Hi,
I have a Linux server that has a VMware running on it. The Linux server is a gateway of office hosts.
VMware has running mail servers and they use bridged networking on /dev/vmnet0. Also, It passes VoIP traffic through "real" server (the Host).
So I needed to manage the traffic. I've made a script using tc but I've found that traffic from mail servers it seems is not matching:
tc -s -d class show dev eth1
class prio 1:1 parent 1:
class prio 1:2 parent 1: leaf 12:
class prio 1:3 parent 1:
class htb 12:1 root rate 9128Kbit ceil 9128Kbit burst 22820b/8 mpu 0b overhead 0b cburst 2740b/8 mpu 0b overhead 0b level 7
Sent 158070407 bytes 450433 pkt (dropped 0, overlimits 0 requeues 0)
rate 352232bit 122pps backlog 0b 0p requeues 0
lended: 4680 borrowed: 0 giants: 3034
tokens: 19902 ctokens: 2304
class htb 12:23 parent 12:1 prio 0 quantum 89100 rate 7128Kbit ceil 9128Kbit burst 2490b/8 mpu 0b overhead 0b cburst 2740b/8 mpu 0b overhead 0b level 0
Sent 158070407 bytes 450433 pkt (dropped 0, overlimits 0 requeues 0)
rate 352232bit 122pps backlog 0b 0p requeues 0
lended: 445753 borrowed: 4680 giants: 3024
tokens: 2670 ctokens: 2304
class htb 12:21 parent 12:1 prio 0 quantum 25000 rate 2000Kbit ceil 2000Kbit burst 1850b/8 mpu 0b overhead 0b cburst 1850b/8 mpu 0b overhead 0b level 0
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 7400 ctokens: 7400
the last class is from mail servers
and my tc script is:
Code:
PHYSICALBW_MBPS=10 # mbps
PHYSICALBW=$(( $PHYSICALBW_MBPS*1000000 )) # bps
CONTRACTBW_MBPS=10 # mbps
CONTRACTBW=$(( $CONTRACTBW_MBPS*1000000 )) # bps
CODEC=g711
CALLBW=87200 # bps
VOIPPACKETRATE=50
FRAMEINTERVAL_MS=$(( 1000/VOIPPACKETRATE )) # in miliseconds
CALLS=10
VOIPBW=$(( $CALLS*$CALLBW ))
NONVOIPBW=$(( $CONTRACTBW-($VOIPBW) ))
INTERVALCAPACITY=$(( $CONTRACTBW/$VOIPPACKETRATE/8 )) # bytes
INTERVALVOIPUSAGE=$(( $CALLS*$CALLBW/$VOIPPACKETRATE/8 )) # bytes
NONVOIPBURST=$(( $INTERVALCAPACITY-$INTERVALVOIPUSAGE ))
WORKNET=$WORKNET
ip route add MAIL_SERVER1/32 dev eth1 realm 20 #
ip route add MAIL_SERVER2/32 dev eth1 realm 20 #
ip route add MAIL_SERVER3/32 dev eth1 realm 20 #
ip route add VOIP_SERVER1/32 via GW dev eth1 realm 15 #
ip route add VOIP_SERVER2/32 via GW dev eth1 realm 15 #
SPECIALNET=$WORKNET
NONVOIPBW_IN_MAILING=0 # no reservamos
NONVOIPBW_IN_SPECIALS=0
NONVOIPBW_IN_WORK=$(( ($NONVOIPBW-$NONVOIPBW_IN_MAILING-$NONVOIPBW_IN_SPECIALS)/2 ))
NONVOIPBW_IN_REST=$(( $NONVOIPBW-$NONVOIPBW_IN_MAILING-$NONVOIPBW_IN_SPECIALS-$NONVOIPBW_IN_WORK ))
if [ $NONVOIPBW_IN_REST -lt 0 ]; then
exit
fi
NONVOIPBW_OUT_MAILING=2000000
NONVOIPBW_OUT_SPECIALS=0 # no resrvamos
NONVOIPBW_OUT_WORK=0 # no reservamos
NONVOIPBW_OUT_REST=$(( $NONVOIPBW-$NONVOIPBW_OUT_MAILING-$NONVOIPBW_OUT_SPECIALS-$NONVOIPBW_OUT_WORK ))
if [ $NONVOIPBW_OUT_REST -lt 0 ]; then
exit
fi
tell() {
CALLBW_KBPS=$(( CALLBW/1000 ))
VOIPBW_KBPS=$(( VOIPBW/1000 ))
NONVOIPBW_KBPS=$(( NONVOIPBW/1000 ))
NONVOIPBW_IN_MAILING_KBPS=$(( NONVOIPBW_IN_MAILING/1000 ))
NONVOIPBW_IN_SPECIALS_KBPS=$(( NONVOIPBW_IN_SPECIALS/1000 ))
NONVOIPBW_IN_WORK_KBPS=$(( NONVOIPBW_IN_WORK/1000 ))
NONVOIPBW_IN_REST_KBPS=$(( NONVOIPBW_IN_REST/1000 ))
NONVOIPBW_OUT_MAILING_KBPS=$(( NONVOIPBW_OUT_MAILING/1000 ))
NONVOIPBW_OUT_SPECIALS_KBPS=$(( NONVOIPBW_OUT_SPECIALS/1000 ))
NONVOIPBW_OUT_WORK_KBPS=$(( NONVOIPBW_OUT_WORK/1000 ))
NONVOIPBW_OUT_REST_KBPS=$(( NONVOIPBW_OUT_REST/1000 ))
}
tell
tc qdisc add dev eth1 ingress handle ffff:
tc filter add dev eth1 parent ffff: protocol ip prio 1 \
route from 15 \
flowid ffff:1
if [ $NONVOIPBW_IN_SPECIALS -gt 0 ]; then
tc filter add dev eth1 parent ffff: protocol ip prio 2 \
u32 match ip src $SPECIALNET \
police rate $NONVOIPBW_IN_SPECIALS burst 100kb drop \
flowid ffff:2
else
fi
if [ $NONVOIPBW_IN_MAILING -gt 0 ]; then
tc filter add dev eth1 parent ffff: protocol ip prio 3 \
route to 20 \
police rate $NONVOIPBW_IN_MAILING burst 100kb drop \
flowid ffff:3
else
fi
if [ $NONVOIPBW_IN_WORK -gt 0 ]; then
tc filter add dev eth1 parent ffff: protocol ip prio 4 \
u32 match ip src $WORKNET \
police rate $NONVOIPBW_IN_WORK burst 100kb drop \
flowid ffff:4
else
fi
tc filter add dev eth1 parent ffff: protocol ip prio 5 \
u32 match ip src 0.0.0.0/0 \
police rate $NONVOIPBW_IN_REST burst 100kb drop \
flowid ffff:5
tc qdisc add dev eth1 root handle 1:0 prio
tc filter add dev eth1 parent 1:0 protocol ip prio 1 \
route to 15 \
police rate $VOIPBW burst 100kb continue \
flowid 1:1
tc filter add dev eth1 parent 1:0 protocol ip prio 2 \
u32 match ip dst 0.0.0.0/0 \
flowid 1:2
tc qdisc add dev eth1 parent 1:2 handle 12: htb default 23
tc class add dev eth1 parent 12: classid 12:1 htb \
rate $NONVOIPBW ceil $NONVOIPBW burst $NONVOIPBURST
if [ $NONVOIPBW_OUT_SPECIALS -gt 0 ] ; then
tc class add dev eth1 parent 12:1 classid 12:20 htb \
rate $NONVOIPBW_OUT_SPECIALS ceil $NONVOIPBW
tc filter add dev eth1 parent 12:0 protocol ip prio 1 \
u32 match ip dst $SPECIALNET \
flowid 12:20
else
fi
if [ $NONVOIPBW_OUT_MAILING -gt 0 ] ; then
tc class add dev eth1 parent 12:1 classid 12:21 htb \
rate $NONVOIPBW_OUT_MAILING ceil $NONVOIPBW_OUT_MAILING # $NONVOIPBW
tc filter add dev eth1 parent 12:0 protocol ip prio 2 \
route from 20 \
flowid 12:21
else
fi
if [ $NONVOIPBW_OUT_WORK -gt 0 ] ; then
tc class add dev eth1 parent 12:1 classid 12:22 htb \
rate $NONVOIPBW_OUT_WORK ceil $NONVOIPBW
tc filter add dev eth1 parent 12:0 protocol ip prio 3 \
u32 match ip dst $WORKNET \
flowid 12:22
else
fi
tc class add dev eth1 parent 12:1 classid 12:23 htb \
rate $NONVOIPBW_OUT_REST ceil $NONVOIPBW
Please could you same what I am doing wrong?
Thanks in advance!
