Linux traffic shaping problem (closest I got is to 'hang' linux)

[Leo]

Steve wrote:

>If you have recompiled your kernel then you will need to select this, 
>(under make menuconfig options) otherwise, it is already turned on for 
>stock redhat kernels.
>  
>

Actually I did try to compile the kernel, but I didn't have any success 
at compiling some modules (posted a message some days ago). But anyway I 
did find out that redhat comes with QoS enabled right out of the rpms, 
so I let it pass.


>You will also need the iproute2 tools (tc, ip, etc - the rpm is on the 
>redhat cd)
>  
>
Sure, I have them, or else I wouldn't have said I set up things 
correctly in my first post.


>Then you will have to work out what it is exactly that you are trying to 
>do, and keep in mind, shaping only works in the outbound (egress) 
>direction, so in order to do shaping of traffic comming into your network 
>you will need to control both ends of your link.
>

Read the lartc, that's what it says there about being for just outbound 
traffic. It's logical anyway, you can't actually control what you receive.
But, note that I have read some docs that do shape inbound traffic to 
minimize a bit what comes in.


>When this is all sorted out then I would suggest you read the traffic 
>

I wouldn't have asked if I didn't do so!



>shaping howto's (a google search will find htese for you) which will give 
>you some idea of how things work, but sadly tend to be rather complex to 
>

I agree with this. Not that it's really complex to understand, but 
rather that the lartc howto isn't all that clear in laying things out, 
and relating one another. That's my point.


>understand, once you've had a bash at that then you can post questions 
>here and people may be able to help, but keep in mind, its a complex 
>subject so keep your questions specific. things such as "it doesn't work" 
>are not especially conducive to getting an answer back past "yes it does" 
>:-)
>
>  
>


Well, maybe we can get down to real examples.

Let me point out that when I say "it doesn't work", I mean "it doesn't 
work for me". I think this is quite obvious to see (maybe I'm wrong), 
because tc is there for something, and people actually seem to be using 
it, so it must work!

Also, let me point that the closest I got to making it "work", is to 
have a my linux box "hang".

So let's start first with a real example, from www.docum.org.
The script is located at www.docum.org, then click on "Tests" in the 
left tab, then go to "CBQ Tests" section and then click on "CBQ bounded 
acuracy", it's the one named bounded.sh, but I type it in here:


bounded.sh:



#!/bin/sh
RATE_MAX=$1`echo kbps`
echo $RATE_MAX

DEV="dev eth0"
OPTION="allot 1514 maxburst 20 avpkt 1000 prio 3"

tc qdisc del $DEV root
tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate 
$RATE_MAX $OPTION bounded
 
tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid 10:2
 
iptables -F
iptables -X
iptables -N acc_0
iptables -A OUTPUT -t mangle -p tcp --dport 2001 -j MARK --set-mark 1
iptables -A OUTPUT           -p tcp --dport 2001 -j acc_0
iptables -A OUTPUT -j ACCEPT



I supose that traffic on port 2001 is the one that will be shaped, right?

So, now I want to limit bandwidth on a http server. I replaced '--dport 
2001' with '--dport 80'.
Start the http server, then go to another computer and run:

wget 10.0.0.1/whaever_big_file

(10.0.0.1 would be the box where the web server runs, and where traffic 
is [out]bounded).


In my box, traffic bandwidth does not seem limited (I get the file at 
30MB per sec or smoething like that), so for me this script doesn't work.
Do you see anything wrong in this script please?




Now to another test. This one is my own "test creation", so maybe it's 
not all that correct, but anyway, it actually does "hang" my linux box 
(mouse doesn't move, keyboard doesn't respond--so I can't switch to a 
terminal, etc)... only way out is the computer's RESET button. Here's my 
"creation":


/sbin/tc qdisc del dev eth0 root
/sbin/tc qdisc add dev eth0 root handle 10: cbq bandwidth 128kbit avpkt 1000
/sbin/tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 
128kbit rate 128kbit avpkt 1000 bounded
/sbin/tc filter add dev eth0 parent 10: protocol ip u32 match ip sport 
80 0xffff flowid 10:0
echo 1 >/proc/sys/net/ipv4/ip_forward


After running this, then do as before: run the http server and do the 
wget on the other computer.

This procedure hangs the computer hosting the server, and it's the 
closest I got to having tc "do something": sadly enough that "something" 
is a system crash.


One more thing (actually the real question in my first post): I have not 
set up anything special in my linux box to have tc working. I mean, I 
have not setup any routing tables, no special if configurations, no 
insmod, no nothing...
just an echo 1 >/proc/sys/net/ipv4/ip_forward. Do I have to run anything 
else for tc to work?


Thanks.
Leo.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/redhat-list/attachments/20040310/b1d86b30/attachment.htm>