LINUX.ORG.RU
решено ФорумAdmin

[debian][shaper][tc] игнорирование явно указанных prio у классов. bug или мой косяк?


0

1
#!/bin/bash

IPT="/sbin/iptables"
TC="/sbin/tc"
IP="/bin/ip"

DEV_IN="eth0"
RATE_IN="2750" # 90% от гарантированной провайдером

RATE_LOCAL="1gbit"
IP_LOCAL="192.168.0.254"

$TC qdisc del dev $DEV_IN root >/dev/null 2>&1
$TC qdisc del dev $DEV_IN ingress >/dev/null 2>&1

$IP link set dev $DEV_IN qlen 32
$TC qdisc add dev $DEV_IN root handle 1: htb r2q 3

# Нетранзитный трафик
$TC class add dev $DEV_IN parent 1: classid 1:1 htb rate $RATE_LOCAL quantum 60000 prio 99
    $TC qdisc add dev $DEV_IN parent 1:1 pfifo
    $TC filter add dev $DEV_IN parent 1: prio 1 protocol ip u32 match ip src $IP_LOCAL1 flowid 1:1

# Транзитный трафик
$TC class add dev $DEV_IN parent 1: classid 1:2 htb rate ${RATE_IN}kbit prio 2

    # high-prio
    $TC class add dev $DEV_IN parent 1:2 classid 1:5 htb rate $[95*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 5
        $TC class add dev $DEV_IN parent 1:5 classid 1:10 htb rate $[5*$RATE_IN/100]kbit  ceil ${RATE_IN}kbit prio 10
        $TC class add dev $DEV_IN parent 1:5 classid 1:20 htb rate $[10*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 20
        $TC class add dev $DEV_IN parent 1:5 classid 1:30 htb rate $[10*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 30
        $TC class add dev $DEV_IN parent 1:5 classid 1:40 htb rate $[45*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 40
        $TC class add dev $DEV_IN parent 1:5 classid 1:50 htb rate $[25*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 50

        $TC qdisc add dev $DEV_IN parent 1:10 handle 10: sfq perturb 10
        $TC qdisc add dev $DEV_IN parent 1:20 handle 20: sfq perturb 10
        $TC qdisc add dev $DEV_IN parent 1:30 handle 30: sfq perturb 10
        $TC qdisc add dev $DEV_IN parent 1:40 handle 40: sfq perturb 10
        $TC qdisc add dev $DEV_IN parent 1:50 handle 50: sfq perturb 10

            $TC filter add dev $DEV_IN parent 10: prio 10 protocol ip handle 10 flow hash keys dst divisor 512
            $TC filter add dev $DEV_IN parent 20: prio 20 protocol ip handle 20 flow hash keys dst divisor 512
            $TC filter add dev $DEV_IN parent 30: prio 30 protocol ip handle 30 flow hash keys dst divisor 512
            $TC filter add dev $DEV_IN parent 40: prio 40 protocol ip handle 40 flow hash keys dst divisor 512
            $TC filter add dev $DEV_IN parent 50: prio 50 protocol ip handle 50 flow hash keys dst divisor 512

    # low-prio
    $TC class add dev $DEV_IN parent 1:2 classid 1:90 htb rate $[5*$RATE_IN/100]kbit ceil ${RATE_IN}kbit quantum 10 prio 90
        $TC qdisc add dev $DEV_IN parent 1:90 handle 90: sfq perturb 30
            $TC filter add dev $DEV_IN parent 90: prio 90 protocol ip handle 90 flow hash keys dst divisor 512

$IPT -t mangle -D POSTROUTING -o $DEV_IN -j SHAPER-IN >/dev/null 2>&1
$IPT -t mangle -F SHAPER-IN >/dev/null 2>&1
$IPT -t mangle -X SHAPER-IN >/dev/null 2>&1

$IPT -t mangle -N SHAPER-IN
$IPT -t mangle -I POSTROUTING -o $DEV_IN -j SHAPER-IN

# icmp, dns
$IPT -t mangle -A SHAPER-IN -p icmp -j CLASSIFY --set-class 1:10
$IPT -t mangle -A SHAPER-IN -p icmp -j RETURN
$IPT -t mangle -A SHAPER-IN -p udp --sport 53 -j CLASSIFY --set-class 1:10
$IPT -t mangle -A SHAPER-IN -p udp --sport 53 -j RETURN

# icecast
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 7000,8000 -j CLASSIFY --set-class 1:20
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 7000,8000 -j RETURN

# ssh, rdp
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 22,11122,3389 -j CLASSIFY --set-class 1:30
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 22,11122,3389 -j RETURN

# imap, imaps, pop3, pop3s
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 143,993,110,995 -j CLASSIFY --set-class 1:40
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 143,993,110,995 -j RETURN

# http, https; ftp(20,21) < 512KB
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 80,8080,443,20,21 -m connbytes --connbytes :524288 \n
    --connbytes-dir both --connbytes-mode bytes -j CLASSIFY --set-class 1:40
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 80,8080,443,20,21 -m connbytes --connbytes :524288 \n
    --connbytes-dir both --connbytes-mode bytes -j RETURN

# http, https; ftp(20,21)
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 80,8080,443,20,21,1935 -j CLASSIFY --set-class 1:50
$IPT -t mangle -A SHAPER-IN -p tcp -m multiport --sports 80,8080,443,20,21,1935 -j RETURN

# low priority
$IPT -t mangle -A SHAPER-IN -j CLASSIFY --set-class 1:90

НО в выводе # tc -s class show dev eth0 у классов абсолютно другие prio (выделил звёздочками), а у некоторых вообще отсутствуют:

class htb 1:10 parent 1:5 leaf 10: ***prio 7*** rate 137000bit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 1459843 ctokens: 72718

class htb 1:1 root leaf 8014: ***prio 7*** rate 1000Mbit ceil 1000Mbit burst 1375b cburst 1375b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 187 ctokens: 187

class htb 1:2 root rate 2750Kbit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 618 bytes 5 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 68000 ctokens: 68000

class htb 1:20 parent 1:5 leaf 20: ***prio 7*** rate 275000bit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 727265 ctokens: 72718

class htb 1:30 parent 1:5 leaf 30: ***prio 7*** rate 275000bit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 618 bytes 5 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 5 borrowed: 0 giants: 0
 tokens: 680000 ctokens: 68000

class htb 1:40 parent 1:5 leaf 40: ***prio 7*** rate 1237Kbit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 161671 ctokens: 72718

class htb 1:50 parent 1:5 leaf 50: ***prio 7*** rate 687000bit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 291109 ctokens: 72718

class htb 1:5 parent 1:2 rate 2612Kbit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 618 bytes 5 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 71594 ctokens: 68000

class htb 1:90 parent 1:2 leaf 90: ***prio 7*** rate 137000bit ceil 2750Kbit burst 1599b cburst 1599b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 1459843 ctokens: 72718

на чьей стороне правда?


Сделай скрипт из 2-х строк, и убедись, что prio>7 не выставляется, почему так, не знаю.

slavad ()
Ответ на: комментарий от slavad

упростил скрипт практически до нЕльзя + поменял prio:

#!/bin/bash

IPT="/sbin/iptables"
TC="/sbin/tc"
IP="/bin/ip"

DEV_IN="eth0"
RATE_IN="2750"

RATE_LOCAL="1gbit"
IP_LOCAL="192.168.0.100"

$TC qdisc del dev $DEV_IN root

$IP link set dev $DEV_IN qlen 32

$TC qdisc add dev $DEV_IN root handle 1: htb r2q 3
    $TC filter add dev $DEV_IN parent 1: protocol ip u32 match ip src $IP_LOCAL flowid 1:99

# Главный класс
$TC class add dev $DEV_IN parent 1: classid 1:1 htb rate $RATE_LOCAL

    # Транзитный трафик
    $TC class add dev $DEV_IN parent 1:1 classid 1:2 htb rate ${RATE_IN}kbit prio 0

        # high-prio
        $TC class add dev $DEV_IN parent 1:2 classid 1:5 htb rate $[95*$RATE_IN/100]kbit ceil ${RATE_IN}kbit prio 0

        # low-prio
        $TC class add dev $DEV_IN parent 1:2 classid 1:90 htb rate $[5*$RATE_IN/100]kbit ceil $[75*$RATE_IN/100]kbit prio 1

    # Нетранзитный трафик
    $TC class add dev $DEV_IN parent 1:1 classid 1:99 htb rate $RATE_LOCAL quantum 60000 prio 1

ситуация изменилась, но все же есть косяки. вывод tc -s class show dev eth0 (упорядочил + сделал отступы для более удобного сравнения с добавлением классов в скрипте):

class htb 1:1 root rate 1000Mbit ceil 1000Mbit burst 1375b cburst 1375b 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 rate 0bit 0pps backlog 0b 0p requeues 0 
 lended: 0 borrowed: 0 giants: 0
 tokens: 187 ctokens: 187

	class htb 1:2 parent 1:1 rate 2750Kbit ceil 2750Kbit burst 1599b cburst 1599b 
	 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
	 rate 0bit 0pps backlog 0b 0p requeues 0 
	 lended: 0 borrowed: 0 giants: 0
	 tokens: 72718 ctokens: 72718

		class htb 1:5 parent 1:2 prio 0 rate 2612Kbit ceil 2750Kbit burst 1599b cburst 1599b 
		 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
		 rate 0bit 0pps backlog 0b 0p requeues 0 
		 lended: 0 borrowed: 0 giants: 0
		 tokens: 76562 ctokens: 72718

		class htb 1:90 parent 1:2 prio 1 rate 137000bit ceil 2062Kbit burst 1599b cburst 1599b 
		 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
		 rate 0bit 0pps backlog 0b 0p requeues 0 
		 lended: 0 borrowed: 0 giants: 0
		 tokens: 1459843 ctokens: 96984

	class htb 1:99 parent 1:1 prio 1 rate 1000Mbit ceil 1000Mbit burst 1375b cburst 1375b 
	 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
	 rate 0bit 0pps backlog 0b 0p requeues 0 
	 lended: 0 borrowed: 0 giants: 0
	 tokens: 187 ctokens: 187

приоритеты стали нормальными, НО у 1:2 prio нет! (пробовал менять на 1,2,...) - ситуация не поменялась

cac2s ()
Ответ на: комментарий от cac2s

всё. разобрался: только краевым классам можно назначать prio (и quantum тоже)

cac2s ()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.