[LARTC] Bandwith thinking error

Andreas Klauer Andreas.Klauer@metamorpher.de
Wed, 12 May 2004 17:28:54 +0200 

Am Wednesday 12 May 2004 16:08 schrieb Lars Oeschey:

> I found that I had some thinking error with the wshaper script. I
> assigned the bandwith of my DSL connection to it, but the machine where
> it runs is normally connected to the LAN with 100Mbit behind a separate
> Hardware-Router.

WShaper reduces the complete bandwidth of a device to a given rate, so it's 
to be attached directly to the internet device. So if you use the same 
device for communicating with the router and with other machines in the 
LAN, there is a problem.

> So what is the correct way to go? 

You have the same problem if you attach HTB filters (for incoming NATed 
bandwidth) to the LAN device. It can be solved by creating one fat parent 
class which has the full LAN rates. This fat class gets two children: a 
DSL class which gets the DSL rates and a LAN class which gets (LAN minus 
DSL) rate. The DSL class then gets further children for DSL traffic 
classification for example on a per user or interactive/http/protocol 
basis.
        
You have to add your filters then to the DSL class instead of parent qdisc,
and a filter in the parent qdisc that puts packets that go to the Router IP
into the DSL class. Or modify your filters so that they only apply to 
Router packets. Especially if you're using ingress, you have to modify the 
policy filters so that they only apply to packets coming from the router.

As a simplified ascii graphic:

   HTB qdisc
    |
    \--- HTB fat class (LAN rate)
          |
          \--- HTB DSL class (DSL rate; only packets to the router go here)
          \--- HTB LAN class (LAN-DSL rate; all other packets go here)
        
A problem with this design would be if you have additional local traffic 
that goes to the router (e.g. a ssh session to the router that does not 
actually go to the internet). This would be classified as DSL traffic too. 
I don't know if filters can be designed in a way that they only match on 
gateway'ed traffic.

Shaping this way won't work particularly well especially if there are other 
users in your LAN using the router. You should do the shaping directly on 
the router in any case.

HTH
Andreas