Thank you for your response.
I do know how to shape a specific direction of traffic. Given that I am the ISP sitting between the customer and the Internet, it is trivial for me to shape both directions.
Based on your response, I take it that 'tc filter' takes more of a performance hit than iptables?
And yes, I have read the LARTC HOWTO and Google'd extensively. This is my current rough draft based on my specifications:
#!/sbin/runscript
start_test() {
PIPEID="1000"
USERNAME="test"
BASEUPLOAD="256"
BASEDOWNLOAD="384"
MAXUPLOAD="768"
BURSTUPLOAD=${MAXUPLOAD}
BURSTLENGTHUPLOAD="2000"
MAXDOWNLOAD="1500"
BURSTDOWNLOAD=${MAXDOWNLOAD}
BURSTLENGTHDOWNLOAD="2000"
VOIPBASEUPLOAD="80"
VOIPMAXUPLOAD="128"
VOIPSHAREDUPLOAD=${VOIPSHAREDUPLOAD}
VOIPBASEDOWNLOAD="80"
VOIPMAXDOWNLOAD="128"
VOIPSHAREDDOWNLOAD=${VOIPSHAREDDOWNLOAD}
VOIPLATENCY="30"
P2PBASEUPLOAD="0"
P2PMAXUPLOAD="256"
P2PSHAREDUPLOAD=${P2PMAXUPLOAD}
P2PBASEDOWNLOAD="0"
P2PMAXDOWNLOAD="384"
P2PSHAREDDOWNLOAD=${P2PMAXDOWNLOAD}
GENBASEUPLOAD="168"
GENMAXUPLOAD="768"
GENSHAREDUPLOAD=${GENMAXUPLOAD}
GENBASEDOWNLOAD="384"
GENMAXDOWNLOAD="1500"
GENSHAREDDOWNLOAD=${GENMAXDOWNLOAD}
start_user
M1=00; M2=07; M3=BA; M4=25; M5=21; M6=B7;
start_mac
}
setup_main_devices() {
einfo "Starting bandwidth management on interfaces ..."
einfo " - Creating qdiscs on interfaces ..."
CMD="tc qdisc add dev eth0 root handle 1: hfsc default 1"
docmd
CMD="tc qdisc add dev eth1 root handle 2: hfsc default 1"
docmd
CMD="tc class add dev eth0 parent 1:0 classid 1:1 hfsc ls m2 100Mbit ul m2 100Mbit"
docmd
CMD="tc class add dev eth1 parent 2:0 classid 2:1 hfsc ls m2 100Mbit ul m2 100Mbit"
docmd
}
start_user() {
einfo "Starting bandwidth management for ${USERNAME} ..."
einfo " - Creating classes on eth0 for upload control ..."
CMD="tc class add dev eth0 parent 1:0 classid 1:${PIPEID} hfsc ls m1 ${BURSTUPLOAD}Kbit d ${BURSTLENGTHUPLOAD}ms m2 ${BASEUPLOAD}Kbit ul m2 ${MAXUPLOAD}Kbit"
docmd
CMD="tc class add dev eth0 parent 1:${PIPEID} classid 1:${PIPEID}0 hfsc sc umax 1500b dmax ${VOIPLATENCY}ms rate ${VOIPBASEUPLOAD}Kbit"
docmd
CMD="tc class add dev eth0 parent 1:${PIPEID} classid 1:${PIPEID}1 hfsc ls m2 ${P2PSHAREDUPLOAD}Kbit ul m2 ${P2PMAXUPLOAD}Kbit"
docmd
CMD="tc class add dev eth0 parent 1:${PIPEID} classid 1:${PIPEID}2 hfsc rt m2 ${GENBASEUPLOAD}Kbit ls m2 ${GENSHAREDUPLOAD}Kbit ul m2 ${GENMAXUPLOAD}Kbit"
docmd
einfo " - Creating classes on eth1 for download control ..."
CMD="tc class add dev eth1 parent 2:0 classid 2:${PIPEID} hfsc ls m1 ${BURSTDOWNLOAD}Kbit d ${BURSTLENGTHDOWNLOAD}ms m2 ${BASEDOWNLOAD}Kbit ul m2 ${MAXDOWNLOAD}Kbit"
docmd
CMD="tc class add dev eth1 parent 2:${PIPEID} classid 2:${PIPEID}0 hfsc sc umax 1500b dmax ${VOIPLATENCY}ms rate ${VOIPBASEDOWNLOAD}Kbit"
docmd
CMD="tc class add dev eth1 parent 2:${PIPEID} classid 2:${PIPEID}1 hfsc ls m2 ${P2PSHAREDDOWNLOAD}Kbit ul m2 ${P2PMAXDOWNLOAD}Kbit"
docmd
CMD="tc class add dev eth1 parent 2:${PIPEID} classid 2:${PIPEID}2 hfsc rt m2 ${GENBASEDOWNLOAD}Kbit ls m2 ${GENSHAREDDOWNLOAD}Kbit ul m2 ${GENMAXDOWNLOAD}Kbit"
docmd
}
docmd() {
if [[ "${CMD}" ]]; then
ebegin " - ${CMD}"
$CMD
if [[ $? -eq 0 ]]; then
eend 0;
else
eend 1;
fi
fi
}
depend() {
need net
}
start() {
stop
setup_main_devices
start_test
}
stop() {
ebegin "Stopping QoS ruleset"
tc qdisc del dev eth0 root 2>&1 1>/dev/null
tc qdisc del dev eth1 root 2>&1 1>/dev/null
tc qdisc del dev eth2 root 2>&1 1>/dev/null
eend 0
}
restart() {
stop
start
}
$1
Oddly, I keep getting these errors:
* Starting bandwidth management on interfaces ...
* - Creating qdiscs on interfaces ...
* - tc qdisc add dev eth0 root handle 1: hfsc default 1... [ ok ]
* - tc qdisc add dev eth1 root handle 2: hfsc default 1... [ ok ]
* - tc class add dev eth0 parent 1:0 classid 1:1 hfsc ls m2 100Mbit ul m2 100Mbit... [ ok ]
* - tc class add dev eth1 parent 2:0 classid 2:1 hfsc ls m2 100Mbit ul m2 100Mbit... [ ok ]
* Starting bandwidth management for test ...
* - Creating classes on eth0 for upload control ...
* - tc class add dev eth0 parent 1:0 classid 1:1000 hfsc ls m1 768Kbit d 2000ms m2 256Kbit ul m2 768Kbit... [ ok ]
* - tc class add dev eth0 parent 1:1000 classid 1:10000 hfsc sc umax 1500b dmax 30ms rate 80Kbit...
RTNETLINK answers: File exists [ !! ]
* - tc class add dev eth0 parent 1:1000 classid 1:10001 hfsc ls m2 256Kbit ul m2 256Kbit...
RTNETLINK answers: File exists [ !! ]
* - tc class add dev eth0 parent 1:1000 classid 1:10002 hfsc rt m2 168Kbit ls m2 768Kbit ul m2 768Kbit... [ ok ]
* - Creating classes on eth1 for download control ...
* - tc class add dev eth1 parent 2:0 classid 2:1000 hfsc ls m1 1500Kbit d 2000ms m2 384Kbit ul m2 1500Kbit... [ ok ]
* - tc class add dev eth1 parent 2:1000 classid 2:10000 hfsc sc umax 1500b dmax 30ms rate 80Kbit...
RTNETLINK answers: Invalid argument [ !! ]
* - tc class add dev eth1 parent 2:1000 classid 2:10001 hfsc ls m2 384Kbit ul m2 384Kbit...
RTNETLINK answers: Invalid argument [ !! ]
* - tc class add dev eth1 parent 2:1000 classid 2:10002 hfsc rt m2 384Kbit ls m2 1500Kbit ul m2 1500Kbit...
RTNETLINK answers: Invalid argument [ !! ]
Also, note that I am deleting the qdiscs that exist each time I start the script, so there should not be any entries that still exist when I run the script again.
I'm also not certain if what I am doing here actually achieves my goals, but this is my best guess at the moment.
And, just in case you are wondering, I have not gotten to the 'tc filter' or 'iptables <blah> -j CLASSIFY' parts yet.
Thanks in advance.
Eliot Gable
Certified Wireless Network Administrator
Cisco Certified Network Associate
CompTIA Security+ Certified
CompTIA Network+ Certified
Network and Systems Administrator
Great Lakes Internet, Inc.
112 North Howard
Croswell, MI 48422
810-679-3395
-----Original Message-----
From: lartc-bounces@xxxxxxxxxxxxxxx on behalf of Jason Boxman
Sent: Thu 10/13/2005 3:45 PM
To: lartc@xxxxxxxxxxxxxxx
Subject: Re: HFSC Advanced Limiting
On Thursday 13 October 2005 10:41, Eliot, Wireless and Server Administrator,
Great Lakes Internet wrote:
> I am investigating changing our broadband bandwidth control scripts over to
> HFSC. What I would like to accomplish is this:
>
> { * DOWNLOAD *
Read the replies to the thread "shape downstream of a ppp link" as the same
concept applies here. It's difficult to shape ingress traffic. You could,
nevertheless, employ hfsc in some fashion for ingress either with IMQ or by
attaching it to the LAN facing side of your network (pretend ingress is
egress).
<snip>
> What is the maximum number you can use on class IDs?
0xFFF I believe. (If it's actually 0xFFFF someone correct me.)
> How many customers should one router be able to handle with this kind of
> QoS policy?
That's going to depend on many things, one of which being packet matching.
Were you going to use `tc filter` or, say, `iptables` matching? For the
former, with so many clients, others have posted they needed to use `tc
filter` with hashtables or the performance hit was huge for thousands of `tc
filter` rules. (i.e. unusable.)
> With a P3 800MHz proccessor in a router, will I be able to implement this
> complex of a QoS policy and still have it handle 4,000 customers?
>
> What about 10,000?
Maybe.
> Is there any way to do triple numbering for class IDs (i.e. 1:1:2 instead
> of 1:12)?
No.
> Also, if you do not know for certain any of the answers to these questions,
> please do not make conjecture. Only answer with facts. Thank you in advance
> for any responses to this.
Excellent. Then I'm sure you've read LARTC HOWTO and Google'd extensively
already.
--
Jason Boxman
http://edseek.com/ - Linux and FOSS stuff
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
