[LARTC] Shaping the sum of incoming and outgoing traffic

Andy Furniss andy.furniss@dsl.pipex.com
Thu, 06 Jan 2005 13:51:05 +0000 

Jan Rovner wrote:
> Hello,
> 
> does anyone have a working solution for the shaping both incoming and
> outgoing traffic in such
> way, that for a given client the *sum* of incoming and outgoing traffic
> is somehow defined?
> 
> My ISP does the same thing, it gives me just a line of a defined rate,
> no matter the traffic
> direction (i.e. here is your line, the clock speed is 1024kbps, do what
> you want).
> 
> I'm a litte bit familiar with HTB, my download shaping works fine.
> However, I would like shape
> both incoming+outgoing traffic in a way that the sum of actual outgoing
> and incoming rates 
> of all my clients would be always below the ISP's line speed in order to
> shaping get working.
> 
> In other words, I would like to split the ISP's line into a bunch of
> hierarchical "virtual" lines
> with traffic borrowing etc. like HTB does for download, but with defined
> *total* rates (i.e. dear
> customer, here is your 128kbps line, do what you want).
> 
> What can I do with HTB is to shape incoming and traffic separately
> (somehow to virtually split 
> the line for upload/download with limited speeds), but this is not the
> way I would like it to be, since 
> would like to get the line used as effective as possible.
> 
> Maybe something like IMQ would work, but unfortunately I have found no
> example for
> that solution.
> 
> Any ideas?
> 
> Jan Rovner

I did this as a proof of concept a while ago, but never finished it. It 
works but I didn't prioritise empty acks so testing both ways with TCP 
will fall apart - but then it does on a full duplex connection. Remember 
it's a test and I can't even remember the detail so you will need to 
modify alot - INPUT/OUTPUT etc for real world.

Andy.


#set -x
IPTABLES=/usr/local/sbin/iptables
MODPROBE=/sbin/modprobe
IP=/usr/sbin/ip
TC=/usr/sbin/tc

$IPTABLES -t mangle -D INPUT -i eth0 -j MARK --set-mark 1  &> /dev/null
$IPTABLES -t mangle -D OUTPUT -o eth0 -j MARK --set-mark 2  &> /dev/null

$IPTABLES -t mangle -D POSTROUTING -m mark --mark 1 -j IMQ --todev 0 &> 
/dev/null
$IPTABLES -t mangle -D POSTROUTING -m mark --mark 2 -j IMQ --todev 0 &> 
/dev/null
$IP link set imq0 down &> /dev/null
$MODPROBE -r imq &> /dev/null

if [ "$1" = "stop" ]
then
         echo "stopping"
         exit
fi

$MODPROBE imq numdevs=1

$IPTABLES -t mangle -I INPUT -i eth0 -j MARK --set-mark 1
$IPTABLES -t mangle -I OUTPUT -o eth0 -j MARK --set-mark 2

$IPTABLES -t mangle -I POSTROUTING -m mark --mark 1 -j IMQ --todev 0
$IPTABLES -t mangle -I POSTROUTING -m mark --mark 2 -j IMQ --todev 0
$IP link set imq0 up

$TC qdisc add dev imq0 root handle 1:0 htb default 0

$TC class add dev imq0 parent 1:0 classid 1:1 htb rate 128kbit ceil 
128kbit burst 2k

#### down ####
$TC class add dev imq0 parent 1:1 classid 1:10 htb rate 64kbit ceil 128kbit
$TC filter add dev imq0 parent 1:0 prio 1  protocol ip handle 1 fw 
flowid 1:10

#### up ####
$TC class add dev imq0 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit
$TC filter add dev imq0 parent 1:0 prio 1  protocol ip handle 2 fw 
flowid 1:20