[ale] Shaping Problem

Phil Turmel philip at turmel.org
Thu Oct 31 17:58:20 EDT 2013 

Hi Chris,

On 10/31/2013 05:06 PM, Chris Fowler wrote:
> I'm running into an issue trying to limit an interface.
> 
> Here is the script I'm using:
> 
> https://dl.dropboxusercontent.com/u/2486826/shaping

This script is very odd.  I don't see how it can possibly do what its
comments claim.  A queuing discipline only shapes traffic that is
leaving an interface.  Ergo, you can't shape upload and download in the
same hierarchical token bucket.

In a router between LAN and internet, you can shape download traffic as
it leaves the router's LAN port, and shape upload traffic as it leaves
the router's WAN port.  Two separate HTBs on two separate interfaces.

> Status:
> 
> *Bandwidth shaping status for eth0:
> qdisc htb 1: r2q 10 default 30 direct_packets_stat 2043520
>  Sent 48035654356 bytes 75998560 pkt (dropped 237504, overlimits
> 20036234 requeues 0)
>  rate 0bit 0pps backlog 0b 0p requeues 0 *
> 
> Kernel Version:
> *
> 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:39:21 EDT 2009 i686 i686 i386
> GNU/Linux*
> 
> iperf test:
> *
> ------------------------------------------------------------
> Client connecting to support.opsdc.com, TCP port 9999
> TCP window size: 16.0 KByte (default)
> ------------------------------------------------------------
> [  3] local 65.254.219.7 port 60305 connected with 65.254.219.9 port 9999
> [ ID] Interval       Transfer     Bandwidth
> [  3]  0.0-10.3 sec  1.49 MBytes  1.21 Mbits/sec*
> 
> 
> The results are not what I was expecting.  I'm running into a problem
> where we are bursting at Peak 10 and I want to limit it via shaping.   I
> may have to put a piece of hardware there to physically do some sort of
> limiting.  I need to limit to total bandwidth in that rack to 1.5MBit.
> 
> Any suggestions?

Recent kernels can do neat things with the ingress qdisc and flow
mirroring to get the equivalent of an HTB on ingress.  I do this in my
office server to prioritize VOIP traffic for the asterisk process.  I'm
using kernel 3.11, though.  Slightly sanitized script attached.  I
suspect you can adapt it to your needs.

HTH,

Phil

-------------- next part --------------
#! /bin/bash
#

# Set up the ISP uplink to to hierarchical token bucket with
# one high priority class for real-time traffic, then one class
# feeding an fq_codel queuing discipline.

tc qdisc delete dev wan0 root &>/dev/null

tc qdisc replace dev wan0 root handle 1: htb default 99
tc class add dev wan0 parent 1: classid 1:1 htb rate 4000kbit burst 1000kbit
tc class add dev wan0 parent 1:1 classid 1:11 htb rate 500kbit ceil 4000kbit burst 1000kbit prio 1
tc class add dev wan0 parent 1:1 classid 1:99 htb rate 500kbit ceil 3500kbit burst 10kbit prio 2
tc qdisc add dev wan0 parent 1:99 handle 99: fq_codel noecn
tc filter add dev wan0 protocol ip parent 1: prio 1 u32 match ip tos 0xb8 0xfc flowid 1:11
tc filter add dev ifb0 protocol ip parent 1: prio 1 u32 match ip dst my.voip.provider flowid 1:11

# Set up the ISP downlink to hierarchical token bucket with
# one high priority class for real-time traffic, then one class
# feeding an fq_codel queuing discipline.  This is identical to the
# uplink shaper, but with larger bandwidth.  If the intermediate
# function block device doesn't exist, skip this shaping operation.

if ip link set dev ifb0 up &>/dev/null ; then
	tc qdisc delete dev ifb0 root &>/dev/null

	tc qdisc replace dev ifb0 root handle 1: htb default 99
	tc class add dev ifb0 parent 1: classid 1:1 htb rate 22000kbit burst 1000kbit
	tc class add dev ifb0 parent 1:1 classid 1:11 htb rate 1000kbit ceil 22000kbit burst 1000kbit prio 1
	tc class add dev ifb0 parent 1:1 classid 1:99 htb rate  500kbit ceil 21000kbit burst 10kbit prio 2
	tc qdisc add dev ifb0 parent 1:99 handle 99: fq_codel noecn
	tc filter add dev ifb0 protocol ip parent 1: prio 1 u32 match ip tos 0xb8 0xfc flowid 1:11
	tc filter add dev ifb0 protocol ip parent 1: prio 1 u32 match ip src my.voip.provider flowid 1:11

	# No traffic appears on the ifb device until the wan's ingress
	# queuing discipline is configured to redirect to the ifb shaper.
	tc qdisc delete dev wan0 ingress &>/dev/null
	tc qdisc add dev wan0 ingress
	tc filter add dev wan0 protocol ip parent ffff: prio 1 u32 \
		match u32 0 0 flowid 1:1 \
		action mirred egress redirect dev ifb0
fi

More information about the Ale mailing list