Disclaimer: I don't do this very often so there is probably a retard error in here somewhere. I'm not expecting people to do my work for me, I'm just after a better understanding of the problem so I can get more control of the situation. tldr: Custom priomap + iptables TOS isn't sorting packets correctly, Wireshark won't even filter on TOS... ---- I'm currently attempting to implement a 4 band prio shaper with fq_codel queues on a 100Mbit connection (Debian Testing server): ====================================================================== tc qdisc add dev eth0 root handle 1: htb default 1 tc class add dev eth0 parent 1:0 classid 1:1 htb rate 12800kibps ceil 12800kibps tc qdisc add dev eth0 parent 1:1 handle 100: prio bands 4 priomap 1 3 1 3 2 3 2 3 0 3 0 3 1 3 1 3 tc qdisc add dev eth0 parent 100:1 handle 1001: fq_codel tc qdisc add dev eth0 parent 100:2 handle 1002: fq_codel tc qdisc add dev eth0 parent 100:3 handle 1003: fq_codel tc qdisc add dev eth0 parent 100:4 handle 1004: fq_codel ====================================================================== Packets are tagged for the various prio queues via iptables: ====================================================================== # ICMP $IPTABLES -t mangle -A POSTROUTING -o eth0 -p icmp -j TOS --set-tos Minimize-Delay # TCP control packets $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --tcp-flags FIN,SYN,RST,ACK FIN,ACK -j TOS --set-tos Minimize-Delay $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --tcp-flags FIN,SYN,RST,ACK SYN,ACK -j TOS --set-tos Minimize-Delay $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --tcp-flags FIN,SYN,RST,ACK RST,ACK -j TOS --set-tos Minimize-Delay $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --tcp-flags FIN,SYN,RST,ACK RST -j TOS --set-tos Minimize-Delay $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --syn -j TOS --set-tos Minimize-Delay # TCP ACK packets with no or very little data payload (p2p traffic sets all packets to ACK packets otherwise, source of size: http://phix.me/dm/) $IPTABLES -t mangle -A POSTROUTING -o eth0 -p tcp --tcp-flags FIN,SYN,RST,ACK ACK -m length --length 40:89 -j TOS --set-tos Minimize-Delay # Band 2 prioritisation # Torrenting $IPTABLES -t mangle -A POSTROUTING -o eth0 -m owner --uid-owner deluge -j TOS --set-tos Maximize-Throughput # Band 3 prioritisation #$IPTABLES -t mangle -A POSTROUTING -o eth0 -m owner --uid-owner user1 -j TOS --set-tos Minimize-Cost #$IPTABLES -t mangle -A POSTROUTING -o eth0 -m owner --uid-owner user2 -j TOS --set-tos Minimize-Cost ====================================================================== This is based on an otherwise-successful configuration on a local Ubuntu server that admittedly doesn't originate traffic itself, without a custom priomap. The general idea is: Band 0: High priority TCP packets, Minimize Delay, Band 1: Normal (nothing targetted here) Band 2: Torrenting, Maximize Throughput Band 3: Special programs, Minimize Monetary Cost When I let the above run, virtually all packets get dumped into band 1, whereas by far the bulk of the traffic is torrenting - the shaping code is behaving like iptables isn't tagging the packets properly, however 'iptables -v -L -t mangle' is showing a lot of packets going through the TOS rules. I next captured packets and opened up with Wireshark to see what was going on (it would be nice if I could just capture from the queues directly but I've found no evidence this is possible), however the following expressions fail to return anything: ip.tos ip.tos==8 ip.tos==0x8 etc with other values - I then moved to ip.dsfield.dscp, this failed in a different way - ip.dsfield.dscp==2 returned packets with 'Differentiated Services Field: 0x08', ip.dsfield.dscp==2 returned 0x10 - why? At this point I stopped as I clearly didn't know what I was doing. Any pointers? Thanks for any help.
Attachment:
signature.asc
Description: OpenPGP digital signature
