Trafic Managment on the Ubuntu Server 8.04 HOW TO?

loopdemack · 11-01-2008, 07:15 PM

I need help, how to set traffic management on the ubuntu server with the real life situation.

For example, I would like to set the lowest priority or the "Best-Effort Traffic" for the ports in the range from 35000-37000 only on the TX(transmit) and I would like that same port range has normal priority on the RX(receive),
and I would like to set the highest possible priority for the port range of 60000-61000 for the TX(transmit).

And one more thing, is it possible to set the maximum cumulative speed for one port range , like for the port range 15000-16000 I would like to set the maximal cumulative speed of 2000kb/s on the TX and 3000kb/s on the RX.
I mean calculated speed from those port range like no matter how many connections on that port range operate, I want that those ports speed were calculated and shaped and limited to speed for example 2mb/s on the TX and 3mb/s on the RX.

I think that tutorial would be extremely good which would cover this real life situation

esaym · 11-02-2008, 04:32 PM

QOS is pretty much a black art. Everybody is going to do it differently.

Most of the time it is best to install shaping tools on the default gateway of the network.

These are some tools that I know of:

http://www.mastershaper.org/index.php/Main_Page (I messed with it some, gui was hard to figure out.)
http://packages.debian.org/lenny/wondershaper (I used to use this a long time ago)
A modified wondershaper: http://astlinux.svn.sourceforge.net/...oute2/astshape

Also I like the tomato firmware for the linksys wrt54g routers: http://www.polarcloud.com/tomato It has a nice qos set up.

For the last 6 years I have used smoothwall as my gateway for my network and I use the qos mod for it: http://community.smoothwall.org/foru...p?f=16&t=22556

IMO the best practice is to set a default low priority class. The default class is the class that all unclassified traffic will go to. Set that the lowest priority and then from there you can pull out ports and protocols and give them higher priority. For example give UDP and IMCP protocol priority 1 and give source/destination ports 54 80 and 443 priority 2 and give source destination ports 21 22 25 110 priority 3 etc....

Shaping incoming traffic is hard to find tools that support that.

To really understand how all this works, you need to spend about 2 weeks reading everything here: http://www.google.com/search?source=...=Google+Search

Heh, have fun

loopdemack · 11-02-2008, 05:05 PM

Hello, tnx on the answer, but as I explained I need advanced qos answer, I know about wonder shaper and master shaper I have them in my lab installed,
but I need this specific situation,
I dont want to set standard way's of the priorities, like priority for dns 53, or ssh , or 80 http, or 443 https, as I explained I want to set the range of ports with one line if its possible, and I want to work with the cumulative speed on the range of ports and I want to set the upper floor speed for the range of ports.
I dont want to set speed or priority for the one port or I dont want to set the priority for the one ip, I want to set priority for the all ip's under the specific range of ports. The major worries is the cumulative calculation of the speed and the activity distribution by ip and bandwidth allocation for the ip's in that specific range.
I saw some good configurations on the Mikrotik, and I like them, and I need to set similar thing on the ubuntu if its possible.

One more thing this is the server platform, I'm not physically present, network is done trough Cisco power cluster router, I dont have access to the router, and I dont want to set the priorities on the router level, I want to set priorities on the OS level, and I cant put the smoothwall which I would like, I have similar system at my home.

Because of that I asked for something that I cant find anywhere on the google or some ubuntu places, maybe this kind of advanced shaping which I need, isn't possible on the Ubuntu.

esaym · 11-03-2008, 07:35 AM

Quote:

Originally Posted by loopdemack

Hello, tnx on the answer, but as I explained I need advanced qos answer, I know about wonder shaper and master shaper I have them in my lab installed,
but I need this specific situation,
I dont want to set standard way's of the priorities, like priority for dns 53, or ssh , or 80 http, or 443 https, as I explained I want to set the range of ports with one line if its possible, and I want to work with the cumulative speed on the range of ports and I want to set the upper floor speed for the range of ports.
I dont want to set speed or priority for the one port or I dont want to set the priority for the one ip, I want to set priority for the all ip's under the specific range of ports. The major worries is the cumulative calculation of the speed and the activity distribution by ip and bandwidth allocation for the ip's in that specific range.
I saw some good configurations on the Mikrotik, and I like them, and I need to set similar thing on the ubuntu if its possible.

One more thing this is the server platform, I'm not physically present, network is done trough Cisco power cluster router, I dont have access to the router, and I dont want to set the priorities on the router level, I want to set priorities on the OS level, and I cant put the smoothwall which I would like, I have similar system at my home.

Because of that I asked for something that I cant find anywhere on the google or some ubuntu places, maybe this kind of advanced shaping which I need, isn't possible on the Ubuntu.

All that can be done with wondershaper. It is very easy to modify. The problem you will run into is shaping RX traffic. You can only shape traffic that you are uploading. There is a incoming rate policer but that drops packets of all traffic that is coming in over a set rate

loopdemack · 11-03-2008, 03:53 PM

Ok, could you get me an example because I cant get from the wondershaper the concept that I explained.

Ok lets do only the shaping for the outgoing traffic.

Show me trough an example how to limit one range of ports.

For example ports from 10000-15000 max allowed outgoing traffic 3125kb/s or 25Mbit/s from the actual 100mbit link.

But in the fashion that if there is a traffic of 3125kb/s on the port 10001 at the first second and if on the port 10002 at the second 2 we have the new connection with the new traffic of 3125kb/s, that shaper automatically shape the speed on both ports to cumulative speed of 3125kb/s divided by two , or 2x1562.5kb/s.
Or if on 10 ports you have 10 request for maximal speed that the speed is divided on the 10 portions, or 100 or 1000.
But limit of 3125kb/s is not the actual maximal bandwidth this is just the capped bandwidth for that range.
That's what I need.
And of course if you want to help me with the example, please also include the qos value of the lowest priority for that range 10000-15000.

Lets see what you had in mind.

esaym · 11-06-2008, 11:08 PM

Quote:

Originally Posted by loopdemack

Ok, could you get me an example because I cant get from the wondershaper the concept that I explained.

Ok lets do only the shaping for the outgoing traffic.

Show me trough an example how to limit one range of ports.

For example ports from 10000-15000 max allowed outgoing traffic 3125kb/s or 25Mbit/s from the actual 100mbit link.

But in the fashion that if there is a traffic of 3125kb/s on the port 10001 at the first second and if on the port 10002 at the second 2 we have the new connection with the new traffic of 3125kb/s, that shaper automatically shape the speed on both ports to cumulative speed of 3125kb/s divided by two , or 2x1562.5kb/s.
Or if on 10 ports you have 10 request for maximal speed that the speed is divided on the 10 portions, or 100 or 1000.
But limit of 3125kb/s is not the actual maximal bandwidth this is just the capped bandwidth for that range.
That's what I need.
And of course if you want to help me with the example, please also include the qos value of the lowest priority for that range 10000-15000.

Lets see what you had in mind.

If I follow, you are just wanting bandwidth equally shared on ports 10,000-15,000? Then just make a class for ports 10000:15000 with what ever priority you want and the rate that it is given will be shared.

This is the actual script that I used to use:

It uses htb which has the ceiling and rate parameters. Ceiling is the max speed that a class can get and the rate is the max that it will get when a class with a higher priority starts to use traffic.

Code:

#! /bin/sh

if [ "$1" = "status" ] ; then tc -s qdisc ls dev eth0 ; exit 0 ; fi

IP="/sbin/ip"
TC="/sbin/tc"
IPT="/sbin/iptables"

IFACE_NET="eth0"

## These are numbers in kilobytes per second
UPSTREAM_TOTAL="28"
## These should add up to _TOTAL
UPSTREAM_ULTRAHI="12"
UPSTREAM_HI="9"
UPSTREAM_MED="5"
UPSTREAM_MEDLO="1"
UPSTREAM_LO="1"


## Interface Maximum Transmission Unit
MTU_NET="1500"

PORTS_HI="25 80 53 110"
PORTS_MED="22 222 23 20 21 411 2083 6666 15111 15112 15113"
PORTS_MEDLO="1214 2234 5534 4660 4661 4662 4663 4664 4665 4666 4667 4668 4669 4670 4671 4672 4673 4674 4675 4676 4677 4678 4679 4962 5662 5555 5672 33333 33334 33340 33341 44000 44001"

###############################################################################

## Delete old rules
${TC} qdisc del dev ${IFACE_NET} root

## Set MTU
${IP} link set dev ${IFACE_NET} mtu ${MTU_NET}

## Set queue size
${IP} link set dev ${IFACE_NET} qlen 2

## Create root queue discipline
${TC} qdisc add dev ${IFACE_NET} root handle 1:0 htb default 14

## Create root class
${TC} class add dev ${IFACE_NET} parent 1:0 classid 1:1 htb rate ${UPSTREAM_TOTAL}kbps

## Create leaf classes where packets will actually be classified
${TC} class add dev ${IFACE_NET} parent 1:1 classid 1:10 htb prio 0 rate ${UPSTREAM_ULTRAHI}kbps ceil ${UPSTREAM_TOTAL}kbps
${TC} class add dev ${IFACE_NET} parent 1:1 classid 1:11 htb prio 1 rate ${UPSTREAM_HI}kbps ceil ${UPSTREAM_TOTAL}kbps
${TC} class add dev ${IFACE_NET} parent 1:1 classid 1:12 htb prio 2 rate ${UPSTREAM_MED}kbps ceil ${UPSTREAM_TOTAL}kbps
${TC} class add dev ${IFACE_NET} parent 1:1 classid 1:13 htb prio 3 rate ${UPSTREAM_MEDLO}kbps ceil ${UPSTREAM_TOTAL}kbps
${TC} class add dev ${IFACE_NET} parent 1:1 classid 1:14 htb prio 4 rate ${UPSTREAM_LO}kbps ceil ${UPSTREAM_TOTAL}kbps

## Add SFQ for beneath these classes
${TC} qdisc add dev ${IFACE_NET} parent 1:10 handle 10: sfq perturb 10
${TC} qdisc add dev ${IFACE_NET} parent 1:11 handle 11: sfq perturb 10
${TC} qdisc add dev ${IFACE_NET} parent 1:12 handle 12: sfq perturb 10
${TC} qdisc add dev ${IFACE_NET} parent 1:13 handle 13: sfq perturb 10 
${TC} qdisc add dev ${IFACE_NET} parent 1:14 handle 14: sfq perturb 10 

# ICMP (ip protocol 1) in the interactive class 1:11 so we
# can do measurements & impress our friends:
${TC} filter add dev ${IFACE_NET} parent 1:0 protocol ip prio 0 u32 \
	match ip protocol 1 0xff \
	flowid 1:11
 
# prioritize small packets (<64 bytes)
${TC} filter add dev ${IFACE_NET} parent 1:0 protocol ip prio 0 u32 \
	match ip protocol 6 0xff \
	match u8 0x05 0x0f at 0 \
	match u16 0x0000 0xffc0 at 2 \
	match u8 0x10 0xff at 33 \
	flowid 1:11

#prioritize udp packets for gamers
${TC} filter add dev ${IFACE_NET} parent 1:0 protocol ip prio 0 u32 \
	match ip protocol 17 0xff \
	flowid 1:10

## Add the filters which direct traffic to the right classes
## High-priority traffic
for PORT in ${PORTS_HI}; do
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip dport ${PORT} 0xffff flowid 1:11
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip sport ${PORT} 0xffff flowid 1:11
done

## Normal traffic
for PORT in ${PORTS_MED}; do
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip dport ${PORT} 0xffff flowid 1:12
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip sport ${PORT} 0xffff flowid 1:12

## Normal Lo traffic
for PORT in ${PORTS_MEDLO}; do
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip dport ${PORT} 0xffff flowid 1:13
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip sport ${PORT} 0xffff flowid 1:13
done 
done

##  Unclassified Traffic
for PORT; do
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip dport ${PORT} 0xffff flowid 1:14
        ${TC} filter add dev ${IFACE_NET} protocol ip parent 1:0 prio 0 u32 match ip sport ${PORT} 0xffff flowid 1:14
done

As you see it is a simple bash script using commands from here: http://lartc.org/howto/lartc.qdisc.classful.html