On Sat, 2011-02-05 at 15:58 +0100, Marek Kierdelewicz wrote: > > Hi, > > Hi > > >I, are you sure about the big difference? > >I agree with you about tc u32 filters are better than iptables + > >marking, but like now I have about 100mbit 1k+ users with > >mangle+classify and tc+htb+egress and I have a load at about 0.2. > >My cpu are xeon 2.6 quad. > > Do you have individual iptables rule doing marking for each user (1k+ > rules in mangle)? > I have to admit that I don't mark per user. I have lots of users, but I instead mark the type of traffic and shape on that. Optimum Wireless Services - what is your aim? Do you really want to limit bandwidth per user, or do you instead want to provide each user with a fair share of bandwidth and fast internet access? If it is the latter, you are better to not mark per user, but instead mark the traffic type and use tc's hash functionality to share the bandwidth between client IP address, rather than the default which is per connection. Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
