[SOLVED]QOS, prioritizing everything over torrent

Message

danielhilst · Post by **danielhilst** » Sat Jun 09, 2012 4:50 am

I'm using transmission-daemon as bittorrent client, and I'm trying to get my internet useable while downloading torrents..

transmission is using port 51413 so I create this iptables rule, and save it

Code: Select all

 iptables -A OUTPUT -p tcp -m tcp --sport 51413 -j MARK --set-mark 10

And then the Qos rules...

Code: Select all

tc qdisc add dev eth2 root handle 1: htb default 20
tc class add dev eth2 parent 1: classid 1:1 htb rate 1mbit
tc class add dev eth2 parent 1:1 classid 1:20 htb rate 990kbit ceil 1mbit burst 15k prio 0
tc class add dev eth2 parent 1:1 classid 1:10 htb rate 10kbit ceil 1mbit burst 15k prio 1
tc filter add dev eth2 protocol ip parent 1:0 prio 1 handle 10 fw flowid 1:10

I want to have everything get in front of torrent.. I think that this rules should do the job, but, I have a lot of delay while loading
pages, youtube videos don't load fast as I expect.. Am I missing something??

still things are faster than when I hasn't no Qos rules..

Maybe I get better results with l7fiter??

Other question, where is the right place to put this tc rules???

Thanks, Hilst

HeissFuss · Post by **HeissFuss** » Sun Jun 10, 2012 12:09 am

It might be overkill, but you could use shorewall + ipp2p from xtables-addons.

I was using shorewall already when I wanted to add these kind of rules, so I used the ipp2p option there. I didn't really research alternatives with different firewalls though, so there may be an easier way.

danielhilst · Post by **danielhilst** » Thu Jun 14, 2012 12:01 pm

Thans HeissFuss, I will try that and back here with some status

Cheers

PaulBredbury · Post by **PaulBredbury** » Thu Jun 14, 2012 10:19 pm

danielhilst wrote:Maybe I get better results with l7fiter??

Yeah, I expect. Kernel 3.4 has CONFIG_NETFILTER_XT_MATCH_LAYER7.

Also see my tc config.

danielhilst · Post by **danielhilst** » Fri Jun 15, 2012 1:22 am

Hey PaulBredbury, thanks for sharing

Watching your rules I see that you classify transmission connections by user

I try this setup without success:

- Classify transmission user connections with -m owner and -j CLASSIFY options

Code: Select all

iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20

- Set two rules, one default, with high priority and other to classified transmission user with lower priority

Code: Select all

tc qdisc add dev eth2 root handle 1: htb default 10
tc class add dev eth2 parent 1: classid 1:1 htb rate 1mbit 

tc class add dev eth2 parent 1:1 classid 1:10 htb rate 500kbit ceil 1mbit burst 15kbit prio 0
tc class add dev eth2 parent 1:1 classid 1:20 htb rate 500kbit ceil 1mbit burst 15kbit prio 1

- Start transmission-daemon with transmission user

It simples don't work and I can't figure out why...
My test was start transmission-daemon and wait for takes all my band, something near 120kbs
Then start a video on youtube.. I expect that transmission slow down and youtube loads as fast
as when transmission is not running... but transmission still keeps eating all my band and the video
takes eternity to load.. Seem that the rules aren't being applied..

Still I can see the classify working on iptables... with the -vv option

Other question... that CLASSIFY iptables rules can replace the tc filter below, or I still need that filter?

Code: Select all

tc filter add dev eth2 protocol ip parent 1:0 prio 1 handle 20 fw flowid 1:20

Best regards,

PaulBredbury · Post by **PaulBredbury** » Fri Jun 15, 2012 1:45 am

It sounds like you're not using: -j RETURN

And that your transmission traffic is firstly matching the transmission-preference rule, but then also matching the usual rule intended for everything else.

E.g. instead of one line, you need 2:

Code: Select all

iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j RETURN

danielhilst · Post by **danielhilst** » Sun Jun 17, 2012 1:40 am

PaulBredbury, thanks for your reply

iptables rule are fine now.. but transmission still borrow to much band for it...

I can see the torrent average falling down, but is not the much that I expect.. and isn't happening all the time.. some
times works some times not..

Here is classes statistics while running a ftp download and transmission at same time....
The download starts getting band and gaining speed,.. and the torrent slows down.. but
at some point torrent starts to get speed again and ftp download slows down

Code: Select all

class htb 1:10 parent 1:1 prio 0 rate 500000bit ceil 1000Kbit burst 1600b cburst 1600b
 Sent 880907 bytes 10625 pkt (dropped 0, overlimits 0 requeues 0)
 rate 10200bit 17pps backlog 0b 0p requeues 0
 lended: 10610 borrowed: 15 giants: 0
 tokens: 386000 ctokens: 193000

class htb 1:1 root rate 1000Kbit ceil 1000Kbit burst 1600b cburst 1600b
 Sent 3688203 bytes 38459 pkt (dropped 0, overlimits 0 requeues 0)
 rate 106936bit 115pps backlog 0b 0p requeues 0
 lended: 678 borrowed: 0 giants: 0
 tokens: 191000 ctokens: 191000

class htb 1:20 parent 1:1 prio 1 rate 500000bit ceil 1000Kbit burst 1600b cburst 1600b
 Sent 2807296 bytes 27834 pkt (dropped 0, overlimits 0 requeues 0)
 rate 96736bit 98pps backlog 0b 0p requeues 0
 lended: 27171 borrowed: 663 giants: 0
 tokens: 382000 ctokens: 191000

I think that I have miss concepts about HTB.. and that I have to tune my tc rules..

PaulBredbury · Post by **PaulBredbury** » Sun Jun 17, 2012 2:32 am

danielhilst wrote:ceil 1000Kbit

Remember, that value has to be *less* than your router's upload speed, to ensure that the output bottleneck is with your PC, rather than the router.

danielhilst · Post by **danielhilst** » Sun Jun 17, 2012 9:55 pm

Thanks... now it works :DDD
I've down my rate to 100kbit
I'll try to tune my numbers now

editing -- now that is working I will show here my gentoo configuration.... Thanks again PaulBredbury,
The idea is making torrents get the lower priority over everything..

Note that my interface user here is eth2, you should change it to your inferface... I'm using transmission-daemon,
so I can (with my route in dmz) access it web based interface from work and put new torrents do download

If you have not it installed you should install right now.. or you can adapt this solution for another client..
I have a 1mb band of internet.. you may change number to fit your speed

First I create two simple scripts, containing the QOS rules, I let it on /root for a while.. I'm a lazy guy...

/root/tc2.sh

Code: Select all

#!/bin/bash

test -z $1 && { echo "No interface, use: $0 <interface>"; exit 1; }

tc qdisc add dev $1 root handle 1: htb default 10
tc class add dev $1 parent 1: classid 1:1 htb rate 100kbit 
tc class add dev $1 parent 1:1 classid 1:10 htb rate 50kbit ceil 100kbit prio 0
tc class add dev $1 parent 1:1 classid 1:20 htb rate 50kbit ceil 100kbit prio 1

/root/tc2del.sh

Code: Select all

#!/bin/bash

test -z $1 && { echo "No interface, use: $0 <interface>"; exit 1; }
tc qdisc del dev $1 root handle 1: htb

Grant execution permission to that scripts..

Code: Select all

chmod +x /root/tc2{,del}.sh

Then I create a new init script, copy pasting from a sample, sure;;

/etc/init.d/qos-rules

Code: Select all

#!/sbin/runscript

interface=eth2

depend() {
        # the daemon needs the internet to function
	need iptables
        need net
}

start() {
        ebegin "Starting QOS Rules"
        /root/tc2.sh $interface
        eend $?
}

stop() {
        ebegin "Stopping QOS Rules"
        /root/tc2del.sh $interface
        eend $?
}
de

Grant execution permission here too

Code: Select all

chown +x /etc/init.d/qos-rules

Create iptables rules

Code: Select all

iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j CLASSIFY --set-class 1:20
iptables -t mangle -A POSTROUTING -m owner --uid-owner transmission -j RETURN

Save it

Code: Select all

/etc/init.d/iptables save

Make transmission use transmission user.. I don't know if this is made by default.. can any one confirm?
Edit /etc/conf.d/transmission-daemon and let runas_user variable as transmission

Code: Select all

runas_user=transmission

Put everything on default level

Code: Select all

rc-update add iptables default
rc-update add qos-rules default
rc-update add transmission-daemon default

Start everything, if not yet started

Code: Select all

/etc/init.d/qos-rules start
/etc/init.d/iptables start
/etc/init.d/transmission-daemon start

Test,
Go to localhost:9091, on your browser.. put some fine seeded torrents do download and wait for transmission get band
Go to ftp.kernel.org and start a kernel download.. this is what I use
You may see torrents speed falling down and download speed going up[/quote]

Cheers

danielhilst · Post by **danielhilst** » Wed Jun 20, 2012 12:42 pm

Now...

How can I improve the interactivity of my connections??

I'm having lag on ssh connections

Cheers

PaulBredbury · Post by **PaulBredbury** » Wed Jun 20, 2012 3:27 pm

See the config I posted - it prioritizes SSH traffic.

danielhilst · Post by **danielhilst** » Thu Jun 21, 2012 3:03 am

I see that you use SFT instead of pfifo, why??

Code: Select all

tc qdisc add dev $iface parent 1:$[$i*10] handle $[$i*10]: sfq perturb 10

I've set better interactivity giving more band to my default class..

Here is

Code: Select all

tc class add dev $1 parent 1:1 classid 1:10 htb rate 90kbit ceil 100kbit prio 0
tc class add dev $1 parent 1:1 classid 1:20 htb rate 10kbit ceil 100kbit prio 1

Cheers

PaulBredbury · Post by **PaulBredbury** » Thu Jun 21, 2012 4:11 am

Yeah, pfifo works too, and may be better for me.

AFAICT, specifying a rate makes sense with sfq perturb <n>, but I assume the rate is ignored with pfifo. If I set the rate low (e.g. 30kbit), it spams my log with:

Code: Select all

HTB: quantum of class 100n0 is small. Consider r2q change.

[SOLVED]QOS, prioritizing everything over torrent

[SOLVED]QOS, prioritizing everything over torrent

Re: QOS, prioritizing everything over torrent