+ Responder ao Tópico



  1. 03-10-2010, 14:33 #1
    lfernandosg
    lfernandosg está desconectado
    Avatar de lfernandosg
    Ingresso
    Mar 2007
    Posts
    1.116

    Padrão Controle de banda não funciona completamente Htb+tc

    pessoal,

    uso a regra abaixo para interface interna:

    #!/bin/bash

    tc qdisc del dev eth1 root

    tc qdisc add dev eth1 root handle 1:0 htb default 50
    #----------------------alterar essa linha-------------------
    tc class add dev eth1 parent 1:0 classid 1:1 htb rate 10mbit

    tc class add dev eth1 parent 1:1 classid 1:10 htb rate 400kbit ceil 400kbit prio 1 # voip
    tc class add dev eth1 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 2 # DNS / ACK / SYN / FIN
    tc class add dev eth1 parent 1:1 classid 1:30 htb rate 64kbit ceil 200kbit prio 3 # Terminal service
    tc class add dev eth1 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 4 # HTTP
    tc class add dev eth1 parent 1:1 classid 1:50 htb rate 128kbit ceil 512kbit prio 5 # Geral
    #--------------adiciona essa classe para receber o tr�fego do zph
    tc class add dev eth1 parent 1:1 classid 1:60 htb rate 512Kbit prio 1 #ZPH


    tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
    tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10
    tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
    tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10
    tc qdisc add dev eth1 parent 1:50 handle 50: sfq perturb 10
    tc qdisc add dev eth1 parent 1:60 handle 60: sfq perturb 10

    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 5060 0xffff flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 5061 0xffff flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 10000 0xffff flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip sport 20000 0xffff flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 2 u32 match ip sport 53 0xffff flowid 1:20
    tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip sport 3389 0xffff flowid 1:30
    tc filter add dev eth1 parent 1:0 protocol ip prio 4 u32 match ip sport 80 0xffff flowid 1:40
    tc filter add dev eth1 parent 1:0 protocol ip prio 5 u32 match ip sport 3128 0xffff flowid 1:50
    #-------------e finalmente o filtro que vai classificar o tr�fego e jogar na classe certa
    tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip protocol 0x6 0xff match ip tos 0x60 0xff flowid 1:60

    e na interface externa:


    #!/bin/bash

    tc qdisc del dev eth0 root

    tc qdisc add dev eth0 root handle 1:0 htb default 50
    tc class add dev eth0 parent 1:0 classid 1:1 htb rate 960kbit

    tc class add dev eth0 parent 1:1 classid 1:10 htb rate 400kbit ceil 400kbit prio 1 # voip
    tc class add dev eth0 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 2 # DNS / ACK / SYN / FIN
    tc class add dev eth0 parent 1:1 classid 1:30 htb rate 64kbit ceil 200kbit prio 3 # Terminal service
    tc class add dev eth0 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 4 # HTTP
    tc class add dev eth0 parent 1:1 classid 1:50 htb rate 128kbit ceil 512kbit prio 5 # Geral


    tc qdisc add dev eth0 parent 1:10 handle 10: pfifo limit 10
    tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
    tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10
    tc qdisc add dev eth0 parent 1:40 handle 40: sfq perturb 10
    tc qdisc add dev eth0 parent 1:50 handle 50: sfq perturb 10


    tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 5060 0xffff flowid 1:10
    tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 5061 0xffff flowid 1:10
    tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 10000 0xffff flowid 1:10
    tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 20000 0xffff flowid 1:10
    tc filter add dev eth0 parent 1:0 protocol ip prio 2 u32 match ip dport 53 0xffff flowid 1:20
    tc filter add dev eth0 parent 1:0 protocol ip prio 3 u32 match ip dport 3389 0xffff flowid 1:30
    tc filter add dev eth0 parent 1:0 protocol ip prio 4 u32 match ip dport 80 0xffff flowid 1:40
    tc filter add dev eth0 parent 1:0 protocol ip prio 5 u32 match ip dport 3128 0xfff flowid 1:50


    ai vou testar e aparece estar tudo funcionando e minha internet está limitada a 400kpbs mas estou tendo problemas de latência do voip então vendo no site na Embratel onde a gente ve o pico o link vejo que o uso do link nunca passa os 400kpbs e a qualidade do voip que pra mim é prioridade está horrível picotando direto...então vi que a banda que separei para o as atas não está funcionando pois essa banda não está sendo usada pois como disse o link não passa de 400kpbs. o que está de errado pois no teste abaixo mostra que as portas do voip estão usando banda:


    proxy:/home/novaf# tc -s -d class show dev eth1
    class htb 1:1 root rate 100000Kbit ceil 100000Kbit burst 51587b/8 mpu 0b overhead 0b cburst 51587b/8 mpu 0b overhead 0b level 7
    Sent 5904337009 bytes 9982381 pkt (dropped 0, overlimits 0 requeues 0)
    rate 57960bit 8pps backlog 0b 0p requeues 0
    lended: 4310572 borrowed: 0 giants: 0
    tokens: 4090 ctokens: 4090

    class htb 1:10 parent 1:1 leaf 10: prio 1 quantum 5000 rate 400000bit ceil 400000bit burst 1799b/8 mpu 0b overhead 0b cburst 1799b/8 mpu 0b overhead 0b level 0
    Sent 6238963 bytes 15968 pkt (dropped 0, overlimits 0 requeues 0)
    rate 136bit 0pps backlog 0b 0p requeues 0
    lended: 15968 borrowed: 0 giants: 0
    tokens: 28836 ctokens: 28836

    class htb 1:20 parent 1:1 leaf 20: prio 2 quantum 1000 rate 64000bit ceil 128000bit burst 1631b/8 mpu 0b overhead 0b cburst 1663b/8 mpu 0b overhead 0b level 0
    Sent 7513788 bytes 38852 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    lended: 38798 borrowed: 54 giants: 0
    tokens: 169984 ctokens: 87040

    class htb 1:30 parent 1:1 leaf 30: prio 3 quantum 1000 rate 64000bit ceil 200000bit burst 1631b/8 mpu 0b overhead 0b cburst 1699b/8 mpu 0b overhead 0b level 0
    Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    lended: 0 borrowed: 0 giants: 0
    tokens: 208896 ctokens: 69632

    class htb 1:40 parent 1:1 leaf 40: prio 4 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
    Sent 516531011 bytes 578010 pkt (dropped 569, overlimits 0 requeues 0)
    rate 112bit 0pps backlog 0b 0p requeues 0
    lended: 326031 borrowed: 251979 giants: 0
    tokens: 99328 ctokens: 27904

    class htb 1:50 parent 1:1 leaf 50: prio 5 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
    Sent 5372261310 bytes 9349551 pkt (dropped 9376, overlimits 0 requeues 0)
    rate 52832bit 7pps backlog 0b 0p requeues 0
    lended: 5291012 borrowed: 4058539 giants: 0
    tokens: -2560 ctokens: 2432

    e o trafego na interface externa:

    proxy:/home/novaf# tc -s -d class show dev eth0
    class htb 1:1 root rate 1024Kbit ceil 1024Kbit burst 2111b/8 mpu 0b overhead 0b cburst 2111b/8 mpu 0b overhead 0b level 7
    Sent 1781473381 bytes 9397898 pkt (dropped 0, overlimits 0 requeues 0)
    rate 12816bit 13pps backlog 0b 0p requeues 0
    lended: 610469 borrowed: 0 giants: 0
    tokens: 15937 ctokens: 15937

    class htb 1:10 parent 1:1 leaf 10: prio 1 quantum 5000 rate 400000bit ceil 400000bit burst 1799b/8 mpu 0b overhead 0b cburst 1799b/8 mpu 0b overhead 0b level 0
    Sent 11187935 bytes 16200 pkt (dropped 0, overlimits 0 requeues 0)
    rate 120bit 0pps backlog 0b 0p requeues 0
    lended: 16200 borrowed: 0 giants: 0
    tokens: 22447 ctokens: 22447

    class htb 1:20 parent 1:1 leaf 20: prio 2 quantum 1000 rate 64000bit ceil 128000bit burst 1631b/8 mpu 0b overhead 0b cburst 1663b/8 mpu 0b overhead 0b level 0
    Sent 12115116 bytes 125825 pkt (dropped 0, overlimits 0 requeues 0)
    rate 24bit 0pps backlog 0b 0p requeues 0
    lended: 125825 borrowed: 0 giants: 0
    tokens: 197632 ctokens: 100864

    class htb 1:30 parent 1:1 leaf 30: prio 3 quantum 1000 rate 64000bit ceil 200000bit burst 1631b/8 mpu 0b overhead 0b cburst 1699b/8 mpu 0b overhead 0b level 0
    Sent 546 bytes 7 pkt (dropped 0, overlimits 0 requeues 0)
    rate 0bit 0pps backlog 0b 0p requeues 0
    lended: 7 borrowed: 0 giants: 0
    tokens: 198656 ctokens: 66356

    class htb 1:40 parent 1:1 leaf 40: prio 4 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
    Sent 852530228 bytes 3895459 pkt (dropped 49, overlimits 0 requeues 0)
    rate 8648bit 9pps backlog 0b 0p requeues 0
    lended: 3613028 borrowed: 282431 giants: 0
    tokens: 101888 ctokens: 28544

    class htb 1:50 parent 1:1 leaf 50: prio 5 quantum 1600 rate 128000bit ceil 512000bit burst 1663b/8 mpu 0b overhead 0b cburst 1855b/8 mpu 0b overhead 0b level 0
    Sent 905633885 bytes 5360407 pkt (dropped 68, overlimits 0 requeues 0)
    rate 8896bit 6pps backlog 0b 0p requeues 0
    lended: 5032369 borrowed: 328038 giants: 0
    tokens: 98816 ctokens: 27776


    OBS.:
    1-Meu link de é 1mb e 960kpbs Full dedicado mas com esse script é como se o link ficasse todo somente com 400kpbs e o resto não fosse usado.
    2-Coloquei 128 a 512 para as portas 80 e 3128 porque tenho máquinas da diretoria que estão fora do squid então elas tb ficam limitadas as banda de 512kpbs e quem usa porta squid tb fica está correto ne?
    Última edição por lfernandosg; 03-10-2010 às 14:44.
    Citação Citação
  2. 07-10-2010, 08:45 #2
    lfernandosg
    lfernandosg está desconectado
    Avatar de lfernandosg
    Ingresso
    Mar 2007
    Posts
    1.116

    Padrão Re: Controle de banda não funciona completamente Htb+tc

    Pessoal,

    Meu Qos é pensando na qualidade do voip então por portas vi que ele não estava conumindo quase na do link então achando estranho eu fiz um script prioridade por IP e melhorou bastante só que o servidor onde está o script começa jogar latência muito alta na rede ai tive que voltar para esse que esta acima o que pode ser? posso misturar o htb prioridade por portas e IP?

    segue escript:


    proxy:/home/novaf# cat /etc/init.d/qosinterno
    #!/bin/bash

    tc qdisc del dev eth1 root

    tc qdisc add dev eth1 root handle 1:0 htb default 40
    #----------------------alterar essa linha-------------------
    tc class add dev eth1 parent 1:0 classid 1:1 htb rate 10mbit

    tc class add dev eth1 parent 1:1 classid 1:10 htb rate 64kbit ceil 128kbit prio 1 # ATA fazenda
    tc class add dev eth1 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 1 # Ata Escritorio
    tc class add dev eth1 parent 1:1 classid 1:30 htb rate 128kbit ceil 512kbit prio 2 # Rede Internet
    tc class add dev eth1 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 3 # Rede Internet

    #--------------adiciona essa classe para receber o tr�fego do zph
    tc class add dev eth1 parent 1:1 classid 1:50 htb rate 700kbit prio 1 #ZPH


    tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
    tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10
    tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10
    tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10
    tc qdisc add dev eth1 parent 1:50 handle 50: sfq perturb 10


    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 10.0.1.5/24 flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 10.0.1.3/24 flowid 1:20
    tc filter add dev eth1 parent 1:0 protocol ip prio 2 u32 match ip sport 80 0xffff flowid 1:30
    tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip sport 3128 0xffff flowid 1:40


    #-------------e finalmente o filtro que vai classificar o tr�fego e jogar na classe certa
    tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip protocol 0x6 0xff match ip tos 0x60 0xff flowid 1:50
    e para placa externa de rede:


    #!/bin/bash

    tc qdisc del dev eth0 root

    tc qdisc add dev eth0 root handle 1:0 htb default 40
    #----------------------alterar essa linha-------------------
    tc class add dev eth0 parent 1:0 classid 1:1 htb rate 10mbit

    tc class add dev eth0 parent 1:1 classid 1:10 htb rate 64kbit ceil 128kbit prio 1 # ATA fazed
    tc class add dev eth0 parent 1:1 classid 1:20 htb rate 64kbit ceil 128kbit prio 1 # Ata Escritorio
    tc class add dev eth0 parent 1:1 classid 1:30 htb rate 128kbit ceil 512kbit prio 2 # Rede Internet
    tc class add dev eth0 parent 1:1 classid 1:40 htb rate 128kbit ceil 512kbit prio 3 # Rede Internet




    tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
    tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
    tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10
    tc qdisc add dev eth0 parent 1:40 handle 40: sfq perturb 10



    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 10.0.1.5/24 flowid 1:10
    tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip dst 10.0.1.3/24 flowid 1:20
    tc filter add dev eth1 parent 1:0 protocol ip prio 2 u32 match ip dport 80 0xffff flowid 1:30
    tc filter add dev eth1 parent 1:0 protocol ip prio 3 u32 match ip dport 3128 0xffff flowid 1:40

    o que tem de errado nesse script?quando inicio ele a interna na porta 80 fica ok mas na porta 3128 fica muito lenta e nem consigo entrar no servidor pelo IP interno pois a latência e muito alta ai entro pelo ssh usando o ip valido do server para poder parar o script.
    Citação Citação



« Tópico Anterior | Próximo Tópico »