| View previous topic :: View next topic |
| Author |
Message |
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
 Posted: Sat Jun 09, 2012 4:50 am Post subject: [SOLVED]QOS, prioritizing everything over torrent |
 |
|
I'm using transmission-daemon as bittorrent client, and I'm trying to get my internet useable while downloading torrents..
transmission is using port 51413 so I create this iptables rule, and save it
| Code: | | iptables -A OUTPUT -p tcp -m tcp --sport 51413 -j MARK --set-mark 10 |
And then the Qos rules...
| Code: | tc qdisc add dev eth2 root handle 1: htb default 20
tc class add dev eth2 parent 1: classid 1:1 htb rate 1mbit
tc class add dev eth2 parent 1:1 classid 1:20 htb rate 990kbit ceil 1mbit burst 15k prio 0
tc class add dev eth2 parent 1:1 classid 1:10 htb rate 10kbit ceil 1mbit burst 15k prio 1
tc filter add dev eth2 protocol ip parent 1:0 prio 1 handle 10 fw flowid 1:10
|
I want to have everything get in front of torrent.. I think that this rules should do the job, but, I have a lot of delay while loading
pages, youtube videos don't load fast as I expect.. Am I missing something??
still things are faster than when I hasn't no Qos rules..
Maybe I get better results with l7fiter??
Other question, where is the right place to put this tc rules???
Thanks, Hilst
_________________
"Do or do not, there is no try" Yoda Master
Last edited by danielhilst on Sun Jun 17, 2012 11:22 pm; edited 1 time in total |
|
| Back to top |
|
 |
HeissFuss
Guru
Joined: 11 Jan 2005
Posts: 400
|
| Posted: Sun Jun 10, 2012 12:09 am Post subject: |
|
|
It might be overkill, but you could use shorewall + ipp2p from xtables-addons.
I was using shorewall already when I wanted to add these kind of rules, so I used the ipp2p option there. I didn't really research alternatives with different firewalls though, so there may be an easier way. |
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Thu Jun 14, 2012 12:01 pm Post subject: |
|
|
Thans HeissFuss, I will try that and back here with some status
Cheers
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7022
|
| Posted: Thu Jun 14, 2012 10:19 pm Post subject: Re: QOS, prioritizing everything over torrent |
|
|
| danielhilst wrote: | | Maybe I get better results with l7fiter?? |
Yeah, I expect. Kernel 3.4 has CONFIG_NETFILTER_XT_MATCH_LAYER7.
Also see my tc config. |
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Fri Jun 15, 2012 1:22 am Post subject: |
|
|
Hey PaulBredbury, thanks for sharing 
Watching your rules I see that you classify transmission connections by user
I try this setup without success:
- Classify transmission user connections with -m owner and -j CLASSIFY options
| Code: | | iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20 |
- Set two rules, one default, with high priority and other to classified transmission user with lower priority
| Code: | tc qdisc add dev eth2 root handle 1: htb default 10
tc class add dev eth2 parent 1: classid 1:1 htb rate 1mbit
tc class add dev eth2 parent 1:1 classid 1:10 htb rate 500kbit ceil 1mbit burst 15kbit prio 0
tc class add dev eth2 parent 1:1 classid 1:20 htb rate 500kbit ceil 1mbit burst 15kbit prio 1
|
- Start transmission-daemon with transmission user
It simples don't work and I can't figure out why...
My test was start transmission-daemon and wait for takes all my band, something near 120kbs
Then start a video on youtube.. I expect that transmission slow down and youtube loads as fast
as when transmission is not running... but transmission still keeps eating all my band and the video
takes eternity to load.. Seem that the rules aren't being applied.. 
Still I can see the classify working on iptables... with the -vv option
Other question... that CLASSIFY iptables rules can replace the tc filter below, or I still need that filter?
| Code: | | tc filter add dev eth2 protocol ip parent 1:0 prio 1 handle 20 fw flowid 1:20 |
Best regards,
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7022
|
| Posted: Fri Jun 15, 2012 1:45 am Post subject: |
|
|
It sounds like you're not using: -j RETURN
And that your transmission traffic is firstly matching the transmission-preference rule, but then also matching the usual rule intended for everything else.
E.g. instead of one line, you need 2:
| Code: | iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j RETURN |
|
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Sun Jun 17, 2012 1:40 am Post subject: |
|
|
PaulBredbury, thanks for your reply
iptables rule are fine now.. but transmission still borrow to much band for it...
I can see the torrent average falling down, but is not the much that I expect.. and isn't happening all the time.. some
times works some times not..
Here is classes statistics while running a ftp download and transmission at same time....
The download starts getting band and gaining speed,.. and the torrent slows down.. but
at some point torrent starts to get speed again and ftp download slows down
| Code: | class htb 1:10 parent 1:1 prio 0 rate 500000bit ceil 1000Kbit burst 1600b cburst 1600b
Sent 880907 bytes 10625 pkt (dropped 0, overlimits 0 requeues 0)
rate 10200bit 17pps backlog 0b 0p requeues 0
lended: 10610 borrowed: 15 giants: 0
tokens: 386000 ctokens: 193000
class htb 1:1 root rate 1000Kbit ceil 1000Kbit burst 1600b cburst 1600b
Sent 3688203 bytes 38459 pkt (dropped 0, overlimits 0 requeues 0)
rate 106936bit 115pps backlog 0b 0p requeues 0
lended: 678 borrowed: 0 giants: 0
tokens: 191000 ctokens: 191000
class htb 1:20 parent 1:1 prio 1 rate 500000bit ceil 1000Kbit burst 1600b cburst 1600b
Sent 2807296 bytes 27834 pkt (dropped 0, overlimits 0 requeues 0)
rate 96736bit 98pps backlog 0b 0p requeues 0
lended: 27171 borrowed: 663 giants: 0
tokens: 382000 ctokens: 191000
|
I think that I have miss concepts about HTB.. and that I have to tune my tc rules..
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7022
|
| Posted: Sun Jun 17, 2012 2:32 am Post subject: |
|
|
| danielhilst wrote: | | ceil 1000Kbit |
Remember, that value has to be *less* than your router's upload speed, to ensure that the output bottleneck is with your PC, rather than the router. |
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Sun Jun 17, 2012 9:55 pm Post subject: |
|
|
Thanks... now it works :DDD
I've down my rate to 100kbit
I'll try to tune my numbers now
editing -- now that is working I will show here my gentoo configuration.... Thanks again PaulBredbury,
The idea is making torrents get the lower priority over everything..
Note that my interface user here is eth2, you should change it to your inferface... I'm using transmission-daemon,
so I can (with my route in dmz) access it web based interface from work and put new torrents do download 
If you have not it installed you should install right now.. or you can adapt this solution for another client..
I have a 1mb band of internet.. you may change number to fit your speed
First I create two simple scripts, containing the QOS rules, I let it on /root for a while.. I'm a lazy guy...
/root/tc2.sh
| Code: |
#!/bin/bash
test -z $1 && { echo "No interface, use: $0 <interface>"; exit 1; }
tc qdisc add dev $1 root handle 1: htb default 10
tc class add dev $1 parent 1: classid 1:1 htb rate 100kbit
tc class add dev $1 parent 1:1 classid 1:10 htb rate 50kbit ceil 100kbit prio 0
tc class add dev $1 parent 1:1 classid 1:20 htb rate 50kbit ceil 100kbit prio 1
|
/root/tc2del.sh
| Code: | #!/bin/bash
test -z $1 && { echo "No interface, use: $0 <interface>"; exit 1; }
tc qdisc del dev $1 root handle 1: htb
|
Grant execution permission to that scripts..
| Code: | | chmod +x /root/tc2{,del}.sh |
Then I create a new init script, copy pasting from a sample, sure;; 
/etc/init.d/qos-rules
| Code: | #!/sbin/runscript
interface=eth2
depend() {
# the daemon needs the internet to function
need iptables
need net
}
start() {
ebegin "Starting QOS Rules"
/root/tc2.sh $interface
eend $?
}
stop() {
ebegin "Stopping QOS Rules"
/root/tc2del.sh $interface
eend $?
}
de
|
Grant execution permission here too
| Code: | | chown +x /etc/init.d/qos-rules |
Create iptables rules
| Code: | iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j RETURN |
Save it
| Code: | | /etc/init.d/iptables save |
Make transmission use transmission user.. I don't know if this is made by default.. can any one confirm?
Edit /etc/conf.d/transmission-daemon and let runas_user variable as transmission
| Code: | | runas_user=transmission |
Put everything on default level
| Code: | rc-update add iptables default
rc-update add qos-rules default
rc-update add transmission-daemon default |
Start everything, if not yet started
| Code: | /etc/init.d/qos-rules start
/etc/init.d/iptables start
/etc/init.d/transmission-daemon start |
Test,
Go to localhost:9091, on your browser.. put some fine seeded torrents do download and wait for transmission get band
Go to ftp.kernel.org and start a kernel download.. this is what I use
You may see torrents speed falling down and download speed going up[/quote]
Cheers
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Wed Jun 20, 2012 12:42 pm Post subject: |
|
|
Now...
How can I improve the interactivity of my connections?? 
I'm having lag on ssh connections
Cheers
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7022
|
| Posted: Wed Jun 20, 2012 3:27 pm Post subject: |
|
|
| See the config I posted - it prioritizes SSH traffic. |
|
| Back to top |
|
|
danielhilst
n00b
Joined: 19 Feb 2011
Posts: 35
|
| Posted: Thu Jun 21, 2012 3:03 am Post subject: |
|
|
I see that you use SFT instead of pfifo, why??
| Code: | | tc qdisc add dev $iface parent 1:$[$i*10] handle $[$i*10]: sfq perturb 10 |
I've set better interactivity giving more band to my default class..
Here is
| Code: |
tc class add dev $1 parent 1:1 classid 1:10 htb rate 90kbit ceil 100kbit prio 0
tc class add dev $1 parent 1:1 classid 1:20 htb rate 10kbit ceil 100kbit prio 1
|
Cheers
_________________
"Do or do not, there is no try" Yoda Master |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7022
|
| Posted: Thu Jun 21, 2012 4:11 am Post subject: |
|
|
Yeah, pfifo works too, and may be better for me.
AFAICT, specifying a rate makes sense with sfq perturb <n>, but I assume the rate is ignored with pfifo. If I set the rate low (e.g. 30kbit), it spams my log with:
| Code: | | HTB: quantum of class 100n0 is small. Consider r2q change. |
|
|
| Back to top |
|
|
|
Networking & Security
