Traffic Shaping

H

hst

:F
Hi,
ich versuche nun bestimmt schon seit 4 Stunden meinen Linux-Router so zu konfigureren, dass er den Traffic, der erzeugt wird wenn ich Quake 3 spiele, dem HTTP Traffic vorzuziehen.

Dazu nutze ich momentan ein Script, das ich auf folgender Webseite gefunden habe:
https://pyre.virge.net/projects/shaper.shtml

Ich habe auch schon einige andere Scripte probiert, allerdings ohne Erfolg.

Das besagtes Script habe ich meiner Verbindung entsprechend abgeaendert.

Was funktioniert: Wenn das Script laeuft, ich eine Webseite aufrufe und gleichzeitig beispielsweise heise.de anpinge, ist die Verzögerung wesentlich niedriger als wenn das Script nicht laeuft. Nur dumm, dass das bei Quake 3 nicht der Fall ist.

Code:
#!/bin/bash

# Set the following values to somewhat less than your actual download
# and uplink speed. In kilobits. Also set the device that is to be shaped.
DOWNLINK=2000 # max is 3Mbps, set it to 30 so its kind of disabled
UPLINK=200     # max is 800kbps see ~/files/doc/speedtest.txt
DEV=dsl0

# low priority OUTGOING traffic - you can leave this blank if you want
# low priority source netmasks
NOPRIOHOSTSRC=

# low priority destination netmasks
NOPRIOHOSTDST=

# low priority source ports (smtp, https, freenet, my gnutella, bittorrent)
NOPRIOPORTSRC="80 25 443 28073 8436 6881 7000 7001 7002 7003"

# low priority destination ports (smtp, default gnutella, bittorent)
NOPRIOPORTDST="80 443 25 6346 6881 6882 6883 6884 6885 6886 6887 6888 6889"

# high priority thingers - sip
PRIOPORTSRC=""
PRIOPORTDST=""

PRIOHOSTDST=

#########################################################

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Bandwith shaping"

case "$1" in
  start)
	echo -n "Starting $DESC"
	###### uplink

	# install root HTB, point default traffic to 1:20:

	tc qdisc add dev $DEV root handle 1: htb default 20 r2q 1

	# shape everything at $UPLINK speed - this prevents huge queues in your
	# DSL modem which destroy latency:

	tc class add dev $DEV parent 1: classid 1:1 htb rate \
	   ${UPLINK}kbit

	# high prio class 1:10: gets 70% of bandwidth

	tc class add dev $DEV parent 1:1 classid 1:10 htb rate \
	   $[7*$UPLINK/10]kbit ceil ${UPLINK}kbit prio 1

	# bulk and default class 1:20 - guaranteed only 20% bandwidth
	# max 90% and a lower priority:

	tc class add dev $DEV parent 1:1 classid 1:20 htb rate \
	   $[2*$UPLINK/10]kbit ceil $[9*$UPLINK/10]kbit prio 2

	# Lowest priority class, 10% bandwidth, 50% max

	tc class add dev $DEV parent 1:1 classid 1:30 htb rate \
	   $[1*$UPLINK/10]kbit ceil $[5*$UPLINK/10]kbit prio 3
	   
	# all get Stochastic Fairness:
	tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
	tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
	tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10

	# start filters
	# If the packet is marked with iptables..
	# use mark 0x10001 for class 1:1, 0x10002 for 1:2 etc.
	# 1:10 is --set-mark 0x10010
	tc filter add dev $DEV parent 1:0 protocol ip prio 5 fw

	# TOS Minimum Delay (ssh, NOT scp) in 1:10:
	tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
	   match ip tos 0x10 0xff flowid 1:10
	
	# 0x08 means maximize throughtput, but thats not exactly what
	# 1:30 does.  Oh well.
	tc filter add dev $DEV parent 1:0 protocol ip prio 50 u32 \
	   match ip tos 0x08 0xff flowid 1:30

	# To speed up downloads while an upload is going on, put ACK packets in
	# the interactive class:
	# match u8 0x05 0x0f at 0 = header length=5 (5 32bit words=20bytes)
	# match u16 0x0000 0xffc0 at 2 = total length (incl data) must be
	#                 between 0x0000-0x003F (0-63) bytes
	# match u8 0x10 0xff at 33 = skip past ip header into tcp header
	#                            Control Bits 00010000=ack
	# This rule is kind of redundant due to the next one..

	tc filter add dev $DEV parent 1: protocol ip prio 11 u32 \
	   match ip protocol 6 0xff \
	   match u8 0x05 0x0f at 0 \
	   match u16 0x0000 0xffc0 at 2 \
	   match u8 0x10 0xff at 33 \
	   flowid 1:10


	# prioritize small packets (<64 bytes)
	tc filter add dev $DEV parent 1: protocol ip prio 12 u32 \
	   match ip protocol 6 0xff \
	   match u8 0x05 0x0f at 0 \
	   match u16 0x0000 0xffc0 at 2 \
	   flowid 1:10

	# Quake!
	# 28000 dec is  0110110101100000
	# 0xff80 hex is 1111111110000000 (mask)
	#               ---------------- AND
	#               0110110100000000 (27904)
	#
	#               0110110101111111 (28031)
	# Therefore dport 28000 0xff80 should match port 27904-28031
	               
	tc filter add dev $DEV parent 1:0 protocol ip prio 13 u32 \
	   match ip protocol 17 0xff \
	   match ip dport 28000 0xfe00 flowid 1:10

	tc filter add dev $DEV parent 1:0 protocol ip prio 13 u32 \
	   match ip protocol 17 0xff \
	   match ip sport 28000 0xff80 flowid 1:10

	for a in $PRIOPORTDST
	do
		tc filter add dev $DEV parent 1:0 protocol ip prio 13 u32 \
		   match ip dport $a 0xffff flowid 1:10
	done

	for a in $PRIOPORTSRC
	do
		tc filter add dev $DEV parent 1:0 protocol ip prio 13 u32 \
		   match ip sport $a 0xffff flowid 1:10
	done

	for a in $PRIOHOSTDST
	do
		tc filter add dev $DEV parent 1:0 protocol ip prio 13 u32 \
		   match ip dst $a flowid 1:10
	done
		   
	# ICMP (ip protocol 1) in the interactive class 1:10 so we 
	# can do measurements & impress our friends:
	tc filter add dev $DEV parent 1:0 protocol ip prio 14 u32 \
           match ip protocol 1 0xff flowid 1:10


	# some traffic however suffers a worse fate
	for a in $NOPRIOPORTDST
	do
		tc filter add dev $DEV parent 1: protocol ip prio 50 u32 \
		   match ip dport $a 0xffff flowid 1:30
	done

	for a in $NOPRIOPORTSRC
	do
		tc filter add dev $DEV parent 1: protocol ip prio 51 u32 \
		   match ip sport $a 0xffff flowid 1:30
	done

	for a in $NOPRIOHOSTSRC
	do
		tc filter add dev $DEV parent 1: protocol ip prio 52 u32 \
		   match ip src $a flowid 1:30
	done

	for a in $NOPRIOHOSTDST
	do
		tc filter add dev $DEV parent 1: protocol ip prio 53 u32 \
		   match ip dst $a flowid 1:30
	done

	# rest is 'non-interactive' ie 'bulk' and ends up in 1:20

	###### downlink
	# slow downloads down to somewhat less than the real speed  to prevent 
	# queuing at our ISP. Tune to see how high you can set it.
	# ISPs tend to have *huge* queues to make sure big downloads are fast
	#
	# attach ingress policer:

	tc qdisc add dev $DEV handle ffff: ingress

	# filter *everything* to it (0.0.0.0/0), drop everything that's
	# coming in too fast:

	tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip \
	   src 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
	echo "."
	;;
  stop)
	echo -n "Stopping $DESC"
	# clean existing down- and uplink qdiscs
	tc qdisc del dev $DEV root
	tc qdisc del dev $DEV ingress
	echo "."
	;;
  restart|force-reload)
	echo "Restarting $DESC:"
	$0 stop
	$0 start
	;;
  status)
  	tc -s qdisc ls dev $DEV
	tc -s class ls dev $DEV
	;;	
  *)
	N=$0
	echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
	exit 1
	;;
esac

exit 0
 
Zuletzt bearbeitet:
Hallo
Installier doch squid als HTTP Proxy und konfiguriere einen delay pool. ist in den Kommentaren der Konfigurationsdatei näher beschrieben( such einfach nach delay pool). Am besten bearbeitest du das init script so das es zwei verschiedene konfigurationsdateien laden kann. wenn der squid schon läuft solltest du aber squid -k reconfigure zum tauschen der konfig benutzen.
Ansonsten dürfte iptables das auch können.
 
Hey,
ich danke dir, dass du mich darauf aufmerksam gemacht hast, hört sich gut an!
Werde es gleich mal ausprobieren.
 

Ähnliche Themen

Verschlüsseltes Backup-Script mit rsync

X startet nichtmehr

Debian Routing Problem

OpenVPN Traffic limitieren pro User

Rollei Mini Wifi Camcorder

Zurück
Oben