tc filter problem
Bruno Wolff III
bruno at wolff.to
Sun Jul 18 16:49:29 UTC 2004
On Sun, Jul 18, 2004 at 09:41:01 -0500,
"Cowles, Steve" <steve at stevecowles.com> wrote:
> Bruno Wolff III wrote:
> >> [root at bruno bruno]# tc filter add dev ppp0 parent 1:0 protocol ip
> >> prio 10 u32 match ip tos 0x10 0xff flowid 1:10 RTNETLINK answers:
> >> Invalid argument
>
> Have you loaded the cls_u32 module? In fact, there are a few other tc
> related modules you might need to load. For reference, this is what I load
> at this end for tc.
>
> # Traffic Shaping Stuff
> sch_htb
> sch_sfq
> sch_ingress
> cls_fw
> cls_u32
Of the above, all but cls_fw were loaded. I first tried loading that module
then I tried loading all of the sched modules and neither seemed to change
the way things were working.
I have also tried using iproute-2.6.8's tc to see if there was some new syntax
introduced since 2.4.7 (which seems to be about 2 years old). That didn't help
either.
The actual script I an using is below. The echo's are just so I can tell
which error message goes with which tc command. All four tc filter commands
get errors, while the tc qdisc and tc class commands seem to work OK.
(At least their results show up when do shows.)
TC=/usr/local/bin/tc
# The Ultimate Setup For Your Internet Connection At Home
#
#
# Set the following values to somewhat less than your actual download
# and uplink speed. In kilobits
DOWNLINK=50
UPLINK=30
DEV=ppp0
# clean existing down- and uplink qdiscs, hide errors
echo TC; $TC qdisc del dev $DEV root 2> /dev/null > /dev/null
echo TC; $TC qdisc del dev $DEV ingress 2> /dev/null > /dev/null
###### uplink
# install root HTB, point default traffic to 1:20:
echo TC; $TC qdisc add dev $DEV root handle 1: htb default 20
# shape everything at $UPLINK speed - this prevents huge queues in your
# DSL modem which destroy latency:
echo TC; $TC class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit burst 6k
# high prio class 1:10:
echo TC; $TC class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit \
burst 6k prio 1
# bulk & default class 1:20 - gets slightly less traffic,
# and a lower priority:
echo TC; $TC class add dev $DEV parent 1:1 classid 1:20 htb rate $[9*$UPLINK/10]kbit \
burst 6k prio 2
# both get Stochastic Fairness:
echo TC; $TC qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
echo TC; $TC qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
# TOS Minimum Delay (ssh, NOT scp) in 1:10:
echo TC; $TC filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
match ip tos 0x10 0xff flowid 1:10
# ICMP (ip protocol 1) in the interactive class 1:10 so we
# can do measurements & impress our friends:
echo TC; $TC filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
match ip protocol 1 0xff flowid 1:10
# To speed up downloads while an upload is going on, put ACK packets in
# the interactive class:
echo TC; $TC filter add dev $DEV parent 1: protocol ip prio 10 u32 \
match ip protocol 6 0xff \
match u8 0x05 0x0f at 0 \
match u16 0x0000 0xffc0 at 2 \
match u8 0x10 0xff at 33 \
flowid 1:10
# rest is 'non-interactive' ie 'bulk' and ends up in 1:20
########## downlink #############
# slow downloads down to somewhat less than the real speed to prevent
# queuing at our ISP. Tune to see how high you can set it.
# ISPs tend to have *huge* queues to make sure big downloads are fast
#
# attach ingress policer:
echo TC; $TC qdisc add dev $DEV handle ffff: ingress
# filter *everything* to it (0.0.0.0/0), drop everything that's
# coming in too fast:
echo TC; $TC filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
More information about the fedora-list
mailing list