expanding my tc script to include prioritizing for TCP syn/ack/etc.
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
expanding my tc script to include prioritizing for TCP syn/ack/etc.
just looking for pointers or things i might be missing... i'm now trying to prioritize TCP traffic by header, mainly using prio & also some iptables classifying stuff. it actually seems to be working alright so far... to start off, i'm doing all of the shaping on the outbound interface of my router PC.
tc script relevant bits:
Code:
tc qdisc add dev external root handle 1: htb default 11
tc class add dev external parent 1: classid 1:1 htb rate 24mbit ceil 24mbit burst 8k
tc class add dev external parent 1:1 classid 1:10 htb rate 16mbit ceil 24mbit prio 1 burst 8k
tc class add dev external parent 1:1 classid 1:11 htb rate 6mbit ceil 24mbit prio 2 burst 8k
tc class add dev external parent 1:1 classid 1:12 htb rate 1mbit ceil 24mbit prio 3 burst 8k
tc class add dev external parent 1:1 classid 1:13 htb rate 1mbit ceil 5mbit prio 4 burst 8k
tc filter add dev external protocol ip parent 1: prio 1 u32 match ip sport 1194 0xffff flowid 1:10
tc qdisc add dev external parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev external parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev external parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev external parent 1:13 handle 13: sfq perturb 10
iptables:
Code:
*mangle
-N ack
-A ack -m tos ! --tos Normal-Service -j RETURN
-A ack -p tcp -m length --length 0:128 -j TOS --set-tos Minimize-Delay
-A ack -p tcp -m length --length 128: -j TOS --set-tos Maximize-Throughput
-A ack -j RETURN
-A POSTROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK ACK -j ack
-A POSTROUTING -o external -p tcp -m tos --tos Minimize-Delay -j CLASSIFY --set-class 1:10
-A POSTROUTING -o external -p icmp -j CLASSIFY --set-class 1:10
-A POSTROUTING -o external -p tcp --dport 80 -j CLASSIFY --set-class 1:10
-A POSTROUTING -o external -p tcp --dport 443 -j CLASSIFY --set-class 1:10
-A POSTROUTING -o external -p udp --dport 53 -j CLASSIFY --set-class 1:10
-A POSTROUTING -o external -s 172.16.16.15 -j CLASSIFY --set-class 1:12
-A POSTROUTING -o external -s 192.168.192.0/24 -j CLASSIFY --set-class 1:13
"iptables -t mangle -nvxL" definitely shows traffic across the various postrouting rules there...
one thing, i'm still working out how to retain those 1:12 and 1:13 classes; i was using it to set minimums for particular hosts/subnets. ever since adding this, i don't think these work anymore...
With iptables you can use -j LOG rules before or after changing aspects to check for example which subnets hit a filter or what modifications will be done. I wonder however how much performance increase you'll actually getting from prioritizing SYN/ACKs as they're small packets anyway and you can't control behavior of remote end points anyway... (Wrt network performance you may also want to look at Ethernet driver module options, mii/ethtool buffer/offload settings and 'net -related sysctls.)
I wonder however how much performance increase you'll actually getting from prioritizing SYN/ACKs as they're small packets anyway and you can't control behavior of remote end points anyway...
yeah, i don't think it would be drastic, but rather that performance would be more consistent.... i've followed this guide, which says that TCP streams will be more of an even flow...
yep, pretty much. also preventing active streams from increasing the latency, particularly when a client is uploading. i've actually done a crude test w/ping (that's why i put icmp in the iptables stuff), saturating the upload from 1 client and pinging out from another, and i'm getting pretty expected results.
without these rules:
Code:
64 bytes from 208.67.222.222: icmp_seq=1 ttl=54 time=123 ms
64 bytes from 208.67.222.222: icmp_seq=2 ttl=54 time=129 ms
64 bytes from 208.67.222.222: icmp_seq=3 ttl=54 time=130 ms
64 bytes from 208.67.222.222: icmp_seq=4 ttl=54 time=87.1 ms
64 bytes from 208.67.222.222: icmp_seq=5 ttl=54 time=92.2 ms
with them:
Code:
64 bytes from 208.67.222.222: icmp_seq=1 ttl=54 time=39.0 ms
64 bytes from 208.67.222.222: icmp_seq=2 ttl=54 time=33.3 ms
64 bytes from 208.67.222.222: icmp_seq=3 ttl=54 time=39.0 ms
64 bytes from 208.67.222.222: icmp_seq=4 ttl=54 time=35.2 ms
64 bytes from 208.67.222.222: icmp_seq=5 ttl=54 time=34.5 ms
so not exactly whale meat, but its an improvement... idk if this carries over to the TCP traffic tho
Sure, but that's by sending ICMP messages to a service that's mostly used with UDP. See if you can test it by for example having a select remote host (family, friends, school, work, public terminal) initiate (concurrent?) FTP transfers and see how that stacks up?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
