On Fri, 2007-02-09 at 20:52 +1100, tkb2766 wrote:
> > -----Original Message-----
> > From: lartc-bounces@mailman.ds9a.nl
> > [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of Andrew Beverley
> > Sent: Friday, 9 February 2007 4:24
> > To: Anthony Kamau
> > Cc: 'LARTC'
> > Subject: RE: [LARTC] Problems with HTB. Help!
> >
> > Can you send your updated tc rules as well please?
> >
> > Andy
> >
>
> Here's the htbinit script:
> ************************************************************************
> #!/bin/bash
>
> # Whole purpose of this is to slow the P2P server down!
>
> ###################################
> # Reset everything to known state #
> ###################################
> tc qdisc del dev eth1 root
>
> ####################
> # Setup the links #
> ####################
> tc qdisc add dev eth1 parent root handle 2: htb default 13
>
> ###########################
> # Setup the root classes #
> ###########################
> tc class add dev eth1 parent 2: classid 2:1 htb rate 384kbit \
> ceil 384kbit
>
> ###########################
> # Setup the child classes #
> ###########################
> tc class add dev eth1 parent 2:1 classid 2:10 htb rate 224kbit \
> ceil 384kbit prio 0
> tc class add dev eth1 parent 2:1 classid 2:11 htb rate 100kbit \
> ceil 100kbit prio 1 burst 1024k
> tc class add dev eth1 parent 2:1 classid 2:12 htb rate 30kbit \
> ceil 30kbit prio 2
> tc class add dev eth1 parent 2:1 classid 2:13 htb rate 30kbit \
> ceil 30kbit prio 3 burst 1500
>
> #####################
> # Setup the filters #
> #####################
> # match acks the hard way,
> # IP protocol 6,
> # IP header length 0x5(32 bit words),
> # IP Total length 0x34 (ACK + 12 bytes of TCP options)
> # TCP ack set (bit 5, offset 33)
> ACK="tc filter add dev eth1 protocol ip parent 2:0 prio 0 u32"
> $ACK match ip protocol 6 0xff \
> match u8 0x05 0x0f at 0 \
> match u16 0x0000 0xffc0 at 2 \
> match u8 0x10 0xff at 33 \
> flowid 2:11
> U32="tc filter add dev eth1 protocol ip parent 2:0 u32"
> $U32 match ip src 192.168.200.130 flowid 2:10
> $U32 match ip src 192.168.200.140 flowid 2:10
> $U32 match ip src 192.168.200.147 flowid 2:10
> P2P="tc filter add dev eth1 parent 2:0 prio 2 protocol ip"
> #$P2P handle 1 fw flowid 2:12
>
> ####################################################
> # Setup the queue discipline for the child classes #
> ####################################################
> tc qdisc add dev eth1 parent 2:10 handle 10: sfq perturb 10
> tc qdisc add dev eth1 parent 2:11 handle 11: sfq perturb 10
> tc qdisc add dev eth1 parent 2:12 handle 12: sfq perturb 10
> **********************************************************************
>
> And here is the rule in the firewall that is marking the parkets:
> ************************************************************************
> $IPTABLES -t mangle -I FORWARD -s $P2PSRVR -i $LAN_IFACE -j MARK \
> --set-mark 1
> ************************************************************************
>
>
> Can you spot any issues with this?
>
> In the mean time, I'll try your classid method and if that works fine, then
> so be it from now on.
I see the problem. You're using a default of 13 so all unclassified
traffic goes to classid 13. All traffic from and to 192.168.200.163
falls into this category, and is therefore limited to 30 kbit.
I suggest changing your default to 10, removing the U32 rules to match
all the other hosts, and using -j CLASSIFY --set-class 2:13 on your
iptables rule (the current one based on MARK isn't used at the minute
anyway because there is no tc filter for it).
Hope this helps,
Andy Beverley
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
|