From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 7B2FD3B2A4 for ; Fri, 19 Feb 2021 18:26:14 -0500 (EST) Received: by mail-il1-x12b.google.com with SMTP id m20so5872920ilj.13 for ; Fri, 19 Feb 2021 15:26:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=9KstHk62DWTtBZv/fVi/wnfq1zKtAORAgmPTL/Mbtqg=; b=WQW7er+4dyvB0tck/aU60rQAXJ1OJ8NXesytrmeBqQldPpPikr2W8X07LwUb9iXJiY nsRbxGB5OgkbYs9tEntfgH53hH5qC+h4GJSpTDgyoWVOyOvnS171BA9XKK3GDYjIf65O hygDrN75TjHTxSdwgw5vf0/WXeEzK8f2sk1PfJl3UnHy8bUIQG6zJHE11lK9VozZLqt3 mK4HqDk7Xpf+LfyZg1BDI7ccQjw8YdCho/+JEaJ8t+OuxZpAIhFFrMI7uWhqZO68jTgY u9s6pzSXBBYoh+7edumfNOJ+3PrNZWt2ZU0IhKb3hzk30Sqa2/Rt41V2G5xWCNJ09F5d Em0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=9KstHk62DWTtBZv/fVi/wnfq1zKtAORAgmPTL/Mbtqg=; b=a+WvNy5Leop04sFaHlJH1k1xujphZv7zHtMUPsL0pnNYnzaB1jLrmLtQP8zl7/hI8r 3e0WJQq9Rj4D6KzByyRDLJpb77u95/7BXewCBz/unt76FjnUZ2XHD8mI9RT6IdcfnJoZ b0aPaaOlH+L3FVvP/Hhw+ZqAJRMs9czXRg04+EJwBPnT1wSh12y4ZNPc1fpxH7Dc8xvy dROb5HDxoUkoQ8HoC31LCInWKgERiMUHLkmQqCe/CnpxU2t/lCsL2wB5wm4XvHbfhUtj eARuH2XHaj4v3rwW+75LyckxPV/r8J2CszrhmFfyj4PRFoTZ9gq5nHpx3Dj8In3/TUVC zVpQ== X-Gm-Message-State: AOAM530+p837BrnX7MeC9Pjnow/7kXNSUbs3YUANTLh4f1145jyWr6K+ 9tsB193djOWh1UlkFK72QuR0eTHo5d0tAA== X-Google-Smtp-Source: ABdhPJxcn4Bga43YpZwqI/y5Wn5qd8U6vrQG8Iwlky3EctvQHFSr3fYaEp18i4ii9svvSG20MDTGIw== X-Received: by 2002:a05:6e02:1bca:: with SMTP id x10mr5507297ilv.71.1613777173580; Fri, 19 Feb 2021 15:26:13 -0800 (PST) Received: from [192.168.2.45] ([75.9.254.211]) by smtp.gmail.com with ESMTPSA id i6sm7377047ilq.51.2021.02.19.15.26.12 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 19 Feb 2021 15:26:13 -0800 (PST) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Jeremy Marks Mime-Version: 1.0 (1.0) Date: Fri, 19 Feb 2021 17:26:12 -0600 Message-Id: <67767F38-CDB2-45C0-80A6-AAFF4ED75CBE@gmail.com> References: <406344b9-49af-54f0-15fd-a17c5f3b604c@sager.me.uk> Cc: cake@lists.bufferbloat.net In-Reply-To: <406344b9-49af-54f0-15fd-a17c5f3b604c@sager.me.uk> To: John Sager X-Mailer: iPhone Mail (18D52) Subject: Re: [Cake] Enforcing video quality question X-BeenThere: cake@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Cake - FQ_codel the next generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Feb 2021 23:26:14 -0000 Learning how to have this level of control on incoming traffic is really int= eresting. I would be very interested in a looking at an example script, if i= t is possible to attach a text file or a tiny instructive post on the CAKE s= ite.=20 On Feb 19, 2021, at 5:06 PM, John Sager wrote: =EF=BB=BFYou will need to specify the hosts explicitly, unless you can live w= ith them all sharing one bandwidth class. In that case if you have more than= one using bandwidth they would share the bandwidth in that class equally. I= assume from your original post that you want each host to be limited in ban= dwidth to a specific value, but to do that you need a class for each host in= the ingress HTB. What you probably need is a scheduler that has a limit per= flow up to an overall ceiling beyond which it shares equally. I'm not aware= that any of the schedulers do anything like that. John On 19/02/2021 20:33, Peter Lepeska wrote: > "I'll put together a toy iptables rules file and a toy script with the > necessary tc commands. " > Wow -- that would be really appreciated. Question: will you need to explic= itly call out the inside IP address of the host being shaped? Or, can it be s= et to shape each inside host? > I'm not sure you can post to mailing list but maybe give it a shot (since t= here may be general interest) and if it fails email me directly? > Thanks!!! > Peter > On Fri, Feb 19, 2021 at 2:04 PM John Sager > wrote: > Yes. The marks are set on egress so you can select on inside IP address= , > port, protocol - in fact many characteristics that iptables rules can t= est > for. I'll put together a toy iptables rules file and a toy script with t= he > necessary tc commands. It'll take me a few days though as I'm busy with= > other stuff currently. > PS does the cake list allow attachments? It will be a small zip file. > John > On 19/02/2021 15:02, Peter Lepeska wrote: > > Hi John > > > > Does this result in the ability to set per internal host max ingress= > > bandwidth? If so, any chance you can share a snippet of a script? I > will be > > trying to reproduce your setup. > > > > Thank you! > > > > Peter > > > > On Fri, Feb 19, 2021 at 7:16 AM John Sager > > >> wrote: > > > > That's basically what I do. I set marks on outgoing traffic in > the mangle > > table which are copied to connmark before egress. Then on ingres= s the > > connmark is restored to the packet and punted to ifb0 using 'act= ion > > connmark > > action mirred egress redirect dev $IFB' as an ingress filter on t= he > > incoming > > interface (ppp0 in my case). Then I have HTB classes on ifb0 > which set rate > > limits for different traffic classes indicated by the marks. I > have only 6 > > traffic classes (I bundle all video into one class), but as mark= s > are 32 > > bits wide there is lots of scope for classes for individual IP > addresses. > > > > John > > > > On 18/02/2021 19:28, Toke H=C3=B8iland-J=C3=B8rgensen via Cake w= rote: > > > Peter Lepeska >> > > writes: > > > > > >> A user on the OpenWrt forum suggested hashlimit rules > supported by > > >> iptables. How does that idea sound to you? > > > > > > That will result in a cliff-edge policer (i.e., as soon as a > device goes > > > over its limits it will see every packet get dropped). This > doesn't > > > interact too well with the burstiness of TCP, so you'll likel= y get > > > erratic behaviour of the traffic if you do that. Doing the > same thing > > > with HTB means the router will queue+shape each class (and > with FQ-CoDel > > > on the leaves, you'll get a nice AQM behaviour as well), so > that will be > > > smoother and less prone to bloat :) > > > > > > -Toke > > > _______________________________________________ > > > Cake mailing list > > > Cake@lists.bufferbloat.net > >= > > > https://lists.bufferbloat.net/listinfo/cake > > > > > _______________________________________________ > > Cake mailing list > > Cake@lists.bufferbloat.net > >= > > https://lists.bufferbloat.net/listinfo/cake > > _______________________________________________ Cake mailing list Cake@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cake