Traffic shaping LTSP dengan satu interface
May 7th, 2008
Bagaimana apabila traffic shaping dilakukan di LTSP dengan 1 interface saja?
Begini caranya,
tc qdisc add dev $DEV root handle 1: htbtc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit
tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit burst 6k prio 1
tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[9*$UPLINK/10]kbit burst 6k prio 2tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -A POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -s 192.168.0.0/24 -j RETURN
iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags ALL ACK -m state –state ESTABLISHED -m length –length 0:100 -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -m mark –mark 0 -j MARK –set-mark 20
lebih lengkapnya silahkan tengok disini.
Update
#!/bin/sh
# The Ultimate Setup For Your Internet Connection At Home
# Set the following values to somewhat less than your actual download
# and uplink speed. In kilobits# shaper on one legged host, after lightning strike the other interface
# real adsl uplink capacity in kbit
UPLINK=45# which device are we throttling
DEV=eth1# clean existing down- and uplink qdiscs, hide errors
tc qdisc del dev $DEV root &>/dev/null
tc qdisc del dev $DEV ingress &>/dev/null# clean existing iptables fwmark
iptables -t mangle -F
iptables -t mangle -X# install tc
tc qdisc add dev $DEV root handle 1: htb r2q 1
tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit
# highest prio, for small/emtpy packets (tcp acks, ssh, dns and icmp so we can impress friends)
tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit burst 6k prio 1
# same as above, but with larger packets
tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[9*$UPLINK/10]kbit burst 6k prio 2
# lowest prio, uploading class, bigger packets
tc class add dev $DEV parent 1:1 classid 1:30 htb rate $[8*$UPLINK/10]kbit ceil $[9*$UPLINK/10]kbit burst 6k prio 3
tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10# iptables marking
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 30 fw flowid 1:30# iptables chain
iptables -t mangle -N MYSHAPER-OUT# ToS fix
iptables -t mangle -N TOSFIX
iptables -t mangle -A TOSFIX -p tcp -m length –length :84 -j RETURN
iptables -t mangle -A TOSFIX -m limit –limit 2/s –limit-burst 10 -j RETURN
iptables -t mangle -A TOSFIX -j TOS –set-tos Maximize-Throughput
iptables -t mangle -A TOSFIX -j RETURN
iptables -t mangle -A POSTROUTING -o $DEV -s ! 192.168.0.0/24 -p tcp -m tos –tos Minimize-Delay -j TOSFIX# Ack fix
iptables -t mangle -N ACK
iptables -t mangle -A ACK -m tos ! –tos Normal-Service -j RETURN
iptables -t mangle -A ACK -p tcp -m length –length 0:84 -j TOS –set-tos Minimize-Delay
iptables -t mangle -A ACK -p tcp -m length –length 768: -j TOS –set-tos Maximize-Throughput
iptables -t mangle -A ACK -j RETURN
iptables -t mangle -A POSTROUTING -o $DEV -s ! 192.168.0.0/24 -p tcp -m tcp –tcp-flags SYN,RST,ACK ACK -j ACK#iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags ! SYN,ACK,RST ACK -j CLASSIFY –set-class 1:10
#iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags SYN,RST,ACK ACK -m length –length :84 -m tos –tos Minimize-Delay -j CLASSIFY –set-class 1:10
#iptables -t mangle -A MYSHAPER-OUT -p udp -j CLASSIFY –set-class 1:10
#iptables -t mangle -A MYSHAPER-OUT -p icmp -j CLASSIFY –set-class 1:10
#iptables -t mangle -A MYSHAPER-OUT -m mark –mark 0 -j CLASSIFY –set-class 1:20
#
# I dunno what this does
#iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags ! SYN,RST,ACK ACK -j MARK –set-mark 10
#
iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags SYN,RST,ACK ACK -m length –length :40 -m tos –tos Minimize-Delay -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags SYN,RST,ACK ACK -m length –length 41:150 -j MARK –set-mark 20
iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags SYN,RST,ACK SYN -m tos –tos Minimize-Delay -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -p tcp –tcp-flags SYN,RST,ACK RST -m tos –tos Minimize-Delay -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK –set-mark 10
iptables -t mangle -A MYSHAPER-OUT -m mark –mark 0 -j MARK –set-mark 30
iptables -t mangle -A POSTROUTING -o $DEV -s ! 192.168.0.0/24 -j MYSHAPER-OUT# http://www.knowplace.org/pages/howtos/traffic_shaping_with_linux/examples.php
# http://www.trekweb.com/~jasonb/articles/traffic_shaping/scenarios.html
# http://209.85.173.104/search?q=cache:WeBHLoushqYJ:www.3e.me.uk/dm/+tc+tcp+ack&hl=id&ct=clnk&cd=5&gl=id&client=firefox-a# http://www.docum.org/docum.org/docs/mail_2.php
tc qdisc add dev eth1 handle FFFF: ingress
tc filter add dev eth1 parent ffff: protocol ip prio 50 handle 100 fw police rate 347kbit burst 2400 mtu 9k drop flowid :100
iptables -A PREROUTING -i eth1 -t mangle -p tcp -s ! 192.168.0.0/24 –sport 80 -j MARK –set-mark 100
rudy said:
Hallo. salam kenal.
maaf kalo ngelantur reply disini
apakah http://odin.rootbox.or.id/ juga milik anda?
kalau iya, saya mau menawarkan sebuah projek flash game. jika tertarik silakan email ke rudy_sudarto@yahoo.com
thankx