[OBORONA-SPAM] [LARTC] ppp+vpn+htb

Wed Apr 6 21:23:12 CEST 2005

On Wed, 6 Apr 2005 00:44:55 +0200
"mail.cat-net.co.yu" <hiphin at cat-net.co.yu> wrote:

> please, help, i have build vpn server (suse 9 + poptop), i have managed to implement tc htb in ip-up script, but every client has own ppp interface (ppp0, ppp1, ppp2...), and my idea is to share available bandwidth, not to limit connection, 
> 
> how to build root tc rule, when I have more then one interface?... please any one width experiance
> 
> regards

Few month ago I have such trable too. Now I subscribed to this mail list in hope to resolve problem :).
My workaround done in a following way:
1.Difference is that I use pptpd.
2.The idea is to drive all traffic to unlim on a dev eth0, except "gre 1723". The traffic I wish to control I classify as default!
3.The rules a here:

/sbin/tc qdisc del dev eth0 root
/sbin/tc qdisc add dev eth0 root handle 1 htb default 30 r2q 100

/sbin/tc class add dev eth0 parent 1: classid 1:2 htb rate 100Mbit burst 15K

/sbin/tc class add dev eth0 parent 1:2 classid 1:10 htb rate 50Mbit burst 5K prio 5
/sbin/tc qdisc add dev eth0 parent 1:10 handle 10 sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 80 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 110 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 110 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 25 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 139 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 139 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 137 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 137 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 138 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 138 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dport 445 0xffff classid 1:10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip sport 445 0xffff classid 1:10

/sbin/tc class add dev eth0 parent 1:2 classid 1:30 htb rate 200Kbit ceil 200Kbit prio 5
/sbin/tc qdisc add dev eth0 parent 1:30 handle 30 sfq perturb 10

/sbin/tc class add dev eth0 parent 1:30 classid 1:1010 htb rate 10Kbit ceil 80Kbit prio 5
/sbin/tc qdisc add dev eth0 parent 1:1010 handle 1010 sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dst 192.168.19.10 classid 1:1010

/sbin/tc class add dev eth0 parent 1:30 classid 1:1011 htb rate 10Kbit ceil 80Kbit prio 5
/sbin/tc qdisc add dev eth0 parent 1:1011 handle 1011 sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dst 192.168.19.11 classid 1:1011

/sbin/tc class add dev eth0 parent 1:30 classid 1:1012 htb rate 10Kbit ceil 80Kbit prio 5
/sbin/tc qdisc add dev eth0 parent 1:1012 handle 1012 sfq perturb 10
/sbin/tc filter add dev eth0 parent 1:0 protocol ip prio 100 u32 match ip dst 192.168.19.12 classid 1:1012
And so on.

This rules were compiled with help of shapecfg-2.2.12-15asp. Command - htb.

But all of this is wrong, only workaround.
Month of searching of ability to bridge (brctl), eql, teql etc. - bring nothing.
What I have to do :) - C, sources and compiler. I made little change to eql.c making this module only transparent transit device.
It's working... But I have some bugs, and now need help and testing. 

As I understood - qdisc and class can not apply to more then one device... Is it wrong?

Be free for asking more and feeding back.
And I am sorry if I have many mistakes in my English.

-- 
With best regards, Pan'ko Alexzender.
pankoAA at yandex.ru