2002-07-07
Apachez: Corrected some linebreaks that the newsserver along with newsclient had included in 4).


From: apachez@home.se (Apachez)
Subject: Re: Traffic Shaping on 1.9.20
Newsgroups: floppyfw.general
Date: Fri, 14 Jun 2002 12:02:40 +0000 (UTC)
Organization: http://florian-amrhein.de/newsportal/

Alright here we go:

1) Create a floppy with floppyfw 1.9.20.

2) Place http://www.zelow.no/floppyfw/download/packages/tc/tc.bz2 (doesnt
seem to be kernel specific - its more busybox/libc specific) and
http://www.zelow.no/floppyfw/download/modules/2.4.18/tcmods.bz2 (is kernel
specific, so if you use other kernel than floppyfw (or like upgrade on
your own) you need to update these aswell) in directory a:\packages\ on
the floppy.

3) Edit file a:\modules.lst and place following info in the end of the
file:

#
# tc (trafficshaping) modules:
#
#cls_fw.o
#cls_route.o
#cls_rsvp.o
#cls_tcindex.o
cls_u32.o
sch_cbq.o
#sch_csz.o
#sch_dsmark.o
#sch_gred.o
#sch_ingress.o
sch_prio.o
#sch_red.o
sch_sfq.o
sch_tbf.o
#sch_teql.o

4) Edit file a:\firewall.init and place following info in the end of the
file:

#
# Rules for trafficshaping
#

echo
echo "Configuring trafficshaping."

#root
tc qdisc add dev ${INSIDE_DEVICE} root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8
tc qdisc add dev ${OUTSIDE_DEVICE} root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 cell 8

#root class
tc class add dev ${INSIDE_DEVICE} parent 1:0 classid 1:1 cbq bandwidth 100Mbit rate 7Mbit weight 700kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000
tc class add dev ${OUTSIDE_DEVICE} parent 1:0 classid 1:1 cbq bandwidth 100Mbit rate 7Mbit weight 700kbit prio 8 allot 1514 cell 8 maxburst 20 avpkt 1000

#2Mbit class: Server 1 (1:2)
tc class add dev ${INSIDE_DEVICE} parent 1:1 classid 1:2 cbq bandwidth 100Mbit rate 2Mbit weight 200kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded isolated
tc class add dev ${OUTSIDE_DEVICE} parent 1:1 classid 1:2 cbq bandwidth 100Mbit rate 2Mbit weight 200kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded isolated

tc qdisc add dev ${INSIDE_DEVICE} parent 1:2 tbf rate 2Mbit buffer 10Kb/8 limit 15Kb mtu 1500
tc qdisc add dev ${OUTSIDE_DEVICE} parent 1:2 tbf rate 2Mbit buffer 10Kb/8 limit 15Kb mtu 1500

tc filter add dev ${INSIDE_DEVICE} parent 1:0 protocol ip prio 100 u32 match ip dst 192.168.0.101 flowid 1:2
tc filter add dev ${OUTSIDE_DEVICE} parent 1:0 protocol ip prio 100 u32 match ip src 192.168.0.101 flowid 1:2

#5Mbit class: Server 2 (1:3)
tc class add dev ${INSIDE_DEVICE} parent 1:1 classid 1:3 cbq bandwidth 100Mbit rate 5Mbit weight 500kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded isolated
tc class add dev ${OUTSIDE_DEVICE} parent 1:1 classid 1:3 cbq bandwidth 100Mbit rate 5Mbit weight 500kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded isolated

tc qdisc add dev ${INSIDE_DEVICE} parent 1:3 tbf rate 5Mbit buffer 10Kb/8 limit 15Kb mtu 1500 tc qdisc add dev ${OUTSIDE_DEVICE} parent 1:3 tbf rate 5Mbit buffer 10Kb/8 limit 15Kb mtu 1500

tc filter add dev ${INSIDE_DEVICE} parent 1:0 protocol ip prio 100 u32 match ip dst 192.168.0.102 flowid 1:3
tc filter add dev ${OUTSIDE_DEVICE} parent 1:0 protocol ip prio 100 u32 match ip src 192.168.0.102 flowid 1:3

# List the trafficshaping rules
echo ---[${INSIDE_DEVICE}: configured classes ]---------------------------
>> $DEBUG_LOG
echo >> $DEBUG_LOG
tc class show dev ${INSIDE_DEVICE} >> $DEBUG_LOG
echo >> $DEBUG_LOG
echo ---[${INSIDE_DEVICE}: queueing disciplines ]-------------------------
>> $DEBUG_LOG
echo >> $DEBUG_LOG
tc qdisc show dev ${INSIDE_DEVICE} >> $DEBUG_LOG
echo >> $DEBUG_LOG


Done! :o)

Alright so how does all this mumbojumbo work ?

I wont explain the technology I will instead try to explain what each
value do in these lines (so you know what to change if needed).

I think part 1) and 2) is pretty obvious for you, first create the
diskette then place the needed files.

Now, step 3) comes the interresting parts. In here I have placed all
kernelmodules that are available for trafficshaping. There are more than
one way to do trafficshaping where I have choosen to limit the shaping per
ip-address. If you use other methods then mine you will have to
enable/disable the modules you need (disable in order to - why should a
module that isnt used be loaded in memory ? I like fast, slipstreamed
systems :-)

And now for the finally - where all the magic occurs, part 4).

I will split it up for all the comments that are in there.

#root
Here we are assigning the root where all the data will be passed through
(see this as the networkinterface). My method is class based. That means
that first we assign a group of classes and their relations to each other
and second we setup rules on which class to use when a specific network
package arrives to our system. The reason why I setup root on both
interfaces is that the shaping can only occur on the opposite interface.
In other terms, if you want to shape outgoing traffic you need to apply
the shaping rules on the outside interface - and vice versa.

Things that you might want to change: "bandwidth 100Mbit", this is the
speed the interface uses. If you use a 10Mbit nic/speed then write
"bandwidth 10Mbit" instead (this is so the shaping can do proper
calculations).

#root class
This is the first class that we setup and attach it to the device (#root).
Here I have setup a total limit of the shaping (I will shape a server that
will use max 2Mbit and one that will have 5Mbit, thats 7Mbit in total :-)
This is used to tell the shaping rules how much bandwidth we have to play
with because (due to configuration of each class lower down in the line)
we can configure if they should borrow bandwidth from its parent or not
aswell as if they should be able to loan its bandwidth to other children.

Things that you might want to change: "bandwidth 100Mbit" - same as in
#root, this is the speed of the network interface, "rate 7Mbit" this is
the total limit we will setup here, "weight 700kbit" this is always a
devider by 10 of the "rate" value. If you set rate to 5Mbit then weight
should be set to 500kbit.

#2Mbit class: Server 1 (1:2)
I will split this up in three blocks.
In the first block I create the 2Mbit class that will be limited to 2
Mbit. By using "bounded isolated" I have restricted it to not borrow
bandwidth from its parent aswell as not let other classes borrow bandwidth
from itself. For instance - this class have a limit of 2Mbit, nothing more
nothing less. Even if there are unused bandwidth it will not borrow that.
If you want it to borrow available bandidth (but max 2Mbit in total) from
its parent you need to change either "bounded" or "isolated" in both this
class aswell as in the parent class (see a more specific description in
"cbq.init" that can be found around the net).

The second block will set the technical description (qdisc) of this class
such as mtu size and buffer sizes. The only thing you might want to change
here is the mtu size if you are using a dialup connection. But since we
are using ethernet (with ddefautl package size of 1500) we will have the
value of 1500 here instead (dialup mtu is for instance often around 576 in
size).

The third and last block is the block that will tell the shaper what
packages to shape. Here I have setup a rule that says to shape things that
are going to 192.168.0.101 aswell as from the same ip.

Things you might want to change:
Block 1: "parent" if you want to assign another class as parent for this
one. "classid" if you want to change the classid for this class.
"bandwidth", "rate" and "weight" see #root class. "bounded" and "isolated"
(if its not "bounded" or "isolated" both values will be removed from this
line) see the description for "cbq.init" that can be found on various
places on the internet (use www.google.com or something in order to locate
it :-)
Block 2: If you change classid in block 1 you need to change "parent" in
this block aswell - otherwise it will point to wrong parent. "rate" see
description in #root class.
Block 3: "dst" and "src" regarding what client to shape. "flowid" tells
what class the package should flow through when arriving to the shaper.

#5Mbit class: Server 2 (1:3)
This is same as the 2Mbit class but we have changed classid,rate and
weight on the first block, parent and rate on the second block and flowid
and dst/src on the third block.

Things you might want to change: see above :-)

# List the trafficshaping rules
Will list the rules applied in the tty that you have defined as $DEBUG_LOG
in file a:\config. (If you choose tty4 the rules will be visible when you
press alt+f4 on the keyboard, tty3 is alt+f3 and so forth (but I think you
already know this :-)


Well - thats it, shaping in action :-)

If you have further questions or wonder something regarding this you can
either email me or better post the question in the same thread as this...



Erik Broer wrote:

> > I have successfully setup a floppyfw machine running trafficshaping...
> > when I got some time over from work i can "flood" the syntaxes and files
> > to use in here.
> That would be great!
> Have been waiting for busybox's sed to be fixed for some time now.
> This is needed to run the cbq.init script on floppyfw.
> No time here yet to make a simple init script that would work for everyone.

> Erik.