* Some advice for QoS setup ...
@ 2003-01-09 6:41 Raymond Leach
2003-01-09 8:20 ` Jörg Esser
0 siblings, 1 reply; 2+ messages in thread
From: Raymond Leach @ 2003-01-09 6:41 UTC (permalink / raw)
To: Netfilter Mailing List
[-- Attachment #1: Type: text/plain, Size: 2473 bytes --]
Hi all
Am I going about this in the right way?
This is what I plan to do :
1. Outgoing www traffic originating from our web servers has priority 1
with min 30% bandwidth and max 60% bandwidth.
2. Outgoing mail traffic (smtp and pop3) originating from our mail
servers has priority 2 with min 5% bandwidth and max 20% bandwidth.
3. Outgoing ftp traffic originating from our ftp servers has priority 3
with min 5% bandwidth and max 10% bandwidth.
4. All other traffic has priority 4 with min 0% bandwidth and max 10%
bandwidth.
I was thinking of using htb and sfq. What should my 'tree that is not a
tree' look like?
I was also planning to use netfilter iptables to mark the traffic and
use tc to filter the packets based on the mark (let's say 1,2,3,4
corresponding to the priorities above).
Any suggestions?
I thought my tree would look something like this:
10: (htb)
|
10:1 (htb)
(rate 512kbps, ceil 512kbps)
|
________________________________________________________
| | | |
10:10 (htb) 10:20 (htb) 10:30 (htb) 10:40 (htb)
(rate 153kbps, (rate 25kbps, (rate 25kbps, (rate 0kbps,
ceil 306kbps) ceil 102kbps) ceil 50kbps) ceil 50kbps)
| | | |
SFQ SFQ SFQ SFQ
Does my tree look correct? Will this tree honour the priorities I want
to set? Is netfilter FWMARK the right way to go here?
Regards
Ray
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
( Raymond Leach )
) Knowledge Factory (
( )
) Tel: +27 11 445 8100 (
( Fax: +27 11 445 8101 )
) (
( http://www.knowledgefactory.co.za/ )
) http://www.saptg.co.za/ (
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
o o
o o
.--. .--.
| o_o| |o_o |
| \_:| |:_/ |
/ / \\ // \ \
( | |) (| | )
/`\_ _/'\ /'\_ _/`\
\___)=(___/ \___)=(___/
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Some advice for QoS setup ...
2003-01-09 6:41 Some advice for QoS setup Raymond Leach
@ 2003-01-09 8:20 ` Jörg Esser
0 siblings, 0 replies; 2+ messages in thread
From: Jörg Esser @ 2003-01-09 8:20 UTC (permalink / raw)
To: Netfilter Mailing List
Raymond Leach wrote:
>Hi all
>
>Am I going about this in the right way?
>
>This is what I plan to do :
>
>1. Outgoing www traffic originating from our web servers has priority 1
>with min 30% bandwidth and max 60% bandwidth.
>2. Outgoing mail traffic (smtp and pop3) originating from our mail
>servers has priority 2 with min 5% bandwidth and max 20% bandwidth.
>3. Outgoing ftp traffic originating from our ftp servers has priority 3
>with min 5% bandwidth and max 10% bandwidth.
>4. All other traffic has priority 4 with min 0% bandwidth and max 10%
>bandwidth.
>
>I was thinking of using htb and sfq. What should my 'tree that is not a
>tree' look like?
>
>I was also planning to use netfilter iptables to mark the traffic and
>use tc to filter the packets based on the mark (let's say 1,2,3,4
>corresponding to the priorities above).
>
>Any suggestions?
>
>I thought my tree would look something like this:
>
> 10: (htb)
> |
> 10:1 (htb)
> (rate 512kbps, ceil 512kbps)
> |
> ________________________________________________________
> | | | |
>10:10 (htb) 10:20 (htb) 10:30 (htb) 10:40 (htb)
>(rate 153kbps, (rate 25kbps, (rate 25kbps, (rate 0kbps,
> ceil 306kbps) ceil 102kbps) ceil 50kbps) ceil 50kbps)
> | | | |
> SFQ SFQ SFQ SFQ
>
>Does my tree look correct? Will this tree honour the priorities I want
>to set? Is netfilter FWMARK the right way to go here?
>
>Regards
>
>Ray
>
Found this in german journal ct.
Maybe you can use it.
You need this:
http://luxik.cdi.cz/~devik/qos/htb/v3/htb3.6-020525.tgz
(The tc binary is needed without the right version it won´t work)
Insert all QOS stuff from kernel sources in your kernel.
put this as qos-on script.
-----------------------------------------
#!/bin/sh
#
# Shell-Skript fuer Quality of Service mit HTB
#
EXTIF=ppp0
INTIF=eth0
############
# Outgoing
############
## Root
tc qdisc add dev $EXTIF root handle 1:0 htb default 12
## Hauptklasse
tc class add dev $EXTIF parent 1:0 classid 1:1 htb rate 125kbit ceil 125kbit
## Klasse fuer ACK
tc class add dev $EXTIF parent 1:1 classid 1:10 htb rate 10kbit ceil
125kbit prio 0
## Klasse fuer VPN/SSH
tc class add dev $EXTIF parent 1:1 classid 1:11 htb rate 30kbit ceil
125kbit prio 1
## Klasse fuer normalen Traffic
tc class add dev $EXTIF parent 1:1 classid 1:12 htb rate 75kbit ceil
125kbit prio 2
## Klasse fuer Bulk
tc class add dev $EXTIF parent 1:1 classid 1:13 htb rate 10kbit ceil
100kbit prio 3
# ACKs
#iptables -A OUTPUT -t mangle -o $EXTIF -p tcp -m length --length :64 -j
MARK --set-mark 10
# VPN/IPsec
iptables -A POSTROUTING -t mangle -o $EXTIF -p 50 -j MARK --set-mark 11
# SSH
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 22 -j MARK
--set-mark 11
## lokaler SSH Server auf Port 4444
## iptables -A OUTPUT -t mangle -o $EXTIF -p tcp --sport 4444 -j MARK
--set-mark 11
## SMTP
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 25 -j MARK
--set-mark 13
# eDonkey
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 4662 -j MARK
--set-mark 13
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --sport 4662 -j MARK
--set-mark 13
tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 10 fw
flowid 1:10
tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 11 fw
flowid 1:11
# default: 1:12
tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 13 fw
flowid 1:13
###########
# Incoming
###########
tc qdisc add dev $INTIF root handle 2:0 htb default 20
tc class add dev $INTIF parent 2:0 classid 2:2 htb rate 750kbit ceil 750kbit
tc class add dev $INTIF parent 2:2 classid 2:20 htb rate 500kbit ceil
700kbit prio 1
tc class add dev $INTIF parent 2:2 classid 2:21 htb rate 150kbit ceil
750kbit prio 0
tc class add dev $INTIF parent 2:2 classid 2:22 htb rate 100kbit ceil
500kbit prio 3
# ACKs
#iptables -A POSTROUTING -t mangle -o $INTIF -m length --length :200 -j
MARK --set-mark 21
# SSH
#iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --sport 22 -j MARK
--set-mark 21
# eDonkey
iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --dport 4662 -j MARK
--set-mark 22
iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --sport 4662 -j MARK
--set-mark 22
# zu drosselnder Rechner
#iptables -A POSTROUTING -t mangle -o $INTIF -d 192.168.111.1 -j MARK
--set-mark 22
tc filter add dev $INTIF parent 2:0 prio 0 protocol ip handle 21 fw
flowid 2:21
tc filter add dev $INTIF parent 2:0 prio 0 protocol ip handle 22 fw
flowid 2:22
#########
# SFQ
#########
tc qdisc add dev $EXTIF parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:13 handle 13: sfq perturb 10
tc qdisc add dev $INTIF parent 2:20 handle 20: sfq perturb 10
tc qdisc add dev $INTIF parent 2:21 handle 21: sfq perturb 10
tc qdisc add dev $INTIF parent 2:22 handle 22: sfq perturb 10
-----------------------------------------------------------------------
and this as qos-off script.
-----------------------------------------------------------------
# /bin/sh
EXTIF=ppp0
INTIF=eth0
iptables -F -t mangle
tc qdisc del dev $EXTIF root 2> /dev/null > /dev/null
tc qdisc del dev $EXTIF ingress 2> /dev/null > /dev/null
tc qdisc del dev $INTIF root 2> /dev/null > /dev/null
tc qdisc del dev lo root 2> /dev/null > /dev/null
----------------------------------------------------------------
Have a nice day,
Joerg Esser
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-01-09 8:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-01-09 6:41 Some advice for QoS setup Raymond Leach
2003-01-09 8:20 ` Jörg Esser
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.