[LARTC] cbq dosen't shape on MARK for one host.. strange!
zytek
zytek@ostrow-wlkp.net
Mon, 9 Aug 2004 17:57:00 +0200
Hello all, this is my first post here. Sorry for my english.
Gentoo LAN router, 2.4.26-hardened-r2
There are 2 WAN links, one LAN link. I am doing some iptables/routing/tc ma=
gic=20
in my scripts. What's interesting is marking packets traveling from all IP'=
s=20
in LAN.
Interesting commands are:
=2D------------
for ip in `seq 50`;
do
$IPTABLES -t mangle -A FORWARD -o eth2 -d 10.0.1.$ip -j MARK=20
=2D-set-mark 50${ip}1
$IPTABLES -t mangle -A FORWARD -i eth2 -s 10.0.1.$ip -j MARK=20
=2D-set-mark 50${ip}2
done
=2D------------
So now I am able to make statistics per IP (lstat.sourceforge.net) and of=20
course - do some traffic shaping. i have used cbq.init and then i wrote thi=
s:
=2D------------
for ipek in `seq 50`; do
$TC class add dev eth2 parent 1: classid 1:10$ipek cbq bandwidth 100Mbit ra=
te=20
${USERDOWNLOAD}Kbit weight `echo
${USERDOWNLOAD} / 10 | bc`Kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt=
=20
1000 bounded
$TC qdisc add dev eth2 parent 1:10$ipek handle 10$ipek tbf rate=20
${USERDOWNLOAD}Kbit buffer 1Kb/8 limit 15Kb mt
u 1500
$TC filter add dev eth2 parent 1:0 protocol ip prio 200 handle 50${ipek}1 f=
w=20
classid 1:10${ipek}
done
=2D------------
everything works fine. users can download at rate max180Kbit or whatever ra=
te=20
want. but one user, as I see on graph and iptraf with filter on his ip -=20
downloads at rates >180Kbit (he gets even >40 Kbytes/s !)
i have made some tests. his packets are marked correctly because graphs wor=
k=20
fine. my scripts are written correctly too because other hosts cannot excee=
d=20
180Kbit bandwith when dowloading. i have tested it on my computer.
but why one host downloads faster? i have shutted off my tc script and used=
=20
cbq.init with sth like this:
DEVICE=3Deth2,100Mbit,10Mbit
RATE=3D80Kbit
WEIGHT=3D8Kbit
MARK=3D5091
PEAK=3D80Kbit
#RULE=3D10.0.1.9
and it doesn't work.
packets are marked correctly:
azazel mfw # iptables -t mangle -L FORWARD -vnx | grep 10.0.1.8
299 110603 MARK all -- * eth2 0.0.0.0/0 =20
10.0.1.8 MARK set 0x13d9
436 411375 MARK all -- eth2 * 10.0.1.8 =20
0.0.0.0/0 MARK set 0x13da
cbq stats looks like this:
azazel mfw # cbq stats
### eth0: queueing disciplines
qdisc pfifo_fast 0: [Unknown qdisc, optlen=3D20]
Sent 1034932 bytes 3090 pkts (dropped 0, overlimits 0)
### eth1: queueing disciplines
qdisc pfifo_fast 0: [Unknown qdisc, optlen=3D20]
Sent 44005 bytes 335 pkts (dropped 0, overlimits 0)
### eth2: queueing disciplines
qdisc cbq 1: rate 100Mbit (bounded,isolated) prio no-transmit
Sent 2869896 bytes 3850 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 62 undertime 0
### eth2: traffic classes
class cbq 1:1001 parent 1: rate 80Kbit (bounded) prio 5
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 2.26888e+06 undertime 0
class cbq 1: root rate 100Mbit (bounded,isolated) prio no-transmit
Sent 2872596 bytes 3862 pkts (dropped 0, overlimits 0)
borrowed 0 overactions 0 avgidle 54 undertime 0
### eth2: filtering rules
filter parent 1: protocol ip pref 200 fw
filter parent 1: protocol ip pref 200 fw handle 0x13e3 classid 1:1001
look at this!!
class cbq 1:1001 parent 1: rate 80Kbit (bounded) prio 5
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
iptraf show rate 51.6 kbytes/sec ..
and now when i comment MARK and uncomment RULE=3D10.0.1.9 all works GREAT!
traffic to host is shaped and iptraf shows rate 10 kbytes/sec=20
so.. WTF ?! cbq works with MARK on other hosts... but not on this one. he u=
ses=20
flashget or some p2p tool, iptraf shows about 300 connections and the numve=
r=20
increases slowly.
now im am trying hardener-r5 kernel and then i will try htb.init with MARK,=
=20
maybe this will help. and i can recompile iproute2.
=2D-=20
=2E: Jakub G=B3azik (zytek)
=2E: email:zytek@ostrow-wlkp.net
=2E: JID:zytek@azazel.ostrow-wlkp.net
=2E: http://www.misiaj.sie.pl [obsolete]