HTB traffic shaper - download speed degrade
0
I have Oracle Linux Server with latest kernel-3.8.13....
On server goes traffic shaping and some iptables rules.
Server have three Intel i350-T2 dual Gigabit network adapters. Cooperated by 3 interfaces to the bond interfaces.In summary 3Gbit uplink and 3Gbit look to our network (3Gbit throughput thru server).
Thru the server at this time working about 1600 users (or little more) from 13 different subnets which have different subnet masks /24 /25 /26 /27.
At peak time, download user traffic in summary takes not more than 2Gbit.
Memory is free. CPUs not loaded.
But users download speed is degrade at 2-3 times. Upload speed from users without problem, such as should be. Upload traffic take not more than 900Mbit. Ping at peak time does not grow.
I do not know where is problem. If I do HTB stop, users get big speed without problem. It shows what problem not in hardware or in uplink.
I can provide my full HTB config, but this is 19k lines. I was cut part from.
Who can help to correct or to find mistake??
I'm not HTB rule master :)
#!/bin/sh
TC=/sbin/tc
FI=be
# some general initialization
$TC qdisc del dev bond0 root 2>/dev/null
$TC qdisc del dev bond1 root 2>/dev/null
# qdisc root
$TC qdisc add dev bond0 root handle 1: htb default ${FI}fe r2q 10
$TC qdisc add dev bond1 root handle 1: htb default ${FI}fe r2q 10
#
###############################################################################
# bond0 (downstream) our network side
###############################################################################
#
DEV=bond0
#
#
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
#
# 90.90.247.193 - server IP on interface bond1 to the upper provider.
# 10.10.10.49 - server IP on interface bond0 look to the our network side.
#
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by dst address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 16
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 16
link 2:
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 10.10.10.49/255.255.255.255
hashkey mask 0x000000ff at 16
link 2:
# Local Traffic TO/FROM server
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}10 htb rate 25Mbit prio 10
$TC qdisc add dev $DEV parent 1:${FI}10 handle 0x${FI}10 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:31: match ip src 10.10.10.49 classid 1:${FI}10
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip dst 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip dst 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip dst 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip dst 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip dst 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip dst 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip dst 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip dst 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip dst 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip dst 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip dst 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip dst 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip dst 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip dst 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip dst 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip dst 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip dst 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip dst 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip dst 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip dst 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip dst 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip dst 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip dst 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip dst 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip dst 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip dst 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip dst 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip dst 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip dst 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip dst 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip dst 90.90.247.219 classid 1:${FI}20
# p2p limit
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip dst 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip dst 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip dst 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip dst 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip dst 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip dst 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip dst 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip dst 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 21504Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip dst 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip dst 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip dst 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip dst 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip dst 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip dst 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
#
###############################################################################
# bond1 (upstream) uplink to the upper provider
###############################################################################
#
DEV=bond1
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by src address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 12
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 12
link 2:
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip src 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip src 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip src 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip src 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip src 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip src 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip src 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip src 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip src 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip src 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip src 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip src 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip src 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip src 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip src 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip src 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip src 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip src 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip src 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip src 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip src 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip src 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip src 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip src 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip src 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip src 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c2: match ip src 90.90.247.194 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c3: match ip src 90.90.247.195 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c4: match ip src 90.90.247.196 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c5: match ip src 90.90.247.197 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c6: match ip src 90.90.247.198 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c7: match ip src 90.90.247.199 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c8: match ip src 90.90.247.200 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c9: match ip src 90.90.247.201 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ca: match ip src 90.90.247.202 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cb: match ip src 90.90.247.203 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cc: match ip src 90.90.247.204 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cd: match ip src 90.90.247.205 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ce: match ip src 90.90.247.206 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cf: match ip src 90.90.247.207 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip src 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip src 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip src 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip src 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip src 90.90.247.219 classid 1:${FI}20
# p2p
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip src 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip src 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip src 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip src 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip src 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip src 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip src 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip src 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip src 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip src 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip src 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip src 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip src 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip src 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
oracle-linux tc
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
add a comment |
0
I have Oracle Linux Server with latest kernel-3.8.13....
On server goes traffic shaping and some iptables rules.
Server have three Intel i350-T2 dual Gigabit network adapters. Cooperated by 3 interfaces to the bond interfaces.In summary 3Gbit uplink and 3Gbit look to our network (3Gbit throughput thru server).
Thru the server at this time working about 1600 users (or little more) from 13 different subnets which have different subnet masks /24 /25 /26 /27.
At peak time, download user traffic in summary takes not more than 2Gbit.
Memory is free. CPUs not loaded.
But users download speed is degrade at 2-3 times. Upload speed from users without problem, such as should be. Upload traffic take not more than 900Mbit. Ping at peak time does not grow.
I do not know where is problem. If I do HTB stop, users get big speed without problem. It shows what problem not in hardware or in uplink.
I can provide my full HTB config, but this is 19k lines. I was cut part from.
Who can help to correct or to find mistake??
I'm not HTB rule master :)
#!/bin/sh
TC=/sbin/tc
FI=be
# some general initialization
$TC qdisc del dev bond0 root 2>/dev/null
$TC qdisc del dev bond1 root 2>/dev/null
# qdisc root
$TC qdisc add dev bond0 root handle 1: htb default ${FI}fe r2q 10
$TC qdisc add dev bond1 root handle 1: htb default ${FI}fe r2q 10
#
###############################################################################
# bond0 (downstream) our network side
###############################################################################
#
DEV=bond0
#
#
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
#
# 90.90.247.193 - server IP on interface bond1 to the upper provider.
# 10.10.10.49 - server IP on interface bond0 look to the our network side.
#
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by dst address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 16
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 16
link 2:
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 10.10.10.49/255.255.255.255
hashkey mask 0x000000ff at 16
link 2:
# Local Traffic TO/FROM server
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}10 htb rate 25Mbit prio 10
$TC qdisc add dev $DEV parent 1:${FI}10 handle 0x${FI}10 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:31: match ip src 10.10.10.49 classid 1:${FI}10
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip dst 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip dst 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip dst 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip dst 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip dst 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip dst 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip dst 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip dst 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip dst 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip dst 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip dst 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip dst 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip dst 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip dst 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip dst 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip dst 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip dst 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip dst 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip dst 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip dst 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip dst 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip dst 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip dst 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip dst 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip dst 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip dst 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip dst 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip dst 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip dst 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip dst 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip dst 90.90.247.219 classid 1:${FI}20
# p2p limit
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip dst 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip dst 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip dst 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip dst 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip dst 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip dst 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip dst 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip dst 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 21504Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip dst 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip dst 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip dst 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip dst 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip dst 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip dst 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
#
###############################################################################
# bond1 (upstream) uplink to the upper provider
###############################################################################
#
DEV=bond1
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by src address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 12
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 12
link 2:
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip src 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip src 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip src 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip src 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip src 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip src 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip src 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip src 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip src 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip src 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip src 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip src 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip src 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip src 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip src 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip src 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip src 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip src 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip src 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip src 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip src 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip src 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip src 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip src 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip src 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip src 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c2: match ip src 90.90.247.194 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c3: match ip src 90.90.247.195 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c4: match ip src 90.90.247.196 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c5: match ip src 90.90.247.197 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c6: match ip src 90.90.247.198 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c7: match ip src 90.90.247.199 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c8: match ip src 90.90.247.200 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c9: match ip src 90.90.247.201 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ca: match ip src 90.90.247.202 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cb: match ip src 90.90.247.203 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cc: match ip src 90.90.247.204 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cd: match ip src 90.90.247.205 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ce: match ip src 90.90.247.206 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cf: match ip src 90.90.247.207 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip src 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip src 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip src 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip src 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip src 90.90.247.219 classid 1:${FI}20
# p2p
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip src 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip src 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip src 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip src 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip src 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip src 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip src 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip src 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip src 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip src 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip src 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip src 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip src 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip src 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
oracle-linux tc
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27
add a comment |
0
0
0
I have Oracle Linux Server with latest kernel-3.8.13....
On server goes traffic shaping and some iptables rules.
Server have three Intel i350-T2 dual Gigabit network adapters. Cooperated by 3 interfaces to the bond interfaces.In summary 3Gbit uplink and 3Gbit look to our network (3Gbit throughput thru server).
Thru the server at this time working about 1600 users (or little more) from 13 different subnets which have different subnet masks /24 /25 /26 /27.
At peak time, download user traffic in summary takes not more than 2Gbit.
Memory is free. CPUs not loaded.
But users download speed is degrade at 2-3 times. Upload speed from users without problem, such as should be. Upload traffic take not more than 900Mbit. Ping at peak time does not grow.
I do not know where is problem. If I do HTB stop, users get big speed without problem. It shows what problem not in hardware or in uplink.
I can provide my full HTB config, but this is 19k lines. I was cut part from.
Who can help to correct or to find mistake??
I'm not HTB rule master :)
#!/bin/sh
TC=/sbin/tc
FI=be
# some general initialization
$TC qdisc del dev bond0 root 2>/dev/null
$TC qdisc del dev bond1 root 2>/dev/null
# qdisc root
$TC qdisc add dev bond0 root handle 1: htb default ${FI}fe r2q 10
$TC qdisc add dev bond1 root handle 1: htb default ${FI}fe r2q 10
#
###############################################################################
# bond0 (downstream) our network side
###############################################################################
#
DEV=bond0
#
#
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
#
# 90.90.247.193 - server IP on interface bond1 to the upper provider.
# 10.10.10.49 - server IP on interface bond0 look to the our network side.
#
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by dst address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 16
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 16
link 2:
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 10.10.10.49/255.255.255.255
hashkey mask 0x000000ff at 16
link 2:
# Local Traffic TO/FROM server
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}10 htb rate 25Mbit prio 10
$TC qdisc add dev $DEV parent 1:${FI}10 handle 0x${FI}10 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:31: match ip src 10.10.10.49 classid 1:${FI}10
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip dst 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip dst 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip dst 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip dst 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip dst 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip dst 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip dst 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip dst 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip dst 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip dst 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip dst 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip dst 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip dst 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip dst 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip dst 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip dst 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip dst 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip dst 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip dst 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip dst 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip dst 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip dst 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip dst 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip dst 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip dst 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip dst 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip dst 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip dst 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip dst 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip dst 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip dst 90.90.247.219 classid 1:${FI}20
# p2p limit
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip dst 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip dst 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip dst 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip dst 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip dst 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip dst 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip dst 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip dst 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 21504Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip dst 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip dst 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip dst 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip dst 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip dst 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip dst 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
#
###############################################################################
# bond1 (upstream) uplink to the upper provider
###############################################################################
#
DEV=bond1
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by src address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 12
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 12
link 2:
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip src 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip src 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip src 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip src 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip src 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip src 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip src 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip src 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip src 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip src 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip src 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip src 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip src 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip src 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip src 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip src 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip src 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip src 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip src 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip src 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip src 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip src 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip src 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip src 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip src 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip src 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c2: match ip src 90.90.247.194 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c3: match ip src 90.90.247.195 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c4: match ip src 90.90.247.196 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c5: match ip src 90.90.247.197 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c6: match ip src 90.90.247.198 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c7: match ip src 90.90.247.199 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c8: match ip src 90.90.247.200 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c9: match ip src 90.90.247.201 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ca: match ip src 90.90.247.202 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cb: match ip src 90.90.247.203 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cc: match ip src 90.90.247.204 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cd: match ip src 90.90.247.205 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ce: match ip src 90.90.247.206 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cf: match ip src 90.90.247.207 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip src 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip src 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip src 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip src 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip src 90.90.247.219 classid 1:${FI}20
# p2p
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip src 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip src 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip src 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip src 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip src 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip src 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip src 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip src 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip src 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip src 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip src 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip src 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip src 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip src 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
oracle-linux tc
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
I have Oracle Linux Server with latest kernel-3.8.13....
On server goes traffic shaping and some iptables rules.
Server have three Intel i350-T2 dual Gigabit network adapters. Cooperated by 3 interfaces to the bond interfaces.In summary 3Gbit uplink and 3Gbit look to our network (3Gbit throughput thru server).
Thru the server at this time working about 1600 users (or little more) from 13 different subnets which have different subnet masks /24 /25 /26 /27.
At peak time, download user traffic in summary takes not more than 2Gbit.
Memory is free. CPUs not loaded.
But users download speed is degrade at 2-3 times. Upload speed from users without problem, such as should be. Upload traffic take not more than 900Mbit. Ping at peak time does not grow.
I do not know where is problem. If I do HTB stop, users get big speed without problem. It shows what problem not in hardware or in uplink.
I can provide my full HTB config, but this is 19k lines. I was cut part from.
Who can help to correct or to find mistake??
I'm not HTB rule master :)
#!/bin/sh
TC=/sbin/tc
FI=be
# some general initialization
$TC qdisc del dev bond0 root 2>/dev/null
$TC qdisc del dev bond1 root 2>/dev/null
# qdisc root
$TC qdisc add dev bond0 root handle 1: htb default ${FI}fe r2q 10
$TC qdisc add dev bond1 root handle 1: htb default ${FI}fe r2q 10
#
###############################################################################
# bond0 (downstream) our network side
###############################################################################
#
DEV=bond0
#
#
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
#
# 90.90.247.193 - server IP on interface bond1 to the upper provider.
# 10.10.10.49 - server IP on interface bond0 look to the our network side.
#
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by dst address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 16
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip dst 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 16
link 2:
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 10.10.10.49/255.255.255.255
hashkey mask 0x000000ff at 16
link 2:
# Local Traffic TO/FROM server
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}10 htb rate 25Mbit prio 10
$TC qdisc add dev $DEV parent 1:${FI}10 handle 0x${FI}10 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:31: match ip src 10.10.10.49 classid 1:${FI}10
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip dst 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip dst 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip dst 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip dst 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip dst 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip dst 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip dst 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip dst 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip dst 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip dst 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip dst 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip dst 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip dst 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip dst 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip dst 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip dst 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip dst 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip dst 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip dst 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip dst 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip dst 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip dst 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip dst 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip dst 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip dst 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip dst 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip dst 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip dst 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip dst 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip dst 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip dst 90.90.247.219 classid 1:${FI}20
# p2p limit
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip dst 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip dst 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip dst 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip dst 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip dst 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip dst 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip dst 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip dst 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 21504Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip dst 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip dst 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip dst 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip dst 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip dst 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip dst 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip dst 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip dst 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip dst 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip dst 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip dst 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip dst 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip dst 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
#
###############################################################################
# bond1 (upstream) uplink to the upper provider
###############################################################################
#
DEV=bond1
# htb root class
$TC class add dev $DEV parent 1: classid 1:${FI}01 htb rate 3Gbit
# making hash table for fast clients filtering, max table size is 256 entries
$TC filter add dev $DEV parent 1: prio 100 protocol ip u32
$TC filter add dev $DEV parent 1: prio 100 handle 2: protocol ip u32 divisor 256
# (not all subnets of this network mask working thru this server)
# filtering traffic to hashing tables by src address
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 90.90.240.0/255.255.240.0
hashkey mask 0x000000ff at 12
link 2:
# (not all subnets of this network mask working thru this server)
$TC filter add dev $DEV protocol ip parent 1: prio 100 u32 ht 800::
match ip src 75.85.176.0/255.255.252.0
hashkey mask 0x000000ff at 12
link 2:
# For System Subnet
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}20 htb rate 512Mbit prio 8
$TC qdisc add dev $DEV parent 1:${FI}20 handle 0x${FI}20 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e1: match ip src 90.90.247.225 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e2: match ip src 90.90.247.226 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e3: match ip src 90.90.247.227 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e4: match ip src 90.90.247.228 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e5: match ip src 90.90.247.229 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e6: match ip src 90.90.247.230 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e7: match ip src 90.90.247.231 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e8: match ip src 90.90.247.232 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.247.233 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ea: match ip src 90.90.247.234 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:eb: match ip src 90.90.247.235 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ec: match ip src 90.90.247.236 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ed: match ip src 90.90.247.237 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 90.90.247.238 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ef: match ip src 90.90.247.239 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f0: match ip src 90.90.247.240 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 90.90.247.241 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f2: match ip src 90.90.247.242 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 90.90.247.243 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 90.90.247.244 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f5: match ip src 90.90.247.245 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f6: match ip src 90.90.247.246 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f7: match ip src 90.90.247.247 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f8: match ip src 90.90.247.248 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f9: match ip src 90.90.247.249 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fa: match ip src 90.90.247.250 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fb: match ip src 90.90.247.251 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fc: match ip src 90.90.247.252 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fd: match ip src 90.90.247.253 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:fe: match ip src 90.90.247.254 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ff: match ip src 90.90.247.255 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c1: match ip src 90.90.247.193 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c2: match ip src 90.90.247.194 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c3: match ip src 90.90.247.195 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c4: match ip src 90.90.247.196 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c5: match ip src 90.90.247.197 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c6: match ip src 90.90.247.198 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c7: match ip src 90.90.247.199 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c8: match ip src 90.90.247.200 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:c9: match ip src 90.90.247.201 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ca: match ip src 90.90.247.202 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cb: match ip src 90.90.247.203 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cc: match ip src 90.90.247.204 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cd: match ip src 90.90.247.205 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ce: match ip src 90.90.247.206 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:cf: match ip src 90.90.247.207 classid 1:${FI}20
#
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d7: match ip src 90.90.247.215 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d8: match ip src 90.90.247.216 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:d9: match ip src 90.90.247.217 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:da: match ip src 90.90.247.218 classid 1:${FI}20
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:db: match ip src 90.90.247.219 classid 1:${FI}20
# p2p
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}30 htb rate 2Mbit
$TC qdisc add dev $DEV parent 1:${FI}30 handle 0x${FI}30 sfq perturb 10
$TC filter add dev $DEV parent 1:0 protocol ip prio 110 handle 0xffffff fw classid 1:${FI}30
#
# Users
#
#
# client: 90.90.243.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:f32c htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f32c handle 0xf32c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 90.90.243.44 classid 1:f32c
# client: 90.90.241.177
$TC class add dev $DEV parent 1:${FI}01 classid 1:f1b1 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f1b1 handle 0xf1b1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b1: match ip src 90.90.241.177 classid 1:f1b1
# client: 90.90.241.7
$TC class add dev $DEV parent 1:${FI}01 classid 1:f107 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f107 handle 0xf107 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:07: match ip src 90.90.241.7 classid 1:f107
# client: 90.90.241.116
$TC class add dev $DEV parent 1:${FI}01 classid 1:f174 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f174 handle 0xf174 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:74: match ip src 90.90.241.116 classid 1:f174
# client: 90.90.241.128
$TC class add dev $DEV parent 1:${FI}01 classid 1:f180 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f180 handle 0xf180 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:80: match ip src 90.90.241.128 classid 1:f180
# client: 90.90.241.19
$TC class add dev $DEV parent 1:${FI}01 classid 1:f113 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f113 handle 0xf113 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:13: match ip src 90.90.241.19 classid 1:f113
# client: 90.90.244.4
$TC class add dev $DEV parent 1:${FI}01 classid 1:f404 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f404 handle 0xf404 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:04: match ip src 90.90.244.4 classid 1:f404
# client: 90.90.241.107
$TC class add dev $DEV parent 1:${FI}01 classid 1:f16b htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f16b handle 0xf16b pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:6b: match ip src 90.90.241.107 classid 1:f16b
# client: 90.90.241.29
$TC class add dev $DEV parent 1:${FI}01 classid 1:f11d htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:f11d handle 0xf11d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:1d: match ip src 90.90.241.29 classid 1:f11d
#........
############## CUT ###############
#........
# client: 75.85.176.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0e9 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0e9 handle 0xb0e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 75.85.176.233 classid 1:b0e9
# client: 75.85.178.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22d handle 0xb22d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.178.45 classid 1:b22d
# client: 75.85.178.42
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22a htb rate 11264Kbit
$TC qdisc add dev $DEV parent 1:b22a handle 0xb22a pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2a: match ip src 75.85.178.42 classid 1:b22a
# client: 75.85.176.182
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0b6 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0b6 handle 0xb0b6 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:b6: match ip src 75.85.176.182 classid 1:b0b6
# client: 90.90.240.153
$TC class add dev $DEV parent 1:${FI}01 classid 1:f099 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f099 handle 0xf099 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:99: match ip src 90.90.240.153 classid 1:f099
# client: 75.85.176.241
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f1 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b0f1 handle 0xb0f1 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f1: match ip src 75.85.176.241 classid 1:b0f1
# client: 75.85.176.238
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0ee htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0ee handle 0xb0ee pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:ee: match ip src 75.85.176.238 classid 1:b0ee
# client: 75.85.178.44
$TC class add dev $DEV parent 1:${FI}01 classid 1:b22c htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b22c handle 0xb22c pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2c: match ip src 75.85.178.44 classid 1:b22c
# client: 75.85.176.100
$TC class add dev $DEV parent 1:${FI}01 classid 1:b064 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b064 handle 0xb064 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:64: match ip src 75.85.176.100 classid 1:b064
# client: 75.85.176.45
$TC class add dev $DEV parent 1:${FI}01 classid 1:b02d htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b02d handle 0xb02d pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:2d: match ip src 75.85.176.45 classid 1:b02d
# client: 90.90.244.233
$TC class add dev $DEV parent 1:${FI}01 classid 1:f4e9 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:f4e9 handle 0xf4e9 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:e9: match ip src 90.90.244.233 classid 1:f4e9
# client: 75.85.176.244
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f4 htb rate 41984Kbit
$TC qdisc add dev $DEV parent 1:b0f4 handle 0xb0f4 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f4: match ip src 75.85.176.244 classid 1:b0f4
# client: 75.85.176.135
$TC class add dev $DEV parent 1:${FI}01 classid 1:b087 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:b087 handle 0xb087 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:87: match ip src 75.85.176.135 classid 1:b087
# client: 90.90.247.84
$TC class add dev $DEV parent 1:${FI}01 classid 1:f754 htb rate 6144Kbit
$TC qdisc add dev $DEV parent 1:f754 handle 0xf754 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:54: match ip src 90.90.247.84 classid 1:f754
# client: 75.85.176.243
$TC class add dev $DEV parent 1:${FI}01 classid 1:b0f3 htb rate 62464Kbit
$TC qdisc add dev $DEV parent 1:b0f3 handle 0xb0f3 pfifo limit 60
$TC filter add dev $DEV parent 1:0 protocol ip prio 100 u32 ht 2:f3: match ip src 75.85.176.243 classid 1:b0f3
#
# default class (all unclassified traffic goes here)
$TC class add dev $DEV parent 1:${FI}01 classid 1:${FI}fe htb rate 3Mbit prio 5
$TC qdisc add dev $DEV parent 1:${FI}fe handle 0x${FI}fe sfq perturb 10
oracle-linux tc
oracle-linux tc
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
edited Dec 16 at 22:05
Rui F Ribeiro
38.9k1479129
38.9k1479129
asked Oct 12 '17 at 22:08
user255360
12
asked Oct 12 '17 at 22:08
user255360
12
asked Oct 12 '17 at 22:08
user255360
12
12
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27
add a comment |
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27
add a comment |
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f397817%2fhtb-traffic-shaper-download-speed-degrade%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f397817%2fhtb-traffic-shaper-download-speed-degrade%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I might suspect several things, too long to make a list here. however I would try pf+freebsd, or even 2 openbsd+pf in a cluster setting. Do not try to do it in pf ip by ip, do it only to the whole network. Hopefully you are talking about server grade hw, right? whist I believe that rightly tuned contemporary hw will manage this kind of traffic, for a non-expert it might be time of thinking about big iron, for instance Cisco or Netenforcer hw.
– Rui F Ribeiro
Oct 21 '17 at 20:35
btw. your limitation is not cpu. what out for interrupts associated with the NICs.
– Rui F Ribeiro
Oct 22 '17 at 9:48
No, I have no hw degrade. Because if I do HTB stop, my hardware troughtput more traffic thru network adapters.
– user255360
Oct 22 '17 at 14:02
There are many things at play here. From the different layer you might be delaying in one situation or the other, from the different computational needs, from dealing with queueus/delayed packets, from dealing or not with offloading in the NIC not forgetting the effectiveness of the tools you are using (linux kernel) vs the speed
– Rui F Ribeiro
Oct 22 '17 at 15:05
generic-segmentation-offload: off generic-receive-offload: off large-receive-offload: off rx-vlan-offload: off tx-vlan-offload: off ntuple-filters: off [fixed] receive-hashing: off highdma: on [fixed] rx-vlan-filter: on [fixed] vlan-challenged: off [fixed] tx-lockless: off [fixed] netns-local: off [fixed] tx-gso-robust: off [fixed] tx-fcoe-segmentation: off [fixed] fcoe-mtu: off [fixed] tx-nocache-copy: on loopback: off [fixed] rx-fcs: off [fixed] rx-all: off [fixed]
– user255360
Oct 22 '17 at 21:27