[LARTC] Problems with HTB. Help!
Andrew Beverley
andy at andybev.com
Fri Feb 9 14:00:42 CET 2007
On Fri, 2007-02-09 at 20:52 +1100, tkb2766 wrote:
> > -----Original Message-----
> > From: lartc-bounces at mailman.ds9a.nl
> > [mailto:lartc-bounces at mailman.ds9a.nl] On Behalf Of Andrew Beverley
> > Sent: Friday, 9 February 2007 4:24
> > To: Anthony Kamau
> > Cc: 'LARTC'
> > Subject: RE: [LARTC] Problems with HTB. Help!
> >
> > Can you send your updated tc rules as well please?
> >
> > Andy
> >
>
> Here's the htbinit script:
> ************************************************************************
> #!/bin/bash
>
> # Whole purpose of this is to slow the P2P server down!
>
> ###################################
> # Reset everything to known state #
> ###################################
> tc qdisc del dev eth1 root
>
> ####################
> # Setup the links #
> ####################
> tc qdisc add dev eth1 parent root handle 2: htb default 13
>
> ###########################
> # Setup the root classes #
> ###########################
> tc class add dev eth1 parent 2: classid 2:1 htb rate 384kbit \
> ceil 384kbit
>
> ###########################
> # Setup the child classes #
> ###########################
> tc class add dev eth1 parent 2:1 classid 2:10 htb rate 224kbit \
> ceil 384kbit prio 0
> tc class add dev eth1 parent 2:1 classid 2:11 htb rate 100kbit \
> ceil 100kbit prio 1 burst 1024k
> tc class add dev eth1 parent 2:1 classid 2:12 htb rate 30kbit \
> ceil 30kbit prio 2
> tc class add dev eth1 parent 2:1 classid 2:13 htb rate 30kbit \
> ceil 30kbit prio 3 burst 1500
>
> #####################
> # Setup the filters #
> #####################
> # match acks the hard way,
> # IP protocol 6,
> # IP header length 0x5(32 bit words),
> # IP Total length 0x34 (ACK + 12 bytes of TCP options)
> # TCP ack set (bit 5, offset 33)
> ACK="tc filter add dev eth1 protocol ip parent 2:0 prio 0 u32"
> $ACK match ip protocol 6 0xff \
> match u8 0x05 0x0f at 0 \
> match u16 0x0000 0xffc0 at 2 \
> match u8 0x10 0xff at 33 \
> flowid 2:11
> U32="tc filter add dev eth1 protocol ip parent 2:0 u32"
> $U32 match ip src 192.168.200.130 flowid 2:10
> $U32 match ip src 192.168.200.140 flowid 2:10
> $U32 match ip src 192.168.200.147 flowid 2:10
> P2P="tc filter add dev eth1 parent 2:0 prio 2 protocol ip"
> #$P2P handle 1 fw flowid 2:12
>
> ####################################################
> # Setup the queue discipline for the child classes #
> ####################################################
> tc qdisc add dev eth1 parent 2:10 handle 10: sfq perturb 10
> tc qdisc add dev eth1 parent 2:11 handle 11: sfq perturb 10
> tc qdisc add dev eth1 parent 2:12 handle 12: sfq perturb 10
> **********************************************************************
>
> And here is the rule in the firewall that is marking the parkets:
> ************************************************************************
> $IPTABLES -t mangle -I FORWARD -s $P2PSRVR -i $LAN_IFACE -j MARK \
> --set-mark 1
> ************************************************************************
>
>
> Can you spot any issues with this?
>
> In the mean time, I'll try your classid method and if that works fine, then
> so be it from now on.
I see the problem. You're using a default of 13 so all unclassified
traffic goes to classid 13. All traffic from and to 192.168.200.163
falls into this category, and is therefore limited to 30 kbit.
I suggest changing your default to 10, removing the U32 rules to match
all the other hosts, and using -j CLASSIFY --set-class 2:13 on your
iptables rule (the current one based on MARK isn't used at the minute
anyway because there is no tc filter for it).
Hope this helps,
Andy Beverley
More information about the LARTC
mailing list