tc, QoS, priority
来源:互联网 发布:动漫设计与制作软件 编辑:程序博客网 时间:2024/05/22 17:10
Robert emil.konev na atlas.cz
Pátek Červenec 7 10:24:51 CEST 2006
Pátek Červenec 7 10:24:51 CEST 2006
- Předchozí příspěvek: tc, QoS, priority
- Následující příspěvek: Mrs. Tracy Blok
- Zprávy tříděné podle: [ data ] [ vlákna ] [ subjektu ] [ autora ]
ja vychazel z techto dvou scriptu1.### Configuration STARTSPEED="2048"### Configuration STOPpresne tohle na vas ceka. SPEED je rychlost jakou muzou pres vas router tect data. Zpravidla se uvadi rychlost vaseho pripojeni do site CZF.Co ktery script dela:qosclear -vycisti aktualni nastaveni QoSqos-stat - vypise aktualni konfiguraci QoSqos_base -nastavuje QoS. Takze tenhle script spoustejte treba pri startu pocitaceNezapomente si skript pro nastaveni QoS pridat do runleveluA tady jsou otisky verze z 28.3.02 23:37:qos-stat-------------------------------------------------------------echo "Existing configuration:"### Configuration START### Configuration STOPFACES="`ip l l | grep "^[0-9]" | grep -vE "(sit|gre|ipip|tun|dummy|lo)" | sed "s/^[0-9]*: \([^:]*\).*/\1/g"`"for FACE in ${FACES} ; doecho "Configuration for:"echo ${FACE}tc -s -d qdisc show dev ${FACE}tc -s -d class show dev ${FACE}done------------------------------------------------------------qosclear-----------------------------------------------------------echo "Applying QOS rules"# Set global variablesIPTABLES="iptables"TC="/sbin/tc"### Configuration START### Configuration STOPFACES="`ip l l | grep "^[0-9]" | grep -vE "(sit|gre|ipip|tun|dummy|lo)" | sed "s/^[0-9]*: \([^:]*\).*/\1/g"`"echo "Remove Qdisc root classes"for FACE in ${FACES} ; do$TC qdisc del dev ${FACE} root &>/dev/nulldoneecho "Remove IPTables packed mangling, set defaults"$IPTABLES -t mangle -F INPUT$IPTABLES -t mangle -F OUTPUT$IPTABLES -t mangle -F PREROUTING$IPTABLES -t mangle -F POSTROUTING$IPTABLES -t mangle -F FORWARD$IPTABLES -t mangle -P INPUT ACCEPT$IPTABLES -t mangle -P OUTPUT ACCEPT$IPTABLES -t mangle -P PREROUTING ACCEPT$IPTABLES -t mangle -P POSTROUTING ACCEPT$IPTABLES -t mangle -P FORWARD ACCEPT--------------------------------------------------------------------------------qos_base---------------------------------------------------------------------------------#!/bin/shecho "Applying QOS rules"echo "-Set global variables"IPTABLES="/sbin/iptables"TC="/sbin/tc"### Configuration START# $SPEED must be /2SPEED="2048"### Configuration STOPFACES="`ip l l | grep "^[0-9]" | grep -vE "(sit|gre|ipip|tun|dummy|lo|teql)" | sed "s/^[0-9]*: \([^:]*\).*/\1/g"`"STOCHASIS="sfq perturb 10"echo "-Remove Qdisc root classes"for FACE in ${FACES} ; do$TC qdisc del dev ${FACE} root &>/dev/nulldoneecho "-Remove IPTables packed mangling, set defaults"$IPTABLES -t mangle -F INPUT$IPTABLES -t mangle -F OUTPUT$IPTABLES -t mangle -F PREROUTING$IPTABLES -t mangle -F POSTROUTING$IPTABLES -t mangle -F FORWARD$IPTABLES -t mangle -P INPUT ACCEPT$IPTABLES -t mangle -P OUTPUT ACCEPT$IPTABLES -t mangle -P PREROUTING ACCEPT$IPTABLES -t mangle -P POSTROUTING ACCEPT$IPTABLES -t mangle -P FORWARD ACCEPTecho "-Trafic Marking"for FACE in ${FACES} ; do# SSH$IPTABLES -t mangle -A OUTPUT -p tcp --sport 22 -o ${FACE} -j MARK --set-mark 1$IPTABLES -t mangle -A OUTPUT -p tcp --dport 22 -o ${FACE} -j MARK --set-mark 1$IPTABLES -t mangle -A FORWARD -p tcp --sport 22 -o ${FACE} -j MARK --set-mark 1$IPTABLES -t mangle -A FORWARD -p tcp --dport 22 -o ${FACE} -j MARK --set-mark 1# interactive UDP aplication, suported: Half-Life$IPTABLES -t mangle -A FORWARD -p udp --sport 27015 -o ${FACE} -j MARK --set-mark 10$IPTABLES -t mangle -A FORWARD -p udp --dport 27015 -o ${FACE} -j MARK --set-mark 10# Ping$IPTABLES -t mangle -A FORWARD -p icmp -o ${FACE} -j MARK --set-mark 20# Routing, suported: OSPF$IPTABLES -t mangle -A FORWARD -p ospf -o ${FACE} -j MARK --set-mark 30$IPTABLES -t mangle -A FORWARD -p tcp --sport 179 -o ${FACE} -j MARK --set-mark 30$IPTABLES -t mangle -A FORWARD -p tcp --dport 179 -o ${FACE} -j MARK --set-mark 30# Huge data transfer, suported: FTP, HTTP, HTTPS, alt. HTTP$IPTABLES -t mangle -A OUTPUT -p tcp --sport 20 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --dport 20 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --sport 20 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --dport 20 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --sport 21 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --dport 21 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --sport 21 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --dport 21 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --sport 80 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --dport 80 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --sport 80 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --dport 80 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --sport 443 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --dport 443 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --sport 8080 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A OUTPUT -p tcp --dport 8080 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --sport 8080 -o ${FACE} -j MARK --set-mark 40$IPTABLES -t mangle -A FORWARD -p tcp --dport 8080 -o ${FACE} -j MARK --set-mark 40# email: SMTP,IMAP, IMAPS, POP3, POP3S$IPTABLES -t mangle -A FORWARD -p tcp --sport 110 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --dport 110 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --sport 143 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --dport 143 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --sport 25 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --dport 25 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --sport 993 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --dport 993 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --sport 995 -o ${FACE} -j MARK --set-mark 50$IPTABLES -t mangle -A FORWARD -p tcp --dport 995 -o ${FACE} -j MARK --set-mark 50doneecho "-Create HTB classes"for FACE in ${FACES} ; do$TC qdisc add dev ${FACE} root handle 1: htb default 30$TC class add dev ${FACE} parent 1: classid 1:1 htb rate ${SPEED}kbit ceil ${SPEED}kbit burst 10k$TC class add dev ${FACE} parent 1:1 classid 1:11 htb rate 64kbit ceil 256kbit burst 2k prio 1 # SSH class$TC class add dev ${FACE} parent 1:1 classid 1:110 htb rate 64kbit ceil $((${SPEED}/4))kbit burst 2k prio 2 # interactive class$TC class add dev ${FACE} parent 1:1 classid 1:120 htb rate 32kbit ceil 128kbit burst 1k prio 4 # ping class$TC class add dev ${FACE} parent 1:1 classid 1:130 htb rate 32kbit ceil 64kbit burst 1k prio 1 # routing class$TC class add dev ${FACE} parent 1:1 classid 1:140 htb rate 32kbit ceil $((${SPEED}/2))kbit burst 5k prio 3 # data transfer class$TC class add dev ${FACE} parent 1:1 classid 1:150 htb rate 128kbit ceil $((${SPEED}/2))kbit burst 5k prio 2 # email class$TC class add dev ${FACE} parent 1:1 classid 1:30 htb rate 32kbit ceil $((${SPEED}/2))kbit burst 2k prio 5 # nonsuported trafic classdoneecho "-Add stochasic fairness to HTB classes"for FACE in ${FACES} ; do$TC qdisc add dev ${FACE} parent 1:11 handle 111: $STOCHASIS # SSH sub-classes$TC qdisc add dev ${FACE} parent 1:110 handle 1101: $STOCHASIS # interactive sub-classes$TC qdisc add dev ${FACE} parent 1:120 handle 1201: $STOCHASIS # ping sub-classes$TC qdisc add dev ${FACE} parent 1:130 handle 1301: $STOCHASIS # routing sub-classes$TC qdisc add dev ${FACE} parent 1:140 handle 1401: $STOCHASIS # data transfer sub-classes$TC qdisc add dev ${FACE} parent 1:150 handle 1501: $STOCHASIS # email sub-classes$TC qdisc add dev ${FACE} parent 1:30 handle 301: $STOCHASIS # nonsuported trafic classdoneecho "-Redirect marked services to HTB classes"for FACE in ${FACES} ; do$TC filter add dev ${FACE} parent 1:0 protocol ip handle 1 fw flowid 1:11 # SSH$TC filter add dev ${FACE} parent 1:0 protocol ip handle 10 fw flowid 1:110 # interactive$TC filter add dev ${FACE} parent 1:0 protocol ip handle 20 fw flowid 1:120 # ping$TC filter add dev ${FACE} parent 1:0 protocol ip handle 30 fw flowid 1:130 # routing$TC filter add dev ${FACE} parent 1:0 protocol ip handle 40 fw flowid 1:140 # data transfer$TC filter add dev ${FACE} parent 1:0 protocol ip handle 50 fw flowid 1:150 # emaildone2.#!/bin/sh## GameScript This script establishes policy routing and traffic# control rules to minimize latency for game packets# in the presence of other traffic.## Besides this script, there is one other thing that must be done.# Assuming that iproute2 is already installed, edit the file# /etc/iproute2/rt_tables and add the following line at the bottom:# "100 Small_MTU"# ***********************************************************************# DEFINES *# ***********************************************************************# Change these values as required to reflect your setup# Addresses and InterfacesLAN_IP_RANGE="192.168.1.0/24"LAN_IP="192.168.0.1"LAN_INTERFACE="eth0"LOCALHOST_IP="127.0.0.1/32"INTERNET_IP_RANGE="123.123.123.0/24"INTERNET_IP="123.123.123.123"INTERNET_GATEWAY="123.123.123.1"INTERNET_INTERFACE="eth1"# ExecutablesIPTABLES="/sbin/iptables"TC="/sbin/tc"IP="/sbin/ip"# Information used to identify game traffic.# add more as requiredHOST1="192.168.0.2"HOST1_GAME_PORT="3724"# Packet marks (arbitrary)GAME_PACKET="1"# For traffic shaping:## The numbers below were arrived at by test on a DSL# line with nominal line speeds of 128 kbit up and# 1400 kbit down. Actual measured throughput was# about 90 kbit up and 1150 kbit down.## A note regarding MTU: Standard ethernet MTU is 1500# bytes, which which resulted in unacceptable single# packet xmit waits of 1500 x 8 / 90,000 = 133 msec.# Lowering the interface MTU changes the MTU in both# directions, which helped uplink latency but hurt# downlink throughput. Lowering the interface MTU to# 256 bytes resulted in a downlink throughput of less# than 500kbit. An interface MTU in the 400 - 500 byte# range provided an acceptable compromise, with single# packet xmit times of about 40 msec and downlink speeds# of about 700kbit. However, leaving the interface MTU# at 1500 bytes and setting a lower per-route MTU that# only affected non-game uplink traffic was the best# solution. An uplink MTU smaller than 256 bytes would# help latency even more, but tc and/or htb don't seem# to like mtu's below 256 and, besides, 256 results in a max# single packet xmit wait of around 25 msec, with# even better average behavior.STD_MTU="1500"TC_MTU="256"TC_MSS=$(( $STD_MTU - 40 ))TC_UPLINK_RATE="90"TC_DOWNLINK_RATE="1000"TC_GAME_RATE="30"TC_GAME_CEIL=$TC_UPLINK_RATETC_OTHER_RATE=$(( $TC_UPLINK_RATE - $TC_GAME_RATE ))TC_OTHER_CEIL=$(( $TC_UPLINK_RATE - $TC_GAME_RATE ))# *********************************************************************# RULES *# *********************************************************************case "$1" in start) # *************************************************************** # MANGLE Table PREROUTING Chain * # *************************************************************** # Firewall packet marking TCP game traffic from Host1 $IPTABLES --table mangle \ --append PREROUTING \ --protocol TCP \ --in-interface $LAN_INTERFACE \ --source $HOST1 \ --source-port $HOST1_GAME_PORT \ --jump MARK \ --set-mark $GAME_PACKET # Firewall packet marking UDP game traffic from Host1 $IPTABLES --table mangle \ --append PREROUTING \ --protocol UDP \ --in-interface $LAN_INTERFACE \ --source $HOST1 \ --source-port $HOST1_GAME_PORT \ --jump MARK \ --set-mark $GAME_PACKET # Firewall packet marking TCP game traffic to Host1 $IPTABLES --table mangle \ --append PREROUTING \ --protocol TCP \ --in-interface $INTERNET_INTERFACE \ --destination $HOST1 \ --destination-port $HOST1_GAME_PORT \ --jump MARK \ --set-mark $GAME_PACKET # Firewall packet marking UDP game traffic to Host1 $IPTABLES --table mangle \ --append PREROUTING \ --protocol UDP \ --in-interface $INTERNET_INTERFACE \ --destination $HOST1 \ --destination-port $HOST1_GAME_PORT \ --jump MARK \ --set-mark $GAME_PACKET # *************************************************************** # Policy Routing * # *************************************************************** # Delete any existing / old rules. $IP rule del priority 4000 2> /dev/null $IP rule del priority 5000 2> /dev/null # Flush the alternate routing table and routing cache $IP route flush table Small_MTU 2> /dev/null $IP route flush cache # Duplicate the normal routing table except lower the MTU of the # default route. $IP route add $LOCALHOST_IP dev lo table Small_MTU $IP route add $LAN_IP_RANGE dev $LAN_INTERFACE src $LAN_IP \ table Small_MTU proto static $IP route add $INTERNET_IP_RANGE dev $INTERNET_INTERFACE \ src $INTERNET_IP table Small_MTU proto static $IP route add default via $INTERNET_GATEWAY mtu $TC_MTU \ advmss $TC_MSS table Small_MTU proto static # Game traffic continues to go to the main routing table with # so that it can take advantage of larger uplink packet sizes. $IP rule add fwmark $GAME_PACKET priority 4000 table main # Now start referring non-game traffic to the new routing table $IP rule add from 0/0 priority 5000 table Small_MTU $IP route flush cache # *************************************************************** # Uplink Traffic Control * # *************************************************************** # Egress bandwidth shaping and scheduling are performed to ensure # that packets are never queued in the ADSL modem, and that game # packets, if present, take priority over all other traffic. # First delete any previous traffic control rules $TC qdisc del dev $INET_IFACE root 2> /dev/null $TC qdisc del dev $INET_IFACE ingress 2> /dev/null # Now establish the HTB root discipline $TC qdisc add dev $INTERNET_INTERFACE root handle 1:0 \ htb default 11 r2q 1 # Now establish the root class $TC class add dev $INTERNET_INTERFACE parent 1:0 classid 1:1 \ htb rate $TC_UPLINK_RATE"kbit" ceil $TC_UPLINK_RATE"kbit" \ burst 6k cburst 6k # Add leaf class for game traffic $TC class add dev $INTERNET_INTERFACE parent 1:1 classid 1:10 \ htb rate $TC_GAME_RATE"kbit" ceil $TC_GAME_CEIL"kbit" \ prio 1 burst 6k cburst 6k # Add leaf class for non-game traffic. Note that non-game # traffic is capped at about 67% of the available uplink # bandwidth, both for rate and ceiling. This was done # to ensure that sufficient bandwidth (tokens) is always # available for game packets when they arrive. $TC class add dev $INTERNET_INTERFACE parent 1:1 classid 1:11 \ htb rate $TC_OTHER_RATE"kbit" ceil $TC_OTHER_CEIL"kbit" \ prio 2 mtu $TC_MTU # Add fifo queueing discipline for game traffic $TC qdisc add dev $INTERNET_INTERFACE parent 1:10 handle 10: \ pfifo limit 25 # Add prio queueing discipline for non-game traffic to provide # standard TOS priority queueing. $TC qdisc add dev $INTERNET_INTERFACE parent 1:11 handle 11: \ prio # Add sfq queueing discipline for minimize-delay traffic $TC qdisc add dev $INTERNET_INTERFACE parent 11:1 handle 111: \ sfq perturb 5 # Add sfq queueing discipline for best-effort traffic $TC qdisc add dev $INTERNET_INTERFACE parent 11:2 handle 112: \ sfq perturb 5 # Add sfq queueing discipline for maximize-throughput traffic $TC qdisc add dev $INTERNET_INTERFACE parent 11:3 handle 113: \ sfq perturb 5 # Now filter game traffic to leaf 1:10 as first priority $TC filter add dev $INTERNET_INTERFACE parent 1:0 \ protocol ip prio 1 handle $GAME_PACKET fw flowid 1:10 # Empty ack packets are assigned directly to the minimize- # delay queue. $TC filter add dev $INTERNET_INTERFACE parent 11:0 protocol ip \ prio 3 u32 match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 11:1 # The remaining traffic defaults to htb leaf 1:11 # ************************************************************** # Downlink Traffic Control (Ingress Policing) * # ************************************************************** # Downlink traffic is limited to about 85% of actual downlink # capability to prevent upstream queueing. # First establish an ingress qdisc $TC qdisc add dev $INTERNET_INTERFACE handle ffff: ingress # Incoming game traffic is not policed $TC filter add dev $INTERNET_INTERFACE parent ffff: \ protocol ip prio 1 handle $GAME_PACKET fw flowid :1 # Filter everything else to that qdisc and drop packets # that exceed the bandwidth limit $TC filter add dev $INTERNET_INTERFACE parent ffff: \ protocol ip prio 3 u32 match ip src 0.0.0.0/0 \ police rate $TC_DOWNLINK_RATE"kbit" burst 3k drop \ flowid :1 ;; stop) # Remove any uplink throttling $TC qdisc del dev $INTERNET_INTERFACE root 2> /dev/null $TC qdisc del dev $INTERNET_INTERFACE ingress 2> /dev/null # Remove policy routing $IP rule del priority 5000 2> /dev/null $IP rule del priority 4000 2> /dev/null $IP route flush table Small_MTU 2> /dev/null $IP route flush cache ;; restart) $0 stop sleep 3 $0 start ;; *) echo "Usage: ./$0 start|stop|restart}" exit 1esacexit 0Robert
0 0
- tc, QoS, priority
- Linux skb->priority Qos
- Linux tc QOS 详解
- 利用TC进行流量控制(Qos)
- 利用TC进行流量控制(Qos)
- linux通过tc控制网络QoS(1)
- linux通过tc控制网络QoS(2)
- tc - traffic control Linux QoS control tool
- qos实现之tc流量控制
- 理解QoS服务策略中的priority与bandwidth
- Linux下QoS模块之tc(traffic control)操作简介
- 利用TC进行流量控制(Qos)-已测(下载)
- Linux下QoS模块之tc(traffic control)操作简介
- Priority
- QoS
- QoS
- QoS
- qos
- POJ 1426 Find The Multiple (Special Judge)
- CSS清除浮动_清除float浮动
- Android项目之JSON解析(3种解析技术详解)
- Apache如何合理设置连接数
- “玲珑杯”ACM比赛 Round #5 H -- Variance(线段树+方差)
- tc, QoS, priority
- 注意安全(2)!XSRF跨站伪造请求
- urllib.error.HTTPError: HTTP Error 403: Forbidden
- Java跨平台的关键——JVM
- HTML容器标签和文本标签
- java的网络编程
- 计数排序
- java中连续向Oracle数据库插入1000条数据
- 关于MTK 平台上默认打开wifi ,和默认关闭数据流量