[LARTC] Updated tcng configuration
Scott Baker
bakers@web-ster.com
Mon, 23 Feb 2004 12:13:00 -0800
You helped me earlier, I was wondering if I couldn't get your advice again.
I had very simple ingress/egress policing working and I was very happy.
Unfortunately I quickly reached the maximum throughput and my own
connections to our FTP server were slow.
I decided it would be best to implement a second filter to give traffic
from our network priority. I think I've done that below, but it doesn't
seem to be working. I want to dedicate 5Mbps to the "world" and, an
additional 10Mbps to my network (12.111.170.0/24).
For whatever reason, it seems that ALL incoming traffic is going to the
$cta class, despite the source IP address. If I tweak with the settings for
$cta down to 5Mbps the traffic drops accordingly. 99% of the traffic going
to the box is "other" I want to leave the possibility that our traffic gets
priority if and when we need it. Am I missing something simple here?
-----------------------------------------------
dev "eth0" {
egress {
/*
//This is what we were using before we had to optimize traffic for
our networks
tbf (mtu 1.5kB,limit 10kB,rate 10Mbps,burst 1000kB) {
fifo;
}
*/
class (<$cta>) if ip_src:24 == 12.111.170.0;
class (<$other>) if 1;
htb () {
class (rate 100Mbps, ceil 100Mbps) {
$cta = class (rate 10Mbps, ceil 10Mbps) { sfq; };
$other = class (rate 5Mbps, ceil 5Mbps) { sfq; };
}
}
}
ingress {
$p = bucket(rate 10Mbps, burst 1000kB, mpu 200B);
class (1) if (conform $p && count $p) || drop;
}
}
Scott Baker - Network Engineer - RHCE
bakers @ web-ster . com - 503.266.8253