[dundee] (P)Lee: TC again
Lee Hughes
toxicnaan at yahoo.co.uk
Sun Jan 20 15:43:53 GMT 2008
Traffic shaping is not black magic of any sorts, and when you get your head around it then it's easy.
However, you'll make rules to start off with, then find that applications on
your network are not well behaved , and do all sorts of weirds things, like
swapping ports, changing tos headers bits, and doing other packet mangling
that you would't expect.
Things to know.
You can only rate limit what you send, not what people send to you,
you can however drop traffic coming into you, but because we have
piss poor broadband here, you'll never be getting more that what you
internal fast ethernet switch can handle (100mb probably!). Also
our broadband asymertic, so you'll always exceed you upload cap
(small) to your download capacity (large)
the main aim is to stop any traffic from being interactive traffic buffered or dropped and bulk traffic (file downloads etc) from effecting interactive or other users
traffic.
if you say have a 512kb upload speed, and send 100 512byte packets in 1 second, then this 'burst' or spike, will be buffered inside the cable modem,
adsl router, as the queue grows, it will finally discard packets , and that's
bad, you then have packet loss.
Traffic shaping removes these spikes, and prioritizes traffic that you specify
This avoids any queuing in the modem. if your packets are being queued or drop
with your isp or internets, then you can't really do much to stop that, apart
from change isp ;-) hahahaa. Many ISP configure equipment to have
very large deep queue's as this can aide download speed tests, and as most
isp are rated from raw d/l speed, not other metrics like latency and gitter,
then they win (even thought the interactivity and latency of their networks sucks).
Queue Jumping.
Traffic the can skip ahead of the queue
TCP ack packets
loosing acks are bad, if you received data, you need to tell the other end you've
got it, else the other end will send it again. I always priortise ack packets.
Large Packets
Packets with sizes >512 bytes are usually always bulk UPLOADS packets like
bitorrent or ftp or http uploads.
Mark certian ports as high priority.
22, 80, or any other port that need interactive response. for games your
going to have to work out what ports are need etc etc.
your modem can only transmit one packet at a time, while it's being pumped
down the pipe, so 1500 bytes packets take much long to send down the
line than a 64byte packet. So, it's some times a good idea for smaller packets
(which are probably acks) to be place ahead of large packets. rember you
can probably send 10 64byte packets in the time it takes to send 150 byte packet. You can even tune the MTU of your link to a smaller value, say
512 to stop this blocking. only do this if you are uber elite packet hound,
and understand what mtu's are!! hahahahaha.
watch out for invisible isp traffic shaping, some isp's, when you exceed a
certain daily download limit will throttle your connection, this is hard
to detect, and will cause your d/l speed to goto hell. Some isp even
throttle upload speed. advice...get a new isp, and pay a bit extra for
better service.
you can always spilt upload bandwidth between users
if you 512kb/ upload say, you could allocate 128kb between four users.
this works well, as if your other users are out, then you get the full upload
capacity.
play around with it.........
traffic shaping can dramatically increase the effectiveness of networks,
I've seen over a 500 users sharing a 512kb up 2mb downline, with no
problems what so ever.
It's interesting to note that internet2 (10GBS links to all routers), only has
two queue's. Users mark their traffic as, guaranteed delivery or scavenger class. Apparently it works better then all of these crazy
complex qos scheme's. So as bandwidth increases , qos rules decrease ;-).
ahahhah... internet2 solves most problems , I think we'll probably see that
in public infrastructure in 2098. oh dear.
http://www.oreillynet.com/pub/a/network/2002/06/11/platform.html
http://www.llanito.net/Images/queue3.jpg
http://www.lightedge.com/images/qos.jpg
Kris Davidson <davidson.kris at gmail.com> wrote: Hopefully I'll be more help than last time
I've run Qos/Traffic Shaping stuff for about 4/5 years in various
places, had no problems with a variety of users and connection
settings.
I'm guess you've probablu done most of this already but just to be sure
Pulling the cable on each machine and not just the torrent user?
Tried connecting a client directly?
Checked to make sure theres no connection overflow stuff?,
particularly half-open connections
Confirmed it is a client issue and not an ISP or router issue (whether
PC or dedicated)
For quick and dirty tracking, I use the following (you might use this already)
iptables -N traffic_in
iptables -N traffic_out
iptables -I FORWARD 1 -j traffic_in
iptables -I FORWARD 2 -j traffic_out
iptables -A traffic_in -d x.x.x.x (New entry for each IP)
iptables -A traffic_out -s x.x.x.x (New entry for each IP)
iptables -L traffic_in -vn
iptables -L traffic_out -vn
Its gives me a count in size and packets, I usually do a reset then check.
Make sure your not prioritizing ACK or ICMP packets. and beyond that,
how are you classifying packets? IPP2P, L7 or port ranges. I've had
the most success with port ranges.
I think I remember your setup from last time but maybe you could
elaborate for the list again.
Kris
_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk
___________________________________________________________
---------------------------------
Yahoo! Answers - Get better answers from someone who knows. Tryit now.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20080120/96b619ca/attachment.html
More information about the dundee
mailing list