On Mon, 2013-04-22 at 02:23 -0700, Kenyon Ralph wrote: > On 2013-04-22T09:47:18+0100, Phil Daws <uxbod@xxxxxxxxxxxx> wrote: > > have started to learn about Ingress policing/shaping using the IFB > > module. What I would like to achieve is having different class ID's > > for different service groups. One would contain HTTP/S traffic, > > another SMTP, and one for interactive services like RDP. Most > > examples I have seen are for limiting bandwidth, where as I am after > > priority control so that a non interactive does not impede a users > > interactive experience. > > > > What would be the most efficient way to achieve this sort of > > configuration ? > > Probably using fq_codel would be the most efficient way. I use it via > OpenWrt's QoS scripts. You could adapt those to your system, or > something like this might help you implement it: > https://github.com/dtaht/deBloat/blob/master/src/debloat.sh > fq_codel looks really interesting. If I recall correctly, it is quite new so hopefully there is good documentation. To respond to the original point, there are a few factors. One is whether the device you are working on is the only one which needs to shape the traffic. If not, i.e., if internal routers and switches need to be aware of the decisions made by this devices, netfilter/iptables will be important, e.g., one could set the DSCP bits in the mangle table and then set the internal systems to handle packets according to those bits. On the device itself, I have become a great fan of HFSC precisely because it delinks bandwidth control from other factors. One can tweak latency separately from guaranteed bandwidth separately from shared bandwidth. Documentation is sparse but I do have a system administrator's guide to both IFB and HFSC available. There are some challenges with interactive protocols. For example, OpenSSH makes a nice distinction between truly interactive traffic and other activities such as file transfer (scp, sftp) using ssh as a transport by setting the ToS bits differently. Thus, one can place truly interactive traffic in a higher priority queue than bulk transfers. As far as I know, ssh sessions built on libssh do not make this distinction. RDP is even worse - no differentiation between keystrokes/screens and print jobs, file transfers, sound relaying performed over RDP. Hope this helps and, if anyone has better ideas or corrections, please respond as I am not an expert in this area - John -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
