我设法发现了一个有趣的问题:我没有得到适当的ipv4stream量的限制,而是与ipv6完美配合。
自从我阅读这篇文章后,这对我来说没什么意义: http : //lartc.org/howto/lartc.adv-filter.ipv6.html
我已经简化到下面的bash脚本来做我的限制:
#!/bin/bash set -x DOWNLINK=375 UPLINK=375 DEV=eth0 # clean existing down- and uplink qdiscs tc qdisc del dev $DEV root tc qdisc del dev $DEV ingress ###### uplink tc qdisc add dev $DEV root handle 1: htb default 20 # Add the classes tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbps ceil ${UPLINK}kbps tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbps ceil ${UPLINK}kbps prio 1 tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[9*$UPLINK/10]kbps ceil ${UPLINK}kbps prio 2 # both get Stochastic Fairness: tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10 # TOS Minimum Delay gets higher prio (interactive traffic, ie ssh) tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \ match ip tos 0x10 0xff flowid 1:10 # ICMP (ip protocol 1) in the interactive class 1:10 so we # can do measurements & impress our friends: tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \ match ip protocol 1 0xff flowid 1:10 # Add ack packets to the prio queue tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:10 ########## downlink ############# # attach ingress policer: tc qdisc add dev $DEV handle ffff: ingress # filter *everything* to it (0.0.0.0/0), drop everything that's # coming in too fast: tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \ 0.0.0.0/0 police rate ${DOWNLINK}kbps burst 10k drop flowid :1 这里是我正在使用的原始脚本,我无法正常工作:#!/ bin / bash set -x
#start over tc qdisc del dev eth0 handle ffff: ingress tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb default 30 tc class add dev eth0 parent 1: classid 1:1 htb rate 375kbps ceil 375kbps #This is for ports 22, 80, 873 and 3400 tc class add dev eth0 parent 1:1 classid 1:22 htb rate 50kbps tc class add dev eth0 parent 1:1 classid 1:80 htb rate 1kbps ceil 50kbps tc class add dev eth0 parent 1:1 classid 1:873 htb rate 1kbps ceil 50kbps tc class add dev eth0 parent 1:1 classid 1:3400 htb rate 25kbps ceil 50kbps # My default tc class add dev eth0 parent 1:1 classid 1:30 htb rate 25kbps ceil 25kbps tc qdisc add dev eth0 parent 1:22 handle 22: sfq perturb 10 tc qdisc add dev eth0 parent 1:80 handle 80: sfq perturb 10 tc qdisc add dev eth0 parent 1:873 handle 873: sfq perturb 10 tc qdisc add dev eth0 parent 1:3400 handle 3400: sfq perturb 10 tc qdisc add dev eth0 parent 1:30 handle 40: sfq perturb 10 # Port 80, 873, 3400 and 22 traffic tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 80 0xffff flowid 1:80 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 873 0xffff flowid 1:873 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 3400 0xffff flowid 1:3400 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 22 0xffff flowid 1:22 tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate 375kbps burst 10k drop flowid :1
有趣的是,我发现它们都工作正常仅用于IPv6连接 IPv4继续是UNRootTLED。
有趣的是,IPv4stream量出现在tc -s -d qdisc show dev eth0它只是没有形成或限制它。 (除了入口stream量,完美的stream量限制)
我只想说清楚,因为大多数人都有相反的问题。
Linux myserver.com 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
我正在运行IPv4和IPv6的双协议栈,并要求两者都是主动的。
任何build议或帮助如何得到这个工作在至lessipv4(更喜欢两个)?
tc -s -d -r filter show dev eth0可能会说更多关于哪些filter匹配。