Best internet traffic shaping for small lan

zatys · 02-13-2006, 03:06 AM

I'm admin of 50 clients. Sometimes I upgrading my internet traffic shaping script. I think rules of inetrnet traffic
shaping is very important thing! I would like to ask some help from people, who understand something about
SQUID ZPH and TC, to aim beter internet traffic shaping scripts.

Squid has ZPH suport, becouse its responds to such commands as:

Quote:

zph_tos_local 8
zph_tos_peer 0
zph_tos_parent off

Next 2 comands SQUID is not responding ( I think it's becouse of KERNEL..). As I readed about it on ZPH site, I think
those 2 comands are not valued for my idea.

Quote:

zph_preserve_miss_tos on
zph_preserve_miss_tos_mask 255

With help of TC I tried to configurate flow of SQUID packets, but I failed. I want with TC configurate eth0(lan) SQUID
packets exept SQUID CACHE packet. I asking Your help!!! How must look like the TC script, wich could control all clients
speed to internet?

ZPH shapes I want to use with my IPShapig script. 1IP could get limit KB/S + SQUID CACHE. My IPShaping script controls
every IP adress kbit/sec exept traffic to server:

Quote:

#!/bin/bash
TC=/sbin/tc
HOSTS_LIST="192.168.1.3 192.168.1.4 192.168.1.5 192.168.1.6 192.168.1.7 192.168.1.8 192.168.1.9 192.168.1.10 192.168.1.11...
DEV=eth0 # ethLAN
IMQ=imq0 # --todev 0
NM=17
DN_BANDWIDTH=760Kbit #
DN=105Kbit
DN_RATE=70Kbit

UP_BANDWIDTH=600Kbit #
UP=70Kbit
UP_RATE=50Kbit

$TC qdisc add dev $DEV root handle 1: htb #default 50
$TC class add dev $DEV parent 1: classid 1:1 htb rate ${DN_BANDWIDTH} quantum 1500
iptables -t mangle -N DN_SHAPING

ip link set $IMQ up
$TC qdisc add dev $IMQ root handle 1: htb
$TC class add dev $IMQ parent 1: classid 1:1 htb rate ${UP_BANDWIDTH} quantum 1500
iptables -t mangle -N UP_SHAPING

for i in $HOSTS_LIST
do
IP=$(echo $i | awk -F '.' '{print $4}')

# Download MARK
tc class add dev $DEV parent 1:1 classid 1:$NM$IP htb rate ${DN_RATE} ceil ${DN} prio 0 quantum 1500
tc qdisc add dev $DEV parent 1:$NM$IP handle $NM$IP: sfq perturb 6
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle $NM$IP fw flowid 1:$NM$IP

tc class add dev $IMQ parent 1:1 classid 1:$NM$IP htb rate ${UP_RATE} ceil ${UP} prio 0 quantum 1500
tc qdisc add dev $IMQ parent 1:$NM$IP handle $NM$IP: sfq perturb 6
tc filter add dev $IMQ parent 1:0 prio 0 protocol ip handle $NM$IP fw flowid 1:$NM$IP

iptables -t mangle -A DN_SHAPING -s ! 192.168.1.2 -d $i -j MARK --set-mark $NM$IP
iptables -t mangle -A UP_SHAPING -s $i -d ! 192.168.1.2 -j MARK --set-mark $NM$IP
done

iptables -t mangle -I POSTROUTING -o $DEV -j DN_SHAPING
iptables -t mangle -I PREROUTING -i $DEV -j UP_SHAPING
iptables -t mangle -A UP_SHAPING -j IMQ --todev 0

===================================
2.If in one time 3 IP adresses using internet. TC script:

Quote:

tc qdisc add dev $DEV root handle 1: htb default 255
tc class add dev $DEV parent 1: classid 1:1 htb rate 384Kbit quantum 1500

tc class add dev $DEV parent 1:1 classid 1:20 htb rate 128Kbit ceil 384Kbit prio 0 quantum 1500
tc class add dev $DEV parent 1:1 classid 1:21 htb rate 128Kbit ceil 384Kbit prio 0 quantum 1500
tc class add dev $DEV parent 1:1 classid 1:22 htb rate 128Kbit ceil 384Kbit prio 0 quantum 1500

tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 6
tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 6
tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 6

tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22

iptables -t mangle -I POSTROUTING -o $DEV -s ! $SERVER_IP -d 192.168.1.20 -j MARK --set-mark 20
iptables -t mangle -I POSTROUTING -o $DEV -s ! $SERVER_IP -d 192.168.1.21 -j MARK --set-mark 21
iptables -t mangle -I POSTROUTING -o $DEV -s ! $SERVER_IP -d 192.168.1.22 -j MARK --set-mark 22

If we swiched on 2 PC's (192.168.1.20 & 192.168.1.21) many p2p programs, FTP with many conections, and on 3d PC
(192.168.1.22) FTP downloading with one conection. then 3d PC getin less than 128kbit. If i want that all 3 PC's get
NOT LESS than 128kbit, what should I do with my script?

If I could solve this BIG problem, than I could use it with my IPShaping script and user at night, when flow is free, he could get
all internet speed.

Sorry for bad speling!