[LARTC] Allocating 64 kbits/s out of 256 kbits/s for one LAN
behingfirewall (SOLVED)
Indunil Jayasooriya
indunil75 at gmail.com
Fri Aug 10 13:14:43 CEST 2007
Hi Paolo Malfatti,
Thanks for your script. It works fine.
I get what I expect.
THANK you all the way until it comes to an end.
FOR the benifit for evryone in the LIST.
HERE IS the SCRIPT AGAIN.
INTERFAZ_LAN=eth0
FULLBANDWIDTH=256
BANDWIDTH4LAN=64
tc qdisc del root dev $INTERFAZ_LAN
tc qdisc add dev $INTERFAZ_LAN root handle 1 htb r2q 4
tc class add dev $INTERFAZ_LAN parent 1: classid 1:2 htb rate
"$FULLBANDWIDTH"Kbit
tc class add dev $INTERFAZ_LAN parent 1: classid 1:5 htb rate
"$BANDWIDTH4LAN"Kbit
tc qdisc add dev $INTERFAZ_LAN parent 1:5 handle 5 sfq perturb 10
tc filter add dev $INTERFAZ_LAN parent 1:0 protocol ip prio 1 u32 match ip
dst 192.168.101.0/24 <http://192.168.102.0/24> classid 1:5
On 8/8/07, Pio Mendez <pio_mendez at hotmail.com> wrote:
>
> This script only shape the outgoing traffic (upload) in a NAT firewall. To
> shape the incoming traffic (downloads) there is a simpler script:
>
> INTERFAZ_LAN=eth0
>
> FULLBANDWIDTH=256
>
> BANDWIDTH4LAN=64
>
> tc qdisc del root dev $INTERFAZ_LAN
>
> tc qdisc add dev $INTERFAZ_LAN root handle 1 htb r2q 4
> tc class add dev $INTERFAZ_LAN parent 1: classid 1:2 htb rate
> "$FULLBANDWIDTH"Kbit
> tc class add dev $INTERFAZ_LAN parent 1: classid 1:5 htb rate
> "$BANDWIDTH4LAN"Kbit
> tc qdisc add dev $INTERFAZ_LAN parent 1:5 handle 5 sfq perturb 10
> tc filter add dev $INTERFAZ_LAN parent 1:0 protocol ip prio 1 u32 match ip
> dst 192.168.101.0/24 <http://192.168.102.0/24> classid 1:5
>
> Regards
>
> Paolo Malfatti
>
> PS: dont forget to put a "tc qdisc del root dev $INTERFAZ_INT" rule at
> the beginning of your previous script.
>
>
>
> ------------------------------
> From: *"Indunil Jayasooriya" <indunil75 at gmail.com>*
> To: *"Pio Mendez" <pio_mendez at hotmail.com>, lartc at mailman.ds9a.nl*
> Subject: *Re: [LARTC] Allocating 64 kbits/s out of 256 kbits/s for one
> LAN behingfirewall*
> Date: *Wed, 8 Aug 2007 12:30:59 +0530*
>
> Hi Paolo Malfatti,
>
>
> Thanks for your script. I tried it .
>
> But I still can not allocate 64 kbit for LAN. We have a 256 kbit link.
> We usually download around @ 30-33 kbytes per second. That means, when it
> comes to kbits, I will have to mulitple it in to 8 as
> 1kbps=8kbit .
>
> pls see below for usual download rate, before applying your rules.
>
> [root at worldnet wget]# wget http://mirrors.kernel.org/centos/5.0/isos/i386/CentOS-5.0-i386-bin-6of6.iso
>
>
> --12:16:27--
> http://mirrors.kernel.org/centos/5.0/isos/i386/CentOS-5.0-i386-bin-6of6.iso
> => `CentOS-5.0-i386-bin-6of6.iso.1
> '
> Resolving mirrors.kernel.org... 204.152.191.7, 204.152.191.39
> Connecting to mirrors.kernel.org|204.152.191.7|:80... connected.
> HTTP request sent, awaiting response... 200 OK
>
> Length: 407,005,184 (388M) [application/x-iso9660-image]
>
> 0%
> [
> ] 2,749,752 30.10K/s ETA 4:43:0
>
>
> Then, I applied your rules. pls see below
>
>
> INTERFAZ_INT=eth0
>
> FULLBANDWIDTH=256
>
> BANDWIDTH4LAN=64
>
> iptables -t mangle -A PREROUTING -s 192.168.101.0/24<http://192.168.102.0/24>-j MARK --set-mark 0x5
>
> tc qdisc add dev $INTERFAZ_INT root handle 1 htb r2q 4
> tc class add dev $INTERFAZ_INT parent 1: classid 1:2 htb rate
> "$FULLBANDWIDTH"Kbit
> tc class add dev $INTERFAZ_INT parent 1: classid 1:5 htb rate
> "$BANDWIDTH4LAN"Kbit
>
> tc qdisc add dev $INTERFAZ_INT parent 1:5 handle 5 sfq perturb 10
> tc filter add dev $INTERFAZ_INT protocol ip parent 1: pref 1 handle 5 fw
> classid 1:5
>
>
> Still no luck. after applying rules, I downloaded an centos ISO image. But
> , I still can download @ usual rate. (
> i.e 30-33 kbytes per seconds).
>
> If your rules work, I will be able to download @ about 8 kbyes per second.
> (i.e - 8*8 kbit= 64 kbit)
>
> That is what I expect ?
>
> Where have I gone wrong?
>
>
>
>
> On 8/7/07, Pio Mendez <pio_mendez at hotmail.com> wrote:
> >
> > >What is r2q ad 4 there ?. I do not understand those two.
> I recommend you to read this:
>
> > http://luxik.cdi.cz/~devik/qos/htb/
> > <http://luxik.cdi.cz/%7Edevik/qos/htb/>
> >
> > the r2q is a divisor used to calculate the quantum of htb (the amount
> of bytes that will be transmitted before serving another class: quantum =
> rate / r2q).
>
> >tc qdisc add dev $INTERFAZ_INT parent 1:5 handle 5 sfq perturb 10
> >What is this above rule?, I don not understand at all.
> a must: http://lartc.org/howto/lartc.qdisc.html
>
> The classes do shape of traffic, but you need a Queue manager to trasmit
> it (qdisc rule). Here you will find an example of HTB script:
> <http://lartc.org/howto/lartc.qdisc.classful.html#AEN1072>
> http://lartc.org/howto/lartc.qdisc.classful.html#AEN1072
>
> >tc filter add dev $INTERFAZ_INT protocol ip parent 1: pref 1 handle 10
> fw classid 1:5
> >I do not understand the above rule too.
>
> there is an error: the right filter rule is:
> tc filter add dev $INTERFAZ_INT protocol ip parent 1: pref 1 handle 5 fw
> classid 1:5
>
> The filter rule filter the traffic and send the mathing packets to the
> right class.
> The iptables MARK rule mark the traffic before the SNAT. Later, after all
> iptables processing, the packets are filtered by this rule; if some packet
> match the "handle 5" filter (packet marked with 5 by the iptables rule will
>
> match) then it will be shaped by htb class to 64kbps.
>
> Hope this will help
> Regards
> Paolo Malfatti
>
>
> ------------------------------
> MSN Amor Busca tu ½ naranja <http://g.msn.com/8HMAES/2740??PS=47575>
>
>
>
>
> --
> Thank you
> Indunil Jayasooriya
>
>
> ------------------------------
> Charla con tus amigos en línea mediante MSN Messenger: Haz clic aquí<http://g.msn.com/8HMBES/2728??PS=47575>
--
Thank you
Indunil Jayasooriya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20070810/ff7ee4c0/attachment.htm
More information about the LARTC
mailing list