????? ????? wrote:
Hello!
yes, I no about 65000 rules and just add third interface to server. )
what about
tc filter add dev imq0 parent 1: prio 5 u32 ht 800:: match ip dst
172.22.0.0/17 hashkey mask 0x00007f00 at 16 link 0: ?
shouldnt hashkey mask be 0x00007fff instead of 0x00007f00 ?
and if it should be 0x00007f00 how do you calculate it?
2006/9/20, Alexandru Dragoi <alex@xxxxxxxxxx>:
????? ????? wrote:
> Hello
> I have 2 class-B networks (172.22.0.0/16 and 172.23.0.0/16, over 130k
> of ip's) and need to setup
> traffic tbf shapers with 64kb/s for each ip from 172.22.0.0/16 and
> 128kb/s for each ip from 172.23.0.0/16
> just read lartc and don't understand how to use u32 for decreasing
> number of rules and hashing
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
First you need imq. This because you can't have more than 65536 classes.
Having 8 imqs you will be able to use 4 for download and 4 for upload.
However You will tell us if the machine will support everything :). So
you will divide the big class /15 into 4 classes /17
iptables -t mangle -A POSTROUTING -o $clients_eth -d 172.22.0.0/17 -j
IMQ --todev 0
and:
tc qdisc add dev imq0 root handle 1: htb #Or whatever you use
tc class add dev imq0 parent 1: classid 1:f000 htb rate 620mbit #or
whatever ...
tc filter add dev imq0 parent 1: protocol ip prio 5 handle 0: u32
divisor 128
tc filter add dev imq0 parent 1: prio 5 u32 ht 800:: match ip dst
172.22.0.0/17 hashkey mask 0x00007f00 at 16 link 0:
for i in seq `0 127` ; do
div=`printf "%x" $i`
let j=$i+1
tc filter add dev imq0 parent 1: prio 5 u32 ht 0:$div: match ip dst
172.22.$i.0/24 hashkey mask 0x000000ff at 16 link $j:
for q in seq `0 255`; do
d=`printf "%x" $q`
clsid=$[$i*256+$q]
tc class add dev imq0 parent 1: classid 1:$clsid htb rate 128kbit
tc filter add dev imq0 parent 1: prio 5 u32 ht $j:$d match ip dst
172.22.$i.$q flowid 1:$clsid
done
done
I hope i'm not missing something. For 172.22.128.0/17, instead of
172.22.$i you will have 172.22.$[$i+128]
On other imq of course. For upload you just change dst with src, and "at
16" into "at 12"
I'm really curious how it will work :D and how much it will take to
run it.
Also, before:
tc filter add dev imq0 parent 1: prio 5 u32 ht 0:$div: match ip dst
172.22.$i.0/24 hashkey mask 0x000000ff at 16 link $j:
Add line:
tc filter add dev imq0 parent 1: protocol ip prio 5 handle $j: u32
divisor 256
Now, you need both download and upload, so maybe upload goes via a
single card. Also the maximum number of divisor is 256, so a mask should
have only 8 bits set to 1. And 0x00007f00 will match only the last 7
bits on 3rd number on an ip address. So ip 172.22.45.2 will go,
considering the hashkey mask, to entry (45 & 0x7f), then represented in
hex, which is 0x23. The & means bitwise and, just how hashkey algoritm
works. Applying the that mask to ip 172.22.173.8 will also generate
0x23. More about these you have to do some binary operations. Means you
will run the for loop for i in `seq 128 255`.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
