Andy Furniss wrote:
That's strange - so there are no vlans involved and tcpdump -nnei eth0
only sees traffic coming in?
Nope, no vlans. And yes, both tcpdump and tethereal see only on the
outgoing (i.e. clients to internet) ack packets, but not the actual
incoming data packets. Like I said, it can't be a routing problem
because the only physical route those packets can take between the NAT
clients and the internet is via eth0 on this box. All four interfaces on
the box I'm using are Intel ones, so not just some cheap rubbish!
Probably unlikely to be drivers too?
If the nic is a gig eth, I wonder if its drivers are doing something
strange to do with segmentation offload. You should be able to turn it
off with ethtool.
ethtool -k eth0 to see if it is on and turn it off with
ethtool -k eth0 tso off
All the interfaces are gigabit. Segmentation offload was enabled on eth0
- now it's off but appears to have had no effect on the bandwidth :(
FWIW I tried browsing with this setup and downloading aswell and
it's not very nice with such a long queue. An ISP/teleco would never
have that long a fifo on a 128kbit line. It would be better to add
an sfq to the bulk class or limit the length of the fifo.
Sorry for such a simplistic question - how might this be done?
However I'm not overly worried about making the quality of service
perfect - I just need it to be limited bandwidth. The reason why I
want such a restricted service is because the shaped NAT clients of
this box are going to be the "naughty" users on the university
network who will have their 100Mbit service reduced to 128kbit for a
week as punishment for rulebreaking etc. So if people complain about
the occasional dropped packet - they shouldn't have been downloading
copyright material in the first place!
Ahh I see - actually packet loss could make things nicer by getting
the tcp senders congestion control to back off. The command for sfq
would be
tc qdisc add dev $LAN parent 1:b$total handle b$total: sfq limit 30
in the loop under the bulk class.
Yep - just tried this too. Again, this appears to have zero effect on
the bandwidth. Client 1 still downloads flatly at 166kb/s and Client 2
at 250kb/s. Something pretty weird is going on. Actually a colleague
here has offered to set up a Cisco router to do the shaping and let my
box just do the NAT. Start of term is imminent and this MUST be live
within a week! Thanks for all your help though, you've been excellent
and I've learned loads of stuff. As a relative beginner with Linux, this
is yet another experience where something didn't work as it should,
despite the advice of documentation, colleagues, lists, websites, etc...
Cheers,
Jonathan
------------------------
Jonathan Gazeley
ResNet | Wireless & VPN Team
Information Systems & Computing
University of Bristol
------------------------
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
