my tc rules does work. The problem is when tc htb drop most packets on eth0(WAN), it affects the eth1(LAN). this is the result: PING 10.255.255.1 (10.255.255.1) 56(84) bytes of data. 64 bytes from 10.255.255.1: icmp_seq=1 ttl=64 time=1.07 ms 64 bytes from 10.255.255.1: icmp_seq=2 ttl=64 time=0.434 ms 64 bytes from 10.255.255.1: icmp_seq=3 ttl=64 time=0.399 ms 64 bytes from 10.255.255.1: icmp_seq=4 ttl=64 time=0.366 ms 64 bytes from 10.255.255.1: icmp_seq=5 ttl=64 time=0.342 ms 64 bytes from 10.255.255.1: icmp_seq=6 ttl=64 time=16.8 ms 64 bytes from 10.255.255.1: icmp_seq=7 ttl=64 time=16.2 ms 64 bytes from 10.255.255.1: icmp_seq=9 ttl=64 time=19.9 ms 64 bytes from 10.255.255.1: icmp_seq=11 ttl=64 time=16.3 ms 64 bytes from 10.255.255.1: icmp_seq=12 ttl=64 time=15.6 ms 64 bytes from 10.255.255.1: icmp_seq=13 ttl=64 time=19.4 ms htb on eth0(WAN): class htb 1:21 root prio 0 rate 5000Kbit ceil 5000Kbit burst 1600b cburst 1600b Sent 13040625 bytes 82023 pkt (dropped 453496, overlimits 0 requeues 0) rate 541032bit 1153pps backlog 0b 0p requeues 0 lended: 82308 borrowed: 0 giants: 0 tokens: 36204 ctokens: 36204 On 2013-3-4, at 22:20, Paolo Malfatti (cidis) <paolo@xxxxxxxx> wrote: > When X's packets pass trough your NAT box, their IP will be changed before your filter rules try to classify them. > > You can MARK X's packets with IPTABLES in mangle PREROUTING, and use a filter rule like this: > > iptables -t mangle -A PREROUTING -s x.x.x.x -j MARK --set-mark 2 > > tc filter add dev eth0 protocol ip parent 1: pref 1 handle 2 fw classid 1:ffce > > -----Mensaje original----- From: faicker mo > Sent: Saturday, March 02, 2013 4:48 AM > To: Andrew Beverley > Cc: lartc@xxxxxxxxxxxxxxx > Subject: Re: htb problem with high rate small udp packet > > tc qdisc show dev eth0 > qdisc htb 1: root refcnt 2 r2q 10 default 2 direct_packets_stat 6 > qdisc sfq ffce: parent 1:ffce limit 127p quantum 1514b perturb 10sec > > tc class show dev eth0 > class htb 1:ffce parent 1:2 leaf ffce: prio 0 rate 5000Kbit ceil 5000Kbit burst 1600b cburst 1600b > class htb 1:2 root rate 1000Mbit ceil 1000Mbit burst 1375b cburst 1375b > > tc filter show dev eth0 > filter parent 1: protocol all pref 2 u32 > filter parent 1: protocol all pref 2 u32 fh 800: ht divisor 1 > filter parent 1: protocol all pref 2 u32 fh 800::2e order 46 key ht 800 bkt 0 flowid 1:ffce > match xxxxxxxx/ffffffff at 12 > ----- > The ip is replaced with xxxxxxxx. > eth0 is the WAN interface. > > pktgen.conf key parameters: > count 10000000 > delay 10000 > > When I removed all the tc rules, the latency was OK. > > On 2013-3-2, at 1:20, Andrew Beverley <andy@xxxxxxxxxxx> wrote: > >> On Thu, 2013-02-28 at 20:22 +0800, faicker mo wrote: >>> Hi, I have a NAT box(also a gateway) with 2 Nics. eth0 is WAN >>> interface, eth1 is LAN interface. I made some htb rules on WAN >>> interface(because only the egress interface can shape). I limited a LAN >>> machine named X 2Mbit. I test it with pktgen. X send many small udp >>> packets to outside without receiving them, upto 70K pps. The bandwidth >>> is >> 2Mbit. Now I ping the NAT box from another LAN machine, I find >>> the latency is increasing more,sometimes packet loss. I see htb class >>> dropped many packets. the CPU is normal. Any ideas? >> >> Can you post your HTB/tc rules please. >> >>> Am I wrong to limit the bandwidth at that place? >> >> No, that's fine, that's the best way to do it. >> >> >> > > -- > To unsubscribe from this list: send the line "unsubscribe lartc" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
