tozi sait e za optimizirane mrejata
Wse pak edin ot nachinite za sprawianeto s probleme se okaza:
1. Nastroiwane na Bit cometa - mahat se awtomatichnite nastroiki i se slagat nekoi po normalnim kato naprimer zadaden broi TCP conekcii i wsicko koeto precenite.
2 W traffic shapera se izpolzwa SFQ
za pomost
http://gentoo-wiki.com/HOWTO_Packet_Shaping3. Izpolzwam layer7 za kasificirane na paketite
a towa sa mi scriptowete koito mogat da sa ot pomost na koito se sblaska sas satia problem:
#!/bin/sh
IP1="10.0.54.70"
IP2="10.0.54.32"
IPTABLES="/sbin/iptables"
$IPTABLES -t mangle -F
$IPTABLES -t mangle -A INPUT -j TTL --ttl-set 128
$IPTABLES -t mangle -A OUTPUT -j TTL --ttl-set 128
$IPTABLES -t mangle -A PREROUTING -j TTL --ttl-set 128
$IPTABLES -A PREROUTING -t mangle -s $IP1 -j MARK --set-mark 10
$IPTABLES -A POSTROUTING -t mangle -d $IP1 -j MARK --set-mark 10
$IPTABLES -A PREROUTING -t mangle -s $IP2 -j MARK --set-mark 20
$IPTABLES -A POSTROUTING -t mangle -d $IP2 -j MARK --set-mark 20
$IPTABLES -A FORWARD -t mangle -p icmp -j MARK --set-mark 40
$IPTABLES -A OUTPUT -t mangle -p icmp -j MARK --set-mark 40
$IPTABLES -A INPUT -t mangle -p icmp -j MARK --set-mark 40
$IPTABLES -A FORWARD -t mangle -p tcp --dport 222 -j MARK --set-mark 30
$IPTABLES -A OUTPUT -t mangle -p tcp --dport 222 -j MARK --set-mark 30
$IPTABLES -A INPUT -t mangle -p tcp --dport 222 -j MARK --set-mark 30
$IPTABLES -A POSTROUTING -t mangle -m layer7 --l7proto bittorrent -j MARK --set-mark 100
$IPTABLES -A PREROUTING -t mangle -m layer7 --l7proto bittorrent -j MARK --set-mark 100
UCEIL=2000kbit
USPEED1=128kbit
USPEED2=128kbit
USPEED3=128kbit
USPEED4=128kbit
UMAX1=256kbit
UMAX2=256kbit
UMAX3=256kbit
UMAX4=256kbit
DCEIL=2022kbit
DSPEED1=1000kbit
DSPEED2=256kbit
DSPEED3=256kbit
DSPEED4=64kbit
DMAX1=2000kbit
DMAX2=512kbit
DMAX3=512kbit
DMAX4=1500kbit
#CLEAR
INTERNAL="eth0"
EXTERNAL="eth1"
tc qdisc del dev $INTERNAL root
tc qdisc del dev $EXTERNAL root
#UP
tc qdisc add dev $EXTERNAL root handle 10: htb default 100
tc class add dev $EXTERNAL parent 10: classid 10:99 htb rate $UCEIL ceil $UCEIL
tc class add dev $EXTERNAL parent 10:99 classid 10:1 htb rate $USPEED1 ceil $UMAX1 burst 2kbit prio 1
tc class add dev $EXTERNAL parent 10:99 classid 10:2 htb rate $USPEED2 ceil $UMAX2 burst 2kbit prio 2
tc class add dev $EXTERNAL parent 10:99 classid 10:3 htb rate $USPEED2 ceil $UMAX2 burst 2kbit prio 2
tc class add dev $EXTERNAL parent 10:99 classid 10:4 htb rate $USPEED2 ceil $UMAX2 burst 2kbit prio 2
tc class add dev $EXTERNAL parent 10:99 classid 10:100 htb rate $USPEED4 ceil $UMAX4 burst 2kbit prio 4
tc filter add dev $EXTERNAL protocol ip parent 10: prio 3 handle 10 fw flowid 10:1
tc filter add dev $EXTERNAL protocol ip parent 10: prio 3 handle 20 fw flowid 10:2
tc filter add dev $EXTERNAL protocol ip parent 10: prio 3 handle 30 fw flowid 10:3
tc filter add dev $EXTERNAL protocol ip parent 10: prio 3 handle 40 fw flowid 10:4
tc filter add dev $EXTERNAL protocol ip parent 10: prio 4 handle 100 fw flowid 10:100
tc qdisc add dev $EXTERNAL parent 10:1 sfq perturb 10 quantum 12187
tc qdisc add dev $EXTERNAL parent 10:2 sfq perturb 10 quantum 12187
tc qdisc add dev $EXTERNAL parent 10:3 sfq perturb 10 quantum 12187
tc qdisc add dev $EXTERNAL parent 10:4 sfq perturb 10 quantum 12187
tc qdisc add dev $EXTERNAL parent 10:100 sfq perturb 10 quantum 1500
#DOWN
tc qdisc add dev $INTERNAL root handle 10: htb default 100
tc class add dev $INTERNAL parent 10: classid 10:99 htb rate $DCEIL ceil $DCEIL
tc class add dev $INTERNAL parent 10:99 classid 10:1 htb rate $DSPEED1 ceil $DMAX1 burst 2kbit prio 1
tc class add dev $INTERNAL parent 10:99 classid 10:2 htb rate $DSPEED2 ceil $DMAX2 burst 2kbit prio 2
tc class add dev $INTERNAL parent 10:99 classid 10:3 htb rate $DSPEED2 ceil $DMAX2 burst 2kbit prio 2
tc class add dev $INTERNAL parent 10:99 classid 10:4 htb rate $DSPEED2 ceil $DMAX2 burst 2kbit prio 2
tc class add dev $INTERNAL parent 10:99 classid 10:100 htb rate $DSPEED4 ceil $DMAX4 burst 2kbit prio 4
tc filter add dev $INTERNAL protocol ip parent 10: prio 3 handle 10 fw flowid 10:1
tc filter add dev $INTERNAL protocol ip parent 10: prio 3 handle 20 fw flowid 10:2
tc filter add dev $INTERNAL protocol ip parent 10: prio 3 handle 30 fw flowid 10:3
tc filter add dev $INTERNAL protocol ip parent 10: prio 3 handle 40 fw flowid 10:4
tc filter add dev $INTERNAL protocol ip parent 10: prio 4 handle 100 fw flowid 10:100
tc qdisc add dev $INTERNAL parent 10:1 sfq perturb 10 quantum 12187
tc qdisc add dev $INTERNAL parent 10:2 sfq perturb 10 quantum 12187
tc qdisc add dev $INTERNAL parent 10:3 sfq perturb 10 quantum 12187
tc qdisc add dev $INTERNAL parent 10:4 sfq perturb 10 quantum 12187
tc qdisc add dev $INTERNAL parent 10:100 sfq perturb 10 quantum 1500
ako nekoi ima nujda ot pomost:
nikomsj@mail.bg