Re: RE: Control Traffic

[Daniel Phlander <daniel_phlander@xxxxxxxxx>]

Hi Andreas!

I mainly understand what you mean, I tried to fix something on the script, I don't know if I did it well.

Can you take another look on it please and if is wrong to make the corrections directly on it so that I see where the mistake is...

With this script I want to make limits for IP class 85.120.48.0/25 for international traffic in 256 KBps classes and for metropolitan traffic 100 MB or approximatively.

Thank you!

 

#!/bin/bash

### unitati de masura pt debit

# kbps - kilobytes per second

# mbps - megabytes per second

# kbit - kilbits per second

# mbit - megabits per second

EXT_IF="eth0"

INT_IF="eth1"

TC=/sbin/tc

IPTABLES=/sbin/iptables

# RATE DOWNLOAD

RAD_INET_ALL="1736kbit"

RAD_INET_LOW="64kbit"

RAD_INET_HIGH="256kbit"

RAD_METRO_ALL="90mbit"

RAD_METRO_LOW="70mbit"

RAD_METRO_HIGH="80mbit"

# RATE UPLOAD

RUP_INET_ALL="1536kbit"

RUP_INET="128kbit"

RUP_METRO_ALL="90mbit"

RUP_METRO="70mbit"

# RATA INTRANET

RATE_INTRA="80mbit"

DEST="85.120.48.128/25 192.171.172.0/24 10.10.10.0/24 217.156.110.86/32 193.226.18.0/24"

if [ "$1" = "status" ]

then

clear

echo "* [ discipline interfata $EXT_IF ]"

$TC qdisc show dev $EXT_IF

echo "* [ disciplinele interfata $INT_IF ]"

$TC qdisc show dev $INT_IF

echo "* [ clase interfata $EXT_IF ]"

$TC class show dev $EXT_IF

echo "* [ clase interfata $INT_IF ]"

$TC class show dev $INT_IF

echo "* [ filtre interfata $EXT_IF ]"

$TC filter show dev $EXT_IF

$TC filter show dev $EXT_IF parent 1:20

$TC filter show dev $EXT_IF parent 1:30

echo "* [ filtre interfata $INT_IF ]"

$TC filter show dev $INT_IF

$TC filter show dev $INT_IF parent 1:20

$TC filter show dev $INT_IF parent 1:30

echo

echo "* [ marcarea traficului ]"

$IPTABLES -n -t mangle -L POSTROUTING

exit

fi

$TC qdisc delete dev $EXT_IF root 2> /dev/null

$TC qdisc delete dev $INT_IF root 2> /dev/null

$TC qdisc delete dev $INT_IF ingress 2> /dev/null

$IPTABLES -t mangle -F POSTROUTING

if [ "$1" = "stop" ]

then

echo "[*] Managementul debitului este oprit."

exit

fi

### //// 1] Clasele pentru traficul metropolitan/internet pt ambele interfeþe:

$TC qdisc add dev $EXT_IF root handle 1: htb default 30

$TC class add dev $EXT_IF parent 1: classid 1:1 htb rate 100mbit

$TC class add dev $EXT_IF parent 1:1 classid 1:20 htb rate $RUP_METRO_ALL

$TC class add dev $EXT_IF parent 1:1 classid 1:30 htb rate $RUP_INET_ALL

$TC qdisc add dev $INT_IF root handle 1: htb default 30

$TC class add dev $INT_IF parent 1: classid 1:1 htb rate 100mbit

$TC class add dev $INT_IF parent 1:1 classid 1:20 htb rate $RAD_METRO_ALL

$TC class add dev $INT_IF parent 1:1 classid 1:30 htb rate $RAD_INET_ALL

### //// 2] Clasificarea explicita a traficului metropolitan

for i in $DEST; do

$TC filter add dev $EXT_IF parent 1: protocol ip u32 match ip dst $i flowid 1:20

$TC filter add dev $INT_IF parent 1: protocol ip u32 match ip src $i flowid 1:20

done

### Client 1 => #85.120.48.0/25

# class

$TC class add dev $EXT_IF parent 1:20 classid 1:21 htb rate $RUP_METRO

$TC class add dev $EXT_IF parent 1:30 classid 1:31 htb rate $RUP_INET

$TC class add dev $INT_IF parent 1:20 classid 1:21 htb rate $RAD_METRO_LOW ceil $RAD_METRO_HIGH

$TC class add dev $INT_IF parent 1:30 classid 1:31 htb rate $RAD_INET_LOW ceil $RAD_INET_HIGH

 

# MARK

$IPTABLES -t mangle -A POSTROUTING -o $EXT_IF -s 85.120.48.0/25 -j MARK --set-mark 1

$IPTABLES -t mangle -A POSTROUTING -o $INT_IF -d 85.120.48.0/25 -j MARK --set-mark 1

 

# clasificare

$TC filter add dev $EXT_IF parent 1:20 protocol ip handle 1 fw flowid 1:21

$TC filter add dev $EXT_IF parent 1:30 protocol ip handle 1 fw flowid 1:31

$TC filter add dev $INT_IF parent 1:20 protocol ip handle 1 fw flowid 1:21

$TC filter add dev $INT_IF parent 1:30 protocol ip handle 1 fw flowid 1:31

 

echo "[*] Managementul debitului este activ."

lartc-request@xxxxxxxxxxxxxxx wrote:

Send LARTC mailing list submissions to
lartc@xxxxxxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
or, via email, send a message with subject or body 'help' to
lartc-request@xxxxxxxxxxxxxxx

You can reach the person managing the list at
lartc-owner@xxxxxxxxxxxxxxx

When replying, please edit your Subject line so it is more specific
than "Re: Contents of LARTC digest..."


Today's Topics:

1. Re: Traffic Control (Andreas Klauer)
2. Re: LARTC Digest, Vol 7, Issue 6 (Gobbledegeek)
3. ip route add default mpath (rr| drr|random|wrandom)... (Krzysiek)


----------------------------------------------------------------------

Message: 1
Date: Sun, 25 Sep 2005 12:09:52 +0200
From: Andreas Klauer
Subject: Re: Traffic Control
To: lartc@xxxxxxxxxxxxxxx
Message-ID: <200509251209.52461.Andreas.Klauer@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-15"

On Sunday 25 September 2005 07:37, Daniel Phlander wrote:
> I made a script as the attached one but it doesn't make any limit and I
> can't figure out what the problem is.

This is only a quick guess by glancing at your script, but it seems that
your HTB class tree is messed up. You have 'only child' classes - a parent
with only one child does not make sense, a child class needs at least one
sibling. Your default/filter rules point to parent classes, which won't
work. You must put packets into leaf classes. Attach filter rules to the
qdisc (attaching them to classes may not work) and have them point to leaf
classes (make sure the default class is a leaf class as well).

HTH
Andreas


------------------------------

Message: 2
Date: Mon, 26 Sep 2005 12:25:34 +0530
From: Gobbledegeek
Subject: Re: LARTC Digest, Vol 7, Issue 6
To: lartc@xxxxxxxxxxxxxxx
Message-ID: <463aea57050925235541c3820e@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1

>
> 1. iproute2/nano-howto: dual external routing, a "virtual
> subnet" (/dev/rob0)
>
> Success!! I played around with this off and on all day, and now it
> works. I turned on /proc/sys/net/ipv4/conf/dummy0/proxy_arp (how can
> the interface be flagged NOARP and yet do proxy ARP?)

Hmm there are a few arp patches on julians pages for lvs.. read
their readme's to find out how they are applicable....


Rgrds


------------------------------

Message: 3
Date: 26 Sep 2005 09:56:18 +0200
From: Krzysiek
Subject: [LARTC] ip route add default mpath (rr|
drr|random|wrandom)...
To: lartc@xxxxxxxxxxxxxxx
Message-ID: <20050926075618.721CC173E66@xxxxxxxxxxxxxxxxx>
Content-Type: TEXT/plain; CHARSET=ISO-8859-2

Anyone using it? I've tried but after about 5 min I always get kernel panic. My setup is based on nano.txt. I works well but only if CONFIG_IP_ROUTE_MULTIPATH_CACHED=n. I just wanted to play with the new mpath feature of ip. But enabling CONFIG_IP_ROUTE_MULTIPATH_CACHED always resuts in kernel panic. I'm not using any kernel patches from http://www.ssi.bg/~ja/ - are they needed at all? - They do not apply cean. The kernel is 2.6.13.
This configuration does not work:
CONFIG_IP_ROUTE_MULTIPATH=y
CONFIG_IP_ROUTE_MULTIPATH_CACHED=y
CONFIG_IP_ROUTE_MULTIPATH_RR=m
CONFIG_IP_ROUTE_MULTIPATH_RANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_WRANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_DRR=m

How should i use these modules? ip route add default mpath (rr| drr|random|wrandom)... does not load the appropriate module automatically. Loading them manualy changes nothing. And issuing this command on kernel where this feature is not enebled does not report any error.

Krzysiek


----------------------------------------------------------------------
Sa niesamowite, zobaczysz... ;-) >>> link http://link.interia.pl/f18b9



------------------------------

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc


End of LARTC Digest, Vol 7, Issue 7
***********************************

Cu respect,
Daniel Sandulescu

Telefon: 0722-217018  0788-656.946				   
Tel/Fax: 0245-614556			   
E-mail : office@xxxxxxxxxx

---

Yahoo! for Good
 
Click here to donate to the Hurricane Katrina relief effort. 
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc