hi everybody.
im trying to set up an QoS config, using layer7
(http://l7-filter.sourceforge.net/) for protocol detection.
im suposing 3 clients with this configuration:
3 clients: 1.2.3.1 , 1.2.3.2 , 1.2.3.3
1.2.3.1 has 256kbit bandwidth "guaranteed"
clients 1.2.3.2 and 1.2.3.3 has 256kbit bandwith
so im marking every packet using layer7 iptables module, classifying them in
three groups: high priority(2), medium priority(3) and low priority(4).
Protocols (or applications) like ssh, VOIP or games suit in the high
priority category, and P2P apps go in the low priority category. iptables
commands are like this:
iptables -t mangle -A POSTROUTING -m layer7 --l7proto ssh -j MARK --set-mark
2
iptables -t mangle -A POSTROUTING -m layer7 --l7proto h323 -j MARK
--set-mark 2
iptables -t mangle -A POSTROUTING -m layer7 --l7proto directconnect -j MARK
--set-mark 4
iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK
--set-mark 4
iptables -t mangle -A POSTROUTING -m layer7 --l7proto fasttrack -j MARK
--set-mark 4
then i use a combination of tc commands to enqueue packets on different
classes depending on this mark.
the problem im facing is that i also have to limit client's bandwidth and im
not sure that my solution is the best. i've searched for an example like
this in the web but i have found nothing.
here is my little script for this config, comments will be very
appreciatted!!!
it could have some errors. Basic protocol detection and enqueue was working
fine, but im not sure now, with "bandwidth restrictions" additions.
#!/bin/bash
tc qdisc add dev eth0 root handle 1: htb default 8
tc class add dev eth0 parent 1: classid 1:1 htb rate 512kbit
tc class add dev eth0 parent 1:1 classid 1:2 htb rate 256kbit prio 1
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 256kbit prio 1
tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip src
1.2.3.1/32 flowid 1:2
tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip src
1.2.3.2/32 flowid 1:3
tc filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip src
1.2.3.3/32 flowid 1:3
# classes for client 1
tc class add dev eth0 parent 1:2 classid 1:4 htb rate 200kbit
tc class add dev eth0 parent 1:2 classid 1:5 htb rate 128kbit ceil 256kbit
tc class add dev eth0 parent 1:2 classid 1:6 htb rate 20kbit ceil 256kbit
tc filter add dev eth0 protocol ip parent 1:2 prio 1 handle 2 fw flowid 1:4
tc filter add dev eth0 protocol ip parent 1:2 prio 1 handle 3 fw flowid 1:5
tc filter add dev eth0 protocol ip parent 1:2 prio 1 handle 4 fw flowid 1:6
# i need this??
tc qdisc add dev eth0 parent 1:4 handle 4: sfq perturb 10
tc qdisc add dev eth0 parent 1:5 handle 5: sfq perturb 10
tc qdisc add dev eth0 parent 1:6 handle 6: sfq perturb 10
# classes for clients 2 and 3
tc class add dev eth0 parent 1:3 classid 1:7 htb rate 200kbit
tc class add dev eth0 parent 1:3 classid 1:8 htb rate 128kbit ceil 256kbit
tc class add dev eth0 parent 1:3 classid 1:9 htb rate 20kbit ceil 256kbit
# filters for clients 2 and 3 classes
tc filter add dev eth0 protocol ip parent 1:3 prio 1 handle 2 fw flowid 1:7
tc filter add dev eth0 protocol ip parent 1:3 prio 1 handle 3 fw flowid 1:8
tc filter add dev eth0 protocol ip parent 1:3 prio 1 handle 4 fw flowid 1:9
tc qdisc add dev eth0 parent 1:7 handle 7: sfq perturb 10
tc qdisc add dev eth0 parent 1:8 handle 8: sfq perturb 10
tc qdisc add dev eth0 parent 1:9 handle 9: sfq perturb 10
thanks!
Roberto Scattini
_________________________________________________________________
Charla con tus amigos en línea mediante MSN Messenger:
http://messenger.latam.msn.com/
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc