default) with #ip link set dev eth0 qlen, they
have been obtained better results. Should I try to decrease the queue?
To what value?
3) The same with mtu. A less value (ex 1000) should be better?
4) If your are in my situation (ADSL – for home), what is your htb
configuration?
5)Does it worth configuring policing for inbound traffic (with imq)?
6)So, am I on the right way with my script or should I change it
fundamental?
In my setup I have 3 categories of traffic:
1)very high priority traffic: ssh, DNS, ACK, SYN+ACK, RST, FIN+ACK
(40kbit > CEIL)
2) high priority traffic: web, online radio, online tv (72kbit->CEIL)
3)low priority traffic - default class: aMule, P2P, other type of
traffic(8Kbit->CEIl)
THANKS,
ddaas
My htb script is:
#!/bin/bash
YAHOOMSG="216.155.193.0/24"
RADIO="xxx.xxx.xxx.xxx"
TRI="xxx.dnsalias.net"
TV="xxx.xxx.xxx.xxx"
DNSSERVER="217.237.150.225"
IF="ppp0"
CEIL="120"
#flush everything
tc qdisc del dev $IF root
iptables -F OUTPUT -t mangle
#root qdisc
tc qdisc add dev $IF root handle 1: htb default 12
#class 1:1 attached to root qdisc
tc class add dev $IF parent 1: classid 1:1 htb rate ${CEIL}kbit ceil
${CEIL}kbit
#class 1:10 -> 40kbit-CEIL for ACK,SSH
tc class add dev $IF parent 1:1 classid 1:10 htb rate 40kbit ceil
${CEIL}kbit prio 1
#class 1:11 (web,radio,tv)
tc class add dev $IF parent 1:1 classid 1:11 htb rate 72kbit ceil
${CEIL}kbit prio 2
#default class 1:12 for bulk traffic (aMule, ftp)
tc class add dev $IF parent 1:1 classid 1:12 htb rate 8kbit ceil
${CEIL}kbit prio 5
#mark ack,syn ack,rst,fin, ssh packets and add them to class 1:10 (high
prioroty)
iptables -A OUTPUT -t mangle -o $IF -p tcp --sport 22 -j MARK --set-mark 1
iptables -A OUTPUT -t mangle -o $IF -p tcp --sport 22 -j RETURN
iptables -A OUTPUT -t mangle -o $IF -p tcp --dport 22 -j MARK --set-mark 1
iptables -A OUTPUT -t mangle -o $IF -p tcp --dport 22 -j RETURN
iptables -A OUTPUT -t mangle -o $IF -p tcp --tcp-flags SYN,RST,ACK
SYN,FIN -j MARK --set-mark 1
iptables -A OUTPUT -t mangle -o $IF -p tcp --tcp-flags SYN,RST,ACK
SYN,FIN -j RETURN
#mark dns packets
iptables -A OUTPUT -t mangle -o $IF -d $DNSSERVER -j MARK --set-mark 1
iptables -A OUTPUT -t mangle -o $IF -d $DNSSERVER -j RETURN
tc filter add dev $IF parent 1: protocol ip handle 1 fw classid 1:10
#mark www,radio,tv,tri,yahoomsg
iptables -A OUTPUT -t mangle -o $IF -p tcp -m multiport --dports 80,443
-j MARK --set-mark 2
iptables -A OUTPUT -t mangle -o $IF -d $RADIO -p tcp --dport 8000 -j
MARK --set-mark 2
iptables -A OUTPUT -t mangle -o $IF -d $YAHOOMSG -p tcp --dport 5050 -j
MARK --set-mark 2
iptables -A OUTPUT -t mangle -o $IF -d $TV -p tcp -m multiport --dports
554,6970 -j MARK --set-mark 2
iptables -A OUTPUT -t mangle -o $IF -d $TRI -j MARK --set-mark 2
tc filter add dev $IF parent 1: protocol ip handle 2 fw classid 1:11
#other type of traffic in default class 1:12
tc qdisc add dev $IF parent 1:10 handle 100: sfq perturb 10
tc qdisc add dev $IF parent 1:11 handle 110: sfq perturb 10
tc qdisc add dev $IF parent 1:12 handle 120: sfq perturb 10
##INGRESS - drop everithing over 1000kbit
tc qdisc del dev $IF ingress
tc qdisc add dev $IF handle ffff: ingress
tc filter add dev $IF parent ffff: protocol ip prio 10 u32 match \
ip src 0.0.0.0/0 police rate 1000kbit burst 80kbit drop flowid :1
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
