[111149] in North American Network Operators' Group
RE: Shaping on a large scale
daemon@ATHENA.MIT.EDU (Chris Caputo)
Fri Jan 30 14:54:09 2009
Date: Fri, 30 Jan 2009 19:54:00 +0000 (UTC)
To: "C. Jon Larsen" <jlarsen@richweb.com>
In-Reply-To: <alpine.DEB.1.10.0901301033160.6584@sisler.richweb.com>
From: Chris Caputo <ccaputo@alt.net>
Cc: Scott Berkman <scott.berkman@reignmaker.net>, nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Fri, 30 Jan 2009, C. Jon Larsen wrote:
> > Open source you can do a custom setup with IPTables and iproute2, but it
> > will take some work to get the same kind of features and management
> > interface. LARTC is a good reference for this kind of topic:
> > http://lartc.org/. Also I'm not sure if someone has built this into any
> > of the firewall specific linux distros yet, so you may want to explore
> > those a little.
>
> The scripts below will set max bandwidth on an interface to 60mbit, and setup
> a queue to shape a.b.c.d to 3Mbit. Seems to work ok for me. Its used on a
> physical server to limit bandwidth to a virtual server(s) on the physical
> server. Should work just as well on a dual-armed router/firewall shaping
> devices behind it. You would just create more classes (1:11, 1:12, etc) for
> more clients/ips to shape and you might want to knock the ceiling on the
> default (1:30) class down to guarantee the bandwidth to the 1:10,
> 1:11...classes.
>
> tc qdisc add dev eth0 root handle 1: htb default 30
>
> tc class add dev eth0 parent 1: classid 1:1 htb rate 60mbit burst 150k
> tc class add dev eth0 parent 1:1 classid 1:10 htb rate 3mbit burst 15k
> tc class add dev eth0 parent 1:1 classid 1:30 htb rate 1kbit ceil 60mbit burst
> 150k
>
> tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
> tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10
>
> ## limit a.b.c.d to 3mbit/sec:
> U32="tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32"
> $U32 match ip src a.b.c.d/32 flowid 1:10
> $U32 match ip dst a.b.c.d/32 flowid 1:10
>
> tc -s -d qdisc show dev eth0
tcng - Traffic Control Next Generation (http://tcng.sourceforge.net/)
provides a configuration language that abstracts the gnarliness above.
Chris
