2011/9/8 Gáspár Lajos <swifty@xxxxxxxxxxx>:
> Do you see the connection in conntrack??? With the mark=1 value???
Unfortunately this server now is in a private and close lan, not
accessible ftom or to the Internet, so I cannot install conntrack
I set up a system with one dns, one client and another postfix for test
> Maybe too low values would disable the tc?!? (I am really not sure about
> it... :D )
Before I tried also wit different values: all the ten's multiples
untill 100, to see if the 48x factor is costant also with other speed.
And no, is not constant: it increase as an exponential curve!
2011/9/8 Nikolay Kichukov <hijacker@xxxxxxxxx>:
> #create engress htb shaper:
> tc qdisc add dev $IF root handle 1: htb
> #setup some iface limits
> tc class add dev $IF parent 1: classid 1:1 htb rate ${MAXOUT}kbit ceil ${MAXOUT}kbit burst 50kb
>
> #add subclass for your application attached to the root class 1:1 - 1:10, set proper ceil value!
> tc class add dev $IF parent 1:1 classid 1:10 htb rate 128kbit ceil ${MAXOUT}kbit prio 1 burst 5kb
>
> #then just add filters, in that case port 53 - DNS
> tc filter add dev $IF parent 1:0 protocol ip prio 10 u32 match ip dport 53 0xffff flowid 1:10
Your script seems work better than mine: the speed now is 20Kbps, and
not value as 480kbps as before with my commands!, even if I set
10kbits, both as ceil and rate:
IF=eth0
MAXOUT=10kbit
tc qdisc add dev $IF root handle 1: htb
tc class add dev $IF parent 1: classid 1:1 htb rate $MAXOUT ceil $MAXOUT
tc class add dev $IF parent 1:1 classid 1:10 htb rate 10kbit ceil $MAXOUT
tc filter add dev $IF parent 1:0 protocol ip prio 10 u32 match ip
dport 25 0xffff flowid 1:10
I erase priority and brust part, At the moment don't mind brusting the
connection or assign a priority.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
