pessoal,
uso a regra abaixo para interface interna:
#!/bin/bash
tc qdisc del dev eth1 root
tc qdisc add dev eth1 root handle 1:0 htb default 50
#----------------------alterar essa linha-------------------
tc class add dev eth1 parent 1:0 classid 1:1 htb rate 10mbit
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 400kbit ceil 400kbit prio 1 # voip
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 2 # DNS / ACK / SYN / FIN
tc class add dev eth1 parent 1:1 classid 1:30 htb rate 64kbit ceil 200kbit prio 3 # Terminal service
tc class add dev eth1 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 4 # HTTP
tc class add dev eth1 parent 1:1 classid 1:50 htb rate 128kbit ceil 512kbit prio 5 # Geral
#--------------adiciona essa classe para receber o tr�fego do zph
tc class add dev eth1 parent 1:1 classid 1:60 htb rate 512Kbit prio 1 #ZPH
tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10
tc qdisc add dev eth1 parent 1:50 handle 50: sfq perturb 10
tc qdisc add dev eth1 parent 1:60 handle 60: sfq perturb 10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 5060 0xffff flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 5061 0xffff flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 10000 0xffff flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 20000 0xffff flowid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 2 u32 match ip sport 53 0xffff flowid 1:20
tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip sport 3389 0xffff flowid 1:30
tc filter add dev eth1 parent 1:0 protocol ip prio 4 u32 match ip sport 80 0xffff flowid 1:40
tc filter add dev eth1 parent 1:0 protocol ip prio 5 u32 match ip sport 3128 0xffff flowid 1:50
#-------------e finalmente o filtro que vai classificar o tr�fego e jogar na classe certa
tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip protocol 0x6 0xff match ip tos 0x60 0xff flowid 1:60
e na interface externa:
#!/bin/bash
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1:0 htb default 50
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 960kbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 400kbit ceil 400kbit prio 1 # voip
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 2 # DNS / ACK / SYN / FIN
tc class add dev eth0 parent 1:1 classid 1:30 htb rate 64kbit ceil 200kbit prio 3 # Terminal service
tc class add dev eth0 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 4 # HTTP
tc class add dev eth0 parent 1:1 classid 1:50 htb rate 128kbit ceil 512kbit prio 5 # Geral
tc qdisc add dev eth0 parent 1:10 handle 10: pfifo limit 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev eth0 parent 1:40 handle 40: sfq perturb 10
tc qdisc add dev eth0 parent 1:50 handle 50: sfq perturb 10
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 5060 0xffff flowid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 5061 0xffff flowid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 10000 0xffff flowid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 20000 0xffff flowid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 match ip dport 53 0xffff flowid 1:20
tc filter add dev eth0 parent 1:0 protocol ip prio 3 u32 match ip dport 3389 0xffff flowid 1:30
tc filter add dev eth0 parent 1:0 protocol ip prio 4 u32 match ip dport 80 0xffff flowid 1:40
tc filter add dev eth0 parent 1:0 protocol ip prio 5 u32 match ip dport 3128 0xfff flowid 1:50
ai vou testar e aparece estar tudo funcionando e minha internet está limitada a 400kpbs mas estou tendo problemas de latência do voip então vendo no site na Embratel onde a gente ve o pico o link vejo que o uso do link nunca passa os 400kpbs e a qualidade do voip que pra mim é prioridade está horrível picotando direto...então vi que a banda que separei para o as atas não está funcionando pois essa banda não está sendo usada pois como disse o link não passa de 400kpbs. o que está de errado pois no teste abaixo mostra que as portas do voip estão usando banda:
proxy:/home/novaf# tc -s -d class show dev eth1
class htb 1:1 root rate 100000Kbit ceil 100000Kbit burst 51587b/8 mpu 0b overhead 0b cburst 51587b/8 mpu 0b overhead 0b level 7
Sent 5904337009 bytes 9982381 pkt (dropped 0, overlimits 0 requeues 0)
rate 57960bit 8pps backlog 0b 0p requeues 0
lended: 4310572 borrowed: 0 giants: 0
tokens: 4090 ctokens: 4090
class htb 1:10 parent 1:1 leaf 10: prio 1 quantum 5000 rate 400000bit ceil 400000bit burst 1799b/8 mpu 0b overhead 0b cburst 1799b/8 mpu 0b overhead 0b level 0
Sent 6238963 bytes 15968 pkt (dropped 0, overlimits 0 requeues 0)
rate 136bit 0pps backlog 0b 0p requeues 0
lended: 15968 borrowed: 0 giants: 0
tokens: 28836 ctokens: 28836
class htb 1:20 parent 1:1 leaf 20: prio 2 quantum 1000 rate 64000bit ceil 128000bit burst 1631b/8 mpu 0b overhead 0b cburst 1663b/8 mpu 0b overhead 0b level 0
Sent 7513788 bytes 38852 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 38798 borrowed: 54 giants: 0
tokens: 169984 ctokens: 87040
class htb 1:30 parent 1:1 leaf 30: prio 3 quantum 1000 rate 64000bit ceil 200000bit burst 1631b/8 mpu 0b overhead 0b cburst 1699b/8 mpu 0b overhead 0b level 0
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 208896 ctokens: 69632
class htb 1:40 parent 1:1 leaf 40: prio 4 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
Sent 516531011 bytes 578010 pkt (dropped 569, overlimits 0 requeues 0)
rate 112bit 0pps backlog 0b 0p requeues 0
lended: 326031 borrowed: 251979 giants: 0
tokens: 99328 ctokens: 27904
class htb 1:50 parent 1:1 leaf 50: prio 5 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
Sent 5372261310 bytes 9349551 pkt (dropped 9376, overlimits 0 requeues 0)
rate 52832bit 7pps backlog 0b 0p requeues 0
lended: 5291012 borrowed: 4058539 giants: 0
tokens: -2560 ctokens: 2432
e o trafego na interface externa:
proxy:/home/novaf# tc -s -d class show dev eth0
class htb 1:1 root rate 1024Kbit ceil 1024Kbit burst 2111b/8 mpu 0b overhead 0b cburst 2111b/8 mpu 0b overhead 0b level 7
Sent 1781473381 bytes 9397898 pkt (dropped 0, overlimits 0 requeues 0)
rate 12816bit 13pps backlog 0b 0p requeues 0
lended: 610469 borrowed: 0 giants: 0
tokens: 15937 ctokens: 15937
class htb 1:10 parent 1:1 leaf 10: prio 1 quantum 5000 rate 400000bit ceil 400000bit burst 1799b/8 mpu 0b overhead 0b cburst 1799b/8 mpu 0b overhead 0b level 0
Sent 11187935 bytes 16200 pkt (dropped 0, overlimits 0 requeues 0)
rate 120bit 0pps backlog 0b 0p requeues 0
lended: 16200 borrowed: 0 giants: 0
tokens: 22447 ctokens: 22447
class htb 1:20 parent 1:1 leaf 20: prio 2 quantum 1000 rate 64000bit ceil 128000bit burst 1631b/8 mpu 0b overhead 0b cburst 1663b/8 mpu 0b overhead 0b level 0
Sent 12115116 bytes 125825 pkt (dropped 0, overlimits 0 requeues 0)
rate 24bit 0pps backlog 0b 0p requeues 0
lended: 125825 borrowed: 0 giants: 0
tokens: 197632 ctokens: 100864
class htb 1:30 parent 1:1 leaf 30: prio 3 quantum 1000 rate 64000bit ceil 200000bit burst 1631b/8 mpu 0b overhead 0b cburst 1699b/8 mpu 0b overhead 0b level 0
Sent 546 bytes 7 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 7 borrowed: 0 giants: 0
tokens: 198656 ctokens: 66356
class htb 1:40 parent 1:1 leaf 40: prio 4 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
Sent 852530228 bytes 3895459 pkt (dropped 49, overlimits 0 requeues 0)
rate 8648bit 9pps backlog 0b 0p requeues 0
lended: 3613028 borrowed: 282431 giants: 0
tokens: 101888 ctokens: 28544
class htb 1:50 parent 1:1 leaf 50: prio 5 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
Sent 905633885 bytes 5360407 pkt (dropped 68, overlimits 0 requeues 0)
rate 8896bit 6pps backlog 0b 0p requeues 0
lended: 5032369 borrowed: 328038 giants: 0
tokens: 98816 ctokens: 27776
OBS.:
1-Meu link de é 1mb e 960kpbs Full dedicado mas com esse script é como se o link ficasse todo somente com 400kpbs e o resto não fosse usado.
2-Coloquei 128 a 512 para as portas 80 e 3128 porque tenho máquinas da diretoria que estão fora do squid então elas tb ficam limitadas as banda de 512kpbs e quem usa porta squid tb fica está correto ne?