Re: [SLUG] tc and htb

From: Ian C. Blenke (ian@blenke.com)
Date: Tue Jan 28 2003 - 15:47:32 EST

Next message: John Clay: "[SLUG] OOo prints to wrong printer but RH test page prints to correct printer - why?"
Previous message: Joe Brandt: "Re: [SLUG] tc and htb"
In reply to: Jay Wineinger: "[SLUG] tc and htb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Tue, Jan 28, 2003 at 01:42:31PM -0500, Jay Wineinger wrote:
> Hi everyone,
> Ive been trying to get traffic control working on my router. Its
> serving a nat'd internal subnet at a dorm, so I figured itd be nice to make
> sure everyone gets a piece of the pie, rather than kazaa getting it all.
> Anyway, im having a lot of trouble getting anything working and I was
> wondering if anyone has used the htb qdisc + marking packets with iptables.
> If so, I'd really appreciate a look at your scripts, 'cause Im about ready
> to pull my hair out.

Here's a snippet from my aging firewall at home. It's not htb - having
fought with tweaking the shaping rules for a while, I found that this
seemed to work very well for my network load.

I only wanted to prioritize the important traffic and cut down on latency.
To do this, I define three weighted SFQ queues using a master PRIOrity queue.
- Any traffic tagged with Minimize-Delay has priority over all other
traffic types (ICMP, DNS, SSH).
- All "normal" traffic is given a "fair share" of the bandwidth.
- Anything tagged with Maximize-Throughput has the lowest priority (NNTP).

tc qdisc del root dev eth1
tc qdisc del root dev eth0

        tc qdisc add dev eth0 root handle 1: prio
        tc qdisc add dev eth0 parent 1:1 handle 11: sfq
        tc qdisc add dev eth0 parent 1:2 handle 12: sfq
        tc qdisc add dev eth0 parent 1:3 handle 13: sfq

        iptables -A PREROUTING -t mangle -p icmp -j TOS \
                --set-tos Minimize-Delay
        iptables -A PREROUTING -t mangle -p udp --sport 22 \
                -j TOS --set-tos Minimize-Delay
        iptables -A PREROUTING -t mangle -p udp --dport 22 \
                -j TOS --set-tos Minimize-Delay
        iptables -A PREROUTING -t mangle -p udp --sport 53 \
                -j TOS --set-tos Minimize-Delay
        iptables -A PREROUTING -t mangle -p udp --dport 53 \
                -j TOS --set-tos Minimize-Delay

        iptables -A PREROUTING -t mangle -p tcp --dport 119 -j TOS \
                --set-tos Maximize-Throughput

This prioritization is simple, thus the appeal to me.

For those folks with RR, you may also want to rate-shape your outbound
traffic to 384k to get the best results. I've found mixed results
getting shaping to behave well with their current rate limiting.

With this, I can stream bulk USENET full tilt and still not affect web
surfing or the interactivity of ssh sessions. For bulk ssh transfers
(like massive fresh rsyncs), I tend to use a TCP port other than 22.

Hope this helps.

- Ian

Next message: John Clay: "[SLUG] OOo prints to wrong printer but RH test page prints to correct printer - why?"
Previous message: Joe Brandt: "Re: [SLUG] tc and htb"
In reply to: Jay Wineinger: "[SLUG] tc and htb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 13:51:33 EDT