[MLB-WIRELESS] Rate shaping using HTB and SFQ
Steven Haigh
netwiz at crc.id.au
Mon Dec 12 12:35:58 EST 2005
HI all,
This is slightly OT, but could be very handy for traffic flows on
wireless interfaces... I'm using it on ppp0 which is my DSL link to
my ISP, however it could very easily be changed to use a wifi
interface... The problem I am having is that the classifications that
I am setting via iptables don't seem to be hitting the actual leaf
for shaping - meaning it doesn't get it's guaranteed bandwidth.
The commands:
$TC qdisc add dev $INTERFACE root handle 1: htb default 70
$TC class add dev $INTERFACE parent 1: classid 1:1 htb rate
256kbit
$TC class add dev $INTERFACE parent 1:1 classid 1:10 htb
rate 128kbit ceil 256kbit prio 0
$TC class add dev $INTERFACE parent 1:1 classid 1:20 htb
rate 64kbit ceil 256kbit prio 1
$TC class add dev $INTERFACE parent 1:1 classid 1:30 htb
rate 40kbit ceil 256kbit prio 2
$TC class add dev $INTERFACE parent 1:1 classid 1:40 htb
rate 22kbit ceil 256kbit prio 3
$TC class add dev $INTERFACE parent 1:1 classid 1:50 htb
rate 20kbit ceil 256kbit prio 4
$TC class add dev $INTERFACE parent 1:1 classid 1:60 htb
rate 18kbit ceil 256kbit prio 5
$TC class add dev $INTERFACE parent 1:1 classid 1:70 htb
rate 10kbit ceil 256kbit prio 6
$TC qdisc add dev $INTERFACE parent 1:10 handle 10: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:20 handle 20: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:30 handle 30: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:40 handle 40: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:50 handle 50: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:60 handle 60: sfq
perturb 10
$TC qdisc add dev $INTERFACE parent 1:70 handle 70: sfq
perturb 10
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 0
handle 10 fw flowid 1:10
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 1
handle 20 fw flowid 1:20
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 2
handle 30 fw flowid 1:30
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 3
handle 40 fw flowid 1:40
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 4
handle 50 fw flowid 1:50
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 5
handle 60 fw flowid 1:60
$TC filter add dev $INTERFACE parent 1:0 protocol ip prio 6
handle 70 fw flowid 1:70
What we do here is create a root class with an ID of 1:0 - then we
create sub classes of that with various guaranteed bandwidth amounts
(128kbit, 64kbit, 40kbit, 22kbit, 20kbit, 18kbit, and 10kbit) of
various priorities (0 is highest, 6 is lowest). We have the specified
kbit amount as a minimum, however if nothing of a higher priority
exists, then it can take up to the highest speed specified (in the
root class) which in my case is 256kbit.
We then use iptables to mark packets to match the various classes:
# Catch all the small stuff... SYN/ACK/etc
$IPTABLES -t mangle -I OUTPUT -p tcp -m length --length :64 -
o $INTERFACE -j CLASSIFY --set-class 1:10
$IPTABLES -t mangle -I FORWARD -p tcp -m length --length :64
-o $INTERFACE -j CLASSIFY --set-class 1:10
# VoIP Stuff rated min 64kbit to max 256kbit
$IPTABLES -t mangle -A FORWARD -p udp --dport 5060 -o
$INTERFACE -j CLASSIFY --set-class 1:20
$IPTABLES -t mangle -A FORWARD -p udp --dport 10000:20000 -o
$INTERFACE -j CLASSIFY --set-class 1:20
# Outgoing mail gets minimum 40kbit if needed.
$IPTABLES -t mangle -A OUTPUT -p tcp --dport 25 -o
$INTERFACE -j CLASSIFY --set-class 1:30
# Catchall to lowest
$IPTABLES -t mangle -A OUTPUT -o $INTERFACE -j CLASSIFY --
set-class 1:70
$IPTABLES -t mangle -A FORWARD -o $INTERFACE -j CLASSIFY --
set-class 1:70
Now this part doesn't seem to be working - as I can see the
classifications matching via iptables:
# iptables -t mangle -L -n -v
Chain FORWARD (policy ACCEPT 51745 packets, 13M bytes)
pkts bytes target prot opt in out source
destination
155 7380 CLASSIFY tcp -- * ppp0 0.0.0.0/0
0.0.0.0/0 length 0:64 CLASSIFY set 1:10
54 31992 CLASSIFY udp -- * ppp0 0.0.0.0/0
0.0.0.0/0 udp dpt:5060 CLASSIFY set 1:20
0 0 CLASSIFY udp -- * ppp0 0.0.0.0/0
0.0.0.0/0 udp dpts:10000:20000 CLASSIFY set 1:20
356 82776 CLASSIFY all -- * ppp0 0.0.0.0/0
0.0.0.0/0 CLASSIFY set 1:70
Chain INPUT (policy ACCEPT 55467 packets, 8606K bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 59199 packets, 12M bytes)
pkts bytes target prot opt in out source
destination
113 5660 CLASSIFY tcp -- * ppp0 0.0.0.0/0
0.0.0.0/0 length 0:64 CLASSIFY set 1:10
0 0 CLASSIFY tcp -- * ppp0 0.0.0.0/0
0.0.0.0/0 tcp dpt:25 CLASSIFY set 1:30
231 34802 CLASSIFY all -- * ppp0 0.0.0.0/0
0.0.0.0/0 CLASSIFY set 1:70
HOWEVER, it is not matching the actual classes:
# tc -s qdisc show dev ppp0
qdisc htb 1: r2q 10 default 70 direct_packets_stat 0
Sent 145439 bytes 798 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 10: parent 1:10 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 20: parent 1:20 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 30: parent 1:30 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 40: parent 1:40 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 50: parent 1:50 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 60: parent 1:60 limit 128p quantum 1492b perturb 10sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 70: parent 1:70 limit 128p quantum 1492b perturb 10sec
Sent 145439 bytes 798 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
As you can see above, there are - bytes hitting any other classes -
so the only class getting used is 1:70 - which is out catchall non-
priority, lowest guaranteed throughput...
Can anyone shed some light on what I've missed on this?
--
Steven Haigh
Email: netwiz at crc.id.au
Web: http://www.crc.id.au
Phone: (03) 9017 0597 - 0412 935 897
More information about the Melbwireless
mailing list