Steve wrote: If you have recompiled your kernel then you will need to select this, (under make menuconfig options) otherwise, it is already turned on for stock redhat kernels. Actually I did try to compile the kernel, but I didn't have any success at compiling some modules (posted a message some days ago). But anyway I did find out that redhat comes with QoS enabled right out of the rpms, so I let it pass. Sure, I have them, or else I wouldn't have said I set up things correctly in my first post.You will also need the iproute2 tools (tc, ip, etc - the rpm is on the redhat cd) Then you will have to work out what it is exactly that you are trying to do, and keep in mind, shaping only works in the outbound (egress) direction, so in order to do shaping of traffic comming into your network you will need to control both ends of your link. Read the lartc, that's what it says there about being for just outbound traffic. It's logical anyway, you can't actually control what you receive. But, note that I have read some docs that do shape inbound traffic to minimize a bit what comes in. When this is all sorted out then I would suggest you read the traffic I wouldn't have asked if I didn't do so! shaping howto's (a google search will find htese for you) which will give you some idea of how things work, but sadly tend to be rather complex to I agree with this. Not that it's really complex to understand, but rather that the lartc howto isn't all that clear in laying things out, and relating one another. That's my point. understand, once you've had a bash at that then you can post questions here and people may be able to help, but keep in mind, its a complex subject so keep your questions specific. things such as "it doesn't work" are not especially conducive to getting an answer back past "yes it does" :-) Well, maybe we can get down to real examples. Let me point out that when I say "it doesn't work", I mean "it doesn't work for me". I think this is quite obvious to see (maybe I'm wrong), because tc is there for something, and people actually seem to be using it, so it must work! Also, let me point that the closest I got to making it "work", is to have a my linux box "hang". So let's start first with a real example, from www.docum.org. The script is located at www.docum.org, then click on "Tests" in the left tab, then go to "CBQ Tests" section and then click on "CBQ bounded acuracy", it's the one named bounded.sh, but I type it in here: bounded.sh: #!/bin/sh RATE_MAX=$1`echo kbps` echo $RATE_MAX DEV="dev eth0" OPTION="allot 1514 maxburst 20 avpkt 1000 prio 3" tc qdisc del $DEV root tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000 tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate $RATE_MAX $OPTION bounded tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid 10:2 iptables -F iptables -X iptables -N acc_0 iptables -A OUTPUT -t mangle -p tcp --dport 2001 -j MARK --set-mark 1 iptables -A OUTPUT -p tcp --dport 2001 -j acc_0 iptables -A OUTPUT -j ACCEPT I supose that traffic on port 2001 is the one that will be shaped, right? So, now I want to limit bandwidth on a http server. I replaced '--dport 2001' with '--dport 80'. Start the http server, then go to another computer and run: wget 10.0.0.1/whaever_big_file (10.0.0.1 would be the box where the web server runs, and where traffic is [out]bounded). In my box, traffic bandwidth does not seem limited (I get the file at 30MB per sec or smoething like that), so for me this script doesn't work. Do you see anything wrong in this script please? Now to another test. This one is my own "test creation", so maybe it's not all that correct, but anyway, it actually does "hang" my linux box (mouse doesn't move, keyboard doesn't respond--so I can't switch to a terminal, etc)... only way out is the computer's RESET button. Here's my "creation": /sbin/tc qdisc del dev eth0 root /sbin/tc qdisc add dev eth0 root handle 10: cbq bandwidth 128kbit avpkt 1000 /sbin/tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 128kbit rate 128kbit avpkt 1000 bounded /sbin/tc filter add dev eth0 parent 10: protocol ip u32 match ip sport 80 0xffff flowid 10:0 echo 1 >/proc/sys/net/ipv4/ip_forward After running this, then do as before: run the http server and do the wget on the other computer. This procedure hangs the computer hosting the server, and it's the closest I got to having tc "do something": sadly enough that "something" is a system crash. One more thing (actually the real question in my first post): I have not set up anything special in my linux box to have tc working. I mean, I have not setup any routing tables, no special if configurations, no insmod, no nothing... just an echo 1 >/proc/sys/net/ipv4/ip_forward. Do I have to run anything else for tc to work? Thanks. Leo. |