[GTER] CBQ Limitando somente a 2Kbps
Lucas Willian Bocchi
lucas.bocchi at gmail.com
Thu Oct 23 15:58:52 -02 2014
Achei um script meu caprichado aqui num cliente que usa ppp. Ele
liberou pra mim soltar na lista pra vc.
Dá uma olhada, este é com hsfc.
#!/bin/bash
HZ=1000
ifconfig ${1} txqueuelen 3
# Banda Total da Interface menos uma "reserva técnica"
total=500
perbanda1=22
perbanda2=15
perbanda3=20
perbanda4=15
perbanda5=$(( 100 - ($perbanda1 + $perbanda2 + $perbanda3 + $perbanda4) ))
/sbin/tc qdisc del dev ${1} root
/sbin/tc qdisc add dev ${1} root handle 1: stab linklayer adsl hfsc default 15
/sbin/tc class add dev ${1} parent 1: classid 1:1 hfsc sc rate
${total}kbit ul rate ${total}kbit
/sbin/tc class add dev ${1} parent 1:1 classid 1:15 hfsc ls rate
${banda5}kbit ul rate ${total}kbit
/sbin/tc class add dev ${1} parent 1:1 classid 1:14 hfsc sc rate
${banda4}kbit ul rate ${total}kbit
/sbin/tc class add dev ${1} parent 1:1 classid 1:13 hfsc sc rate
${banda3}kbit ul rate ${total}kbit
/sbin/tc class add dev ${1} parent 1:1 classid 1:12 hfsc sc rate
${banda2}kbit ul rate ${total}kbit
/sbin/tc class add dev ${1} parent 1:1 classid 1:11 hfsc sc rate
${banda1}kbit ul rate ${total}kbit
/sbin/tc qdisc add dev ${1} parent 1:13 handle 113: sfq
/sbin/tc qdisc add dev ${1} parent 1:14 handle 114: sfq
# Pacotes ACK e trafego interativo
/sbin/tc filter add dev ${1} parent 1:0 prio 1 protocol ip u32 match
u16 0x0806 0xffff at -2 flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 2 protocol ip u32 match
ip protocol 6 0xff match u8 0x02 0x0f at 0 flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 2 protocol ip u32 match
ip protocol 6 0xff match u8 0x10 0xff at nexthdr+13 flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 2 protocol ip u32 match
ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at
2 match u8 0x10 0xff at 33 flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 3 protocol ip u32 match
ip sport 22 0xffff flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 3 protocol ip u32 match
ip dport 22 0xffff flowid 1:11
/sbin/tc filter add dev ${1} parent 1:0 prio 3 protocol ip u32 match
ip protocol 1 0xff flowid 1:11
# Media Prioridade
/sbin/tc filter add dev ${1} parent 1:0 prio 4 protocol ip u32 match
ip sport 3390 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 4 protocol ip u32 match
ip dport 3390 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 4 protocol ip u32 match
ip sport 3389 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 4 protocol ip u32 match
ip dport 3389 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5900 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5900 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5500 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5500 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5600 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5600 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5700 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5700 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5800 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5800 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip sport 5999 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 5 protocol ip u32 match
ip dport 5999 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip dport 8291 0xffff flowid 1:12
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip sport 8291 0xffff flowid 1:12
# HTTP e HTTPS
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip sport 80 0xffff flowid 1:13
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip dport 80 0xffff flowid 1:13
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip sport 443 0xffff flowid 1:13
/sbin/tc filter add dev ${1} parent 1:0 prio 6 protocol ip u32 match
ip dport 443 0xffff flowid 1:13
# Prioridade menor
/sbin/tc filter add dev ${1} parent 1:0 prio 7 protocol ip u32 match
ip dport 25 0xffff flowid 1:14
/sbin/tc filter add dev ${1} parent 1:0 prio 7 protocol ip u32 match
ip sport 25 0xffff flowid 1:14
/sbin/tc filter add dev ${1} parent 1:0 prio 7 protocol ip u32 match
ip dport 110 0xffff flowid 1:14
/sbin/tc filter add dev ${1} parent 1:0 prio 7 protocol ip u32 match
ip sport 110 0xffff flowid 1:14
Em 23 de outubro de 2014 14:11, Rafael Sapata <rafael at grupouds.com.br> escreveu:
> Vou analisar, continuava no CBQ devido a comodidade, disponibilidade nativa no CentOS e conhecimento prévio.
>
> Agradeço.
>
> Atenciosamente,
>
> Rafael Sapata.
>
> ----- Mensagem original -----
> De: "Lucas Willian Bocchi" <lucas.bocchi at gmail.com>
> Para: "Grupo de Trabalho de Engenharia e Operacao de Redes" <gter at eng.registro.br>
> Enviadas: Quinta-feira, 23 de outubro de 2014 9:13:07
> Assunto: Re: [GTER] CBQ Limitando somente a 2Kbps
>
> CBQ? Esse negócio já caiu em desuso faz tempo.
>
> Por quê não migra pro HTB?
>
> 2014-10-22 21:09 GMT-02:00 Rafael Sapata <rafael at grupouds.com.br>:
>> Prezados,
>>
>> Possuo um ambiente 64 bits com Centos rodando Quagga com BGP , utilizo o CBQ com a regra abaixo para limitar o download em um IP específico:
>>
>> DEVICE=enp4s0,1000Mbit,100Mbit
>>
>>
>> RATE=2Mbit
>> WEIGHT=200Kbit
>> PRIO=5
>> RULE=13x.16x.7x.1x
>> BOUNDED=yes
>> ISOLATED=yes
>>
>> Abaixo a regra após um compile do cbq
>>
>>
>>
>> /sbin/tc qdisc del dev enp4s0 root
>> /sbin/tc qdisc add dev enp4s0 root handle 1 cbq bandwidth 1000Mbit avpkt 1000 cell 8
>> /sbin/tc class change dev enp4s0 root cbq weight 100Mbit allot 1514
>>
>> /sbin/tc class add dev enp4s0 parent 1: classid 1:1001 cbq bandwidth 1000Mbit rate 2Mbit weight 200Kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 1000 bounded isolated
>> /sbin/tc qdisc add dev enp4s0 parent 1:1001 handle 1001 tbf rate 2Mbit buffer 10Kb/8 limit 15Kb mtu 1500
>> /sbin/tc filter add dev enp4s0 parent 1:0 protocol ip prio 100 u32 match ip dst 131.161.72.10 classid 1:1001
>>
>>
>>
>> Já realizei a substituição da placa de rede mas independente da configuração sempre que limito o download a velocidade fica fixa a 2kbps, o que não acontece quando faço a mesma regra para outra interface onde limito o upload (funciona normalmente)
>>
>> Abaixo o stats do cbq
>>
>>
>> ### enp2s0: queueing disciplines
>>
>> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
>> Sent 49277506970 bytes 67589512 pkt (dropped 0, overlimits 0 requeues 92)
>> backlog 0b 0p requeues 92
>>
>> ### enp4s0: queueing disciplines
>>
>> qdisc cbq 1: root refcnt 2 rate 1000Mbit (bounded,isolated) prio no-transmit
>> Sent 512906 bytes 3458 pkt (dropped 0, overlimits 0 requeues 0)
>> backlog 0b 0p requeues 0
>> borrowed 0 overactions 0 avgidle 125 undertime 0
>> qdisc tbf 1001: parent 1:1001 rate 2000Kbit burst 10Kb lat 20.5ms
>> Sent 368 bytes 5 pkt (dropped 0, overlimits 0 requeues 0)
>> backlog 0b 0p requeues 0
>>
>> ### enp4s0: traffic classes
>>
>> class cbq 1:1001 parent 1: leaf 1001: rate 2000Kbit (bounded,isolated) prio 5
>> Sent 368 bytes 5 pkt (dropped 0, overlimits 0 requeues 0)
>> backlog 0b 0p requeues 0
>> borrowed 0 overactions 0 avgidle 1.77039e+06 undertime 0
>> class cbq 1: root rate 1000Mbit (bounded,isolated) prio no-transmit
>> Sent 512720 bytes 3444 pkt (dropped 0, overlimits 0 requeues 0)
>> backlog 0b 0p requeues 0
>> borrowed 0 overactions 0 avgidle 125 undertime 0
>> class tbf 1001:1 parent 1001:
>>
>>
>> ### enp4s0: filtering rules
>>
>> filter parent 1: protocol ip pref 100 u32
>> filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
>> filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:1001 (rule hit 3331 success 5)
>> match 83a1480a/ffffffff at 16 (success 5 )
>>
>> ### enp5s0: queueing disciplines
>>
>> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
>> Sent 15383886 bytes 174087 pkt (dropped 0, overlimits 0 requeues 1)
>> backlog 0b 0p requeues 1
>>
>>
>>
>>
>> Alguma ideia ? Grato.
>>
>>
>> Atenciosamente,
>>
>>
>>
>> --
>> gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
More information about the gter
mailing list