Re: Traffic shaping on debian

To: Dmitry Sinina <dmitry.sinina@onat.edu.ua>
Cc: debian-isp@lists.debian.org
Subject: Re: Traffic shaping on debian
From: Aleksey <unite@openmailbox.org>
Date: Fri, 27 May 2016 16:50:55 +0300
Message-id: <[🔎] 0283bf937d7c747978d179f840e10cc3@openmailbox.org>
In-reply-to: <[🔎] d2fc8190-ba38-6305-e89c-8e7b3ab637e1@onat.edu.ua>
References: <[🔎] d4e79042ec3c0690f26690455bd3531d@openmailbox.org> <[🔎] d2fc8190-ba38-6305-e89c-8e7b3ab637e1@onat.edu.ua>

On 2016-05-27 14:48, Dmitry Sinina wrote:

On 05/27/2016 02:40 PM, Aleksey wrote:
Hi guys!
I have a debian box acting as a router and need a tool to performtraffic shaping based on source/destination IPs, interfaces, etc. Ihave tried the default tc, however, it uses plenty of resources, e.g.600 mbps without shaping flows through with 3% cpu load and the same600mbps with shaping (tc
using htb on egress interface) consumes something like 40% cpu.
Probably someone could advise some kind of a tool to do such shapingwith minimum resources consumed - I've searched through the web andfound a module named nf-hishape, however, I didn't manage to find somereasonably high number of articles about it as well as no manuals andso on - I guess it's
not very popular (if it's actually alive).

Any help would be appreciated.

Thanks in advance.
Hi.

Seems you use flat list of filters. How many filters you have?
Did you try hash tables for traffic classification?

Hi.

Practically, I haven't done any configuration on my production router -I have performed tests in lab environment. Configuration was prettysimple:


tc qdisc add dev eth1 root handle 1: htb default 30

tc class add dev eth1 parent 1: classid 1:1 htb rate 1000mbps ceil1000mbps

tc class add dev eth1 parent 1:1 classid 1:10 htb rate 3mbps ceil 5mbps
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 5mbps ceil 7mbps

tc class add dev eth1 parent 1:1 classid 1:30 htb rate 1mbps ceil1000mbps

tc qdisc add dev eth1 parent 1:10 handle 10:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:20 handle 20:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:30 handle 30:0 sfq perturb 10

tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip dport443 0xffff flowid 1:20tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip dport80 0xffff flowid 1:10

So after applying it I tried to push some traffic through this lab boxusing iperf. When performing test on ports 80/443 (limited to lowbandwidth) - CPU load was ok, however when I pushed unrestricted traffic(1000 mbps limit) I noticed high CPU usage. I tried setting up filtersbased on fwmark but the result was the same. I'm using debian 7 with3.16 kernel installed from wheezy-backports, if it is important.


If some additional info (firewall config, etc) is needed, please ask.

--
With kind regards,
Aleksey

Reply to:

Follow-Ups:
- Re: Traffic shaping on debian
  - From: lxP <lxp@davizone.at>
- Re: Traffic shaping on debian
  - From: Martin Kraus <lists_mk@wujiman.net>

References:
- Traffic shaping on debian
  - From: Aleksey <unite@openmailbox.org>
- Re: Traffic shaping on debian
  - From: Dmitry Sinina <dmitry.sinina@onat.edu.ua>

Prev by Date: Re: Traffic shaping on debian
Next by Date: Re: Traffic shaping on debian
Previous by thread: Re: Traffic shaping on debian
Next by thread: Re: Traffic shaping on debian
Index(es):
- Date
- Thread