From: "Денис Черносов" <denis0.ru@gmail.com>
To: ALT Linux Community general discussions <community@lists.altlinux.org>
Subject: Re: [Comm] Как разделять узкую полосу пропускания для входящего трафика?
Date: Mon, 26 Jan 2009 17:25:13 +0400
Message-ID: <d77783290901260525g30c1d6ebw10d0b405e51a02c3@mail.gmail.com> (raw)
In-Reply-To: <m3d4ee8a1p.fsf@mrkooll.tdr.pibhe.com>
Что-то я туплю...
1) Добавил маркировку пакетов в mangle/PREROUTING. Если поставить
журналирование маркированных пакетов в filter/FORWARD, то видно, что
пакеты маркируются.
# cat /etc/net/ifaces/default/fw/iptables/mangle/PREROUTING
-i wan -p tcp -m tcp -m multiport --sports 443,25,110,143 -j MARK --set-mark 11
-i wan -p tcp -m tcp --sport 80 -j MARK --set-mark 12
...
# cat /etc/net/ifaces/default/fw/iptables/filter/FORWARD
-m mark --mark 11 -j LOG
-m mark --mark 12 -j LOG
...
# tail /var/log/messages
Jan 26 17:24:33 gate kernel: IN=wan OUT=lan SRC=81.177.9.109
DST=192.168.5.148 LEN=238 TOS=0x00 PREC=0x00 TTL=120 ID=16505 DF
PROTO=TCP SPT=443 DPT=3723 WINDOW=32430 RES=0x00 ACK PSH URGP=0
Jan 26 17:24:33 gate kernel: IN=wan OUT=lan SRC=217.74.44.32
DST=192.168.5.7 LEN=280 TOS=0x00 PREC=0x00 TTL=122 ID=22799 DF
PROTO=TCP SPT=443 DPT=5774 WINDOW=64453 RES=0x00 ACK PSH URGP=0
Jan 26 17:24:33 gate kernel: IN=wan OUT=lan SRC=81.177.9.109
DST=192.168.5.148 LEN=112 TOS=0x00 PREC=0x00 TTL=120 ID=18766 DF
PROTO=TCP SPT=443 DPT=3723 WINDOW=32430 RES=0x00 ACK PSH URGP=0
...
2) сделал три очереди (дефолтная 13):
# find /etc/net/ifaces/lan/
/etc/net/ifaces/lan/
/etc/net/ifaces/lan/qos
/etc/net/ifaces/lan/qos/1
/etc/net/ifaces/lan/qos/1/1
/etc/net/ifaces/lan/qos/1/1/13
/etc/net/ifaces/lan/qos/1/1/13/class
/etc/net/ifaces/lan/qos/1/1/extra
/etc/net/ifaces/lan/qos/1/1/class
/etc/net/ifaces/lan/qos/1/1/11
/etc/net/ifaces/lan/qos/1/1/11/class
/etc/net/ifaces/lan/qos/1/1/11/filter
/etc/net/ifaces/lan/qos/1/1/12
/etc/net/ifaces/lan/qos/1/1/12/class
/etc/net/ifaces/lan/qos/1/1/12/filter
/etc/net/ifaces/lan/qos/1/qdisc
/etc/net/ifaces/lan/ipv4address
/etc/net/ifaces/lan/options
# cat /etc/net/ifaces/lan/qos/1/qdisc
htb default 13
#cat /etc/net/ifaces/lan/qos/1/1/11/filter
protocol ip prio 1 handle 11 fw
Но пакеты попадают только в дефолтную очередь:
# eqos lan stat class
Interface is "lan"
Action is "stat"
"class" statistics on device lan:
class htb 1:11 parent 1:1 prio 0 quantum 1000 rate 64000bit ceil
100000Kbit burst 1631b/8 mpu 0b overhead 0b cburst 51599b/8 mpu 0b
overhead 0b level 0
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 208895 ctokens: 4227
class htb 1:1 root rate 100000Kbit ceil 100000Kbit burst 51599b/8 mpu
0b overhead 0b cburst 51599b/8 mpu 0b overhead 0b level 7
Sent 2700907 bytes 2419 pkt (dropped 0, overlimits 0 requeues 0)
rate 240136bit 26pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 4217 ctokens: 4217
class htb 1:13 parent 1:1 prio 0 quantum 200000 rate 100000Kbit ceil
100000Kbit burst 51599b/8 mpu 0b overhead 0b cburst 51599b/8 mpu 0b
overhead 0b level 0
Sent 2700907 bytes 2419 pkt (dropped 0, overlimits 0 requeues 0)
rate 234144bit 25pps backlog 0b 0p requeues 0
lended: 2419 borrowed: 0 giants: 0
tokens: 4217 ctokens: 4217
class htb 1:12 parent 1:1 prio 0 quantum 1000 rate 64000bit ceil
100000Kbit burst 1631b/8 mpu 0b overhead 0b cburst 51599b/8 mpu 0b
overhead 0b level 0
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 208895 ctokens: 4227
Что я не так делаю?
next prev parent reply other threads:[~2009-01-26 13:25 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-16 9:05 Денис Черносов
2009-01-18 10:14 ` Vasyuk_Maksim
2009-01-21 18:44 ` Maxim Tyurin
2009-01-22 13:35 ` Денис Черносов
2009-01-22 13:43 ` Maks Re
2009-01-22 13:56 ` Dmitriy Kruglikov
2009-01-22 15:55 ` Vasyuk_Maksim
2009-01-22 17:29 ` Maxim Tyurin
2009-01-23 6:51 ` Денис Черносов
2009-01-23 8:38 ` Maxim Tyurin
2009-01-23 9:34 ` Денис Черносов
2009-01-23 12:46 ` Maxim Tyurin
2009-01-26 13:25 ` Денис Черносов [this message]
2009-01-27 11:03 ` Денис Черносов
2009-01-28 9:57 ` Денис Черносов
2009-01-28 20:22 ` Maks Re
2009-01-29 6:35 ` Денис Черносов
2009-02-04 11:57 ` Денис Черносов
2009-01-22 16:01 ` Vasyuk_Maksim
2009-02-02 8:38 ` Alexey Borovskoy
2009-02-02 10:04 ` Денис Черносов
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d77783290901260525g30c1d6ebw10d0b405e51a02c3@mail.gmail.com \
--to=denis0.ru@gmail.com \
--cc=community@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git