From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HdTpV-0002fq-Gf for garchives@archives.gentoo.org; Mon, 16 Apr 2007 16:13:25 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l3GGBNOo001993; Mon, 16 Apr 2007 16:11:23 GMT Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.228]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l3GG0500014042 for ; Mon, 16 Apr 2007 16:00:06 GMT Received: by nz-out-0506.google.com with SMTP id s1so1208204nze for ; Mon, 16 Apr 2007 09:00:05 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=DDVA1DMZAE+IySIxrGNUfBV4sp+8J04Bodn4DE1FH31MxL6bgAJ2oaMvh9NWjcXJZ4vL3/f/YfBUzctq1sUyYcfu9oI4J7/RHG/rKGsPIA+bHLKsySnmviLB0fjn5O2FR+T+NwNU7VRYnUjLcwZusJhCIZzkU6xB9Zfzqhz5bo0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ouY0wJ8k0k0APK+8PlUDWEMrmi00dlYsRisGzMiwDXyAJipeBhwqleR8lJr5A/Hqq0Z95ignzsEL/yA8pIR1A9aXZoUwHLLRFGhbgCk1L/5N2d6i5G5I0AseE3THOgeI5FoKxtRP9+69oE5Dj8DRA0cMHQzdXz6VoeeipDfeaLY= Received: by 10.114.198.1 with SMTP id v1mr1965976waf.1176739204926; Mon, 16 Apr 2007 09:00:04 -0700 (PDT) Received: by 10.114.174.18 with HTTP; Mon, 16 Apr 2007 09:00:04 -0700 (PDT) Message-ID: <49bf44f10704160900m65f3e8beh5a044d38d8761a1d@mail.gmail.com> Date: Mon, 16 Apr 2007 09:00:04 -0700 From: Grant To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Packet Shaping In-Reply-To: <20070414190735.cd7f1b58.hilse@web.de> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <49bf44f10704131124o33353cc6xa5de097eba5fb052@mail.gmail.com> <20070413210444.acbef9ac.hilse@web.de> <49bf44f10704140837q4cfe2498ie065d7a608023f79@mail.gmail.com> <20070414190735.cd7f1b58.hilse@web.de> X-Archives-Salt: 57417384-bb5e-4146-8c46-fff7f6aab469 X-Archives-Hash: b44c947465b2f2699084b77120466a7f > > After a lot of testing, these numbers seem to give me the best > > performance as far as bittorrent download speed. > > How can that be? Is DOWNLINK my upload and UPLINK my download? > > Hm, usually not. Are you by chance shaping the internal (i.e. LAN) > interface on a router? Then, of course, it would make sense (except > from the fact that shaping your actual bottle neck, i.e. Internet > connection, would make more sense). Thanks a lot for that. I switched the interface to eth0 and reversed the DOWNLINK and UPLINK values. > > I tried to define the bittorrent ports as a low priority like this: > > NOPRIOPORTSRC=6881:6999 > > NOPRIOPORTDST=6881:6999 > > > > but I get this when restarting shorewall: > > Illegal "match" > > In the wshaper source, the action happens here (and the same for *DST): > ---snip > for a in $NOPRIOPORTSRC > do > tc filter add dev $DEV parent 1: protocol ip prio 15 u32 \ > match ip sport $a 0xffff flowid 1:30 > done > ---snip > > In this configuration, it expects a shell-separatable list of ports, > i.e. separated by whitespace. It will create a rule for each one. > > The dirty, easy way: > | NOPRIOPORTSRC=$(seq 6881 6999) > | NOPRIOPORTDST=$NOPRIOPORTSRC > > But I would rather extend wshaper by another (custom) line and dump your > NOPRIOPORT*-settings. > > The syntax is "match ip sport PATTERN MASK". The port of an incoming > packet is AND'ed w/ the MASK and compared to the PATTERN. > > e.g. "match ip sport 6880 0xffe0" would match 6880-6911, a further > "match ip sport 6912 0xffc0" would match 6912-6975. > > The advantage of this is simply speed/CPU cycles. Alternatively, you > could just use iptables to mark your packets (which probably means even > more precious CPU cycles). The wshaper script, however, doesn't use > iptables. I switched to wshaper from wshaper.htb and now ssh and browsing seem a lot more responsive. Could that be because I'm missing something in my kernel that I need for htb? I don't get any errors when restarting the firewall. One other thing is if I don't limit the upload rate within my bittorrent client, it really goes nuts and everything else suffers. I don't see how that's possible with UPLINK and the bittorrent source and destination ports defined. What I'd really like to do is limit the bittorrent upload rate so Verizon doesn't throttle my connection. Can I do that with The Wonder Shaper without limiting the total upload rate? I don't trust the bittorrent clients I use to limit it. - Grant -- gentoo-user@gentoo.org mailing list