[LARTC] HTB + IMQ + IPtables marking.

Thu May 19 08:07:56 CEST 2005

1.
 lines:
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.1.0/24 -j MARK
--set-mark 10
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.2.0/24 -j MARK
--set-mark 20
 should be in this order:
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.1.0/24 -j MARK
--set-mark 10
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.2.0/24 -j MARK
--set-mark 20
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
/usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
 3. performance fix
/sbin/tc class add dev imq1 parent 2: classid 2:1 htb rate 768Kbit
doesnt have CEIL defined? it has to have it defined so your modem wont queue 
packets, making your latency go to meet the sky :-) set it to 90-95% of the 
bandwidth your modem can do
 /sbin/tc class add dev imq1 parent 2: classid 2:1 htb rate 768Kbit ceil 
1000kbit
 4. performance fix
put some leaf qdisc like SFQ.
/sbin/tc qdisc add sfq parent id 2:20 handle 20 : sfq perturb 10
 5. performance fix
in the classes 2:10 and 2:20 you're using only 256kbit of RATE. change it so 
their sum is the rate of their parent. 
 On 5/18/05, Rio Martin. <rio at martin.mu> wrote: 
> 
> Folks,
> I'm so surprised what happened to my box just in the few weeks lately.
> Here is my setup:
> 
> INTERNET <----------> [eth0] SHAPER-BOX [eth1] <----------> USER-FARM
> both eth0 & eth1 got public ips (202.x.x.x)
> 
> Why traffic monitored at eth0 is bigger than eth1 ?
> eth1 shaped just exactly the same as rate i defined in HTB.
> 
> I just have 1024Kbps from my ISP and i defined the total parent rate for
> 768Kbps. But what happened is the traffic monitored at eth0 almost all the
> time eating all the bandwidth we have.
> 
> # DOWNSTREAM 768Kbps
> /sbin/ip link set imq1 up
> /sbin/tc qdisc add dev imq1 root handle 2: htb default 0
> /sbin/tc class add dev imq1 parent 2: classid 2:1 htb rate 768Kbit
> /sbin/tc class add dev imq1 parent 2:1 classid 2:10 htb rate 128kbit ceil
> 768kbit
> /sbin/tc class add dev imq1 parent 2:1 classid 2:20 htb rate 128kbit ceil
> 768kbit
> /sbin/tc filter add dev imq1 parent 2: protocol ip handle 10 fw classid 
> 2:10
> /sbin/tc filter add dev imq1 parent 2: protocol ip handle 20 fw classid 
> 2:20
> /usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
> /usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 1
> 
> /usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.1.0/24 -j MARK
> --set-mark 10
> /usr/sbin/iptables -t mangle -A PREROUTING -i eth0 -d 202.x.2.0/24 -j MARK
> --set-mark 20
> 
> Please help me analyze whats wrong.
> Thank you.
> 
> Regards,
> Rio Martin.
> _______________________________________________
> LARTC mailing list
> LARTC at mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> 


-- 
Miłego Dnia
Krystian Antoni
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20050519/b0f776ba/attachment.htm