Traffic Shaping für OpenWRT

OpenWRT Homepage : http://openwrt.org und in diesem Wiki : OpenWRT

Pakete nachinstallieren

ipkg update
ipkg install tc 
ipkg install kmod-sched kmod-ipt-conntrack iptables-mod-conntrack kmod-ipt-ipopt iptables-mod-ipopt kmod-ipt-extra iptables-mod-extra

zuerst werden mit /etc/init.d/S70ts-modules.sh die notwendigen Kernel-Module geladen.

#Inserting various kernel modules
insmod ipt_TOS
insmod ipt_tos
insmod ipt_length
insmod sch_prio
insmod sch_red
insmod sch_htb
insmod sch_sfq
insmod sch_ingress
insmod cls_tcindex
insmod cls_fw
insmod cls_route
insmod cls_u32
# HFSC for Upload ...
insmod sch_hfsc

in /etc/tshaper.conf werden die Variablen gesetzt

# INTERFACES

LAN_IFACE=br0
WAN_IFACE=ppp0

# uplink bandwidth
# specified in kbits (about 90% of actual max uplink rate)
WAN_DOWN_RATE=5500
WAN_DOWN_RATE_SINGLE=5000

# Class for each computer minimum 250kbit maximum all
HTBRATE=2500kbit

# configuring RED Queing ...
# in order to use RED, you must decide on three parameters: Min, Max, and burst. 
# Min sets the minimum queue size in bytes before dropping will begin,
# Max is a soft maximum that the algorithm will attempt to stay under, and  
# burst sets the maximum number of packets that can 'burst through'.  

# Usage: ... red limit BYTES min BYTES max BYTES avpkt BYTES burst PACKETS probability PROBABILITY bandwidth KBPS [ ecn ]

# Limit is a safety value, after there are limit bytes in the queue, RED 'turns into' tail-drop. I typical set limit to eight times max.                                                                    
# limit := actual physical size of the queue
LIMIT=320000b

# Min sets the minimum queue size in bytes before dropping will begin
# min   := minimum threshold in Kilobytes
MIN=10000b

# Max is a soft maximum that the algorithm will attempt to stay under.  
# max   := maximum threshold in Kilobytes
MAX=50000b

# avpkt := average packet size: 1000 works OK on high speed Internet links with a 1500byte MTU 

# burst := Burst controls how the RED algorithm responds to bursts. Burst must be set larger then min/avpkt. Experimentally, I've found (min+min+max)/(3*avpkt) to work ok.
BURST=20 

# probability := should be random drop probability
# bandwidth   := should be the real bandwidth of the interface
# ecn         := ? explicit congestion notification (flag or what)
# Always make sure that min < max < limit

# configure HFSC for UPLOAD 

# tc add class dev $dev parent parentID classid $ID hfsc [ [ rt  SC ] [ ls  SC ] | [ sc  SC ] ]  [ ul  SC ]
# SC := [ umax bytes  dmax ms ] rate BPS
# Real-Time Kurve (rt)
# Link-Sharing Kurve (ls)
# ul := obere Leistungsschranke
# in kbits
UL_ALL=450
UL_SINGLE=300
UL_SINGLE_M2=250

# garantie in kbits
UL_PRIO=100
UL_GOOD=300
UL_BAD=80
# Delay in ms 
DL_PRIO=60
DL_GOOD=110
DL_BAD=500


# Eine Service-Kurve wird durch die (Sende)-Rate (rate) beschrieben,
# Soll die Kurve aus zwei Teilstuecken bestehen, kann durch
# dmax die maximale Verzoegerungszeit fuer eine bestimmte
# Sendeleistung umax angegeben werden.

ALLOWED_DELAY=100

# Unterteilung der Protokolle (nocht nicht implementiert)
# ports
PRIOPORTS="22"
GOODPORTS="80 110 991"
BADPORTS="4100:5000"

dann das eigentliche Shaping /etc/init.d/S80tshaper.sh

#
# tshaper.sh  -  set up traffic shaping on OpenWRT
#
# Copyright 2006 (C) Sven Kalinowski
# mailto: kalinowski-live-pa@gmx.net
#
# This program is free software; you can redistribute it and/or
# Modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
#
#
# to check the status of the qos stuff:
#  iptables -t mangle -L
#  tc -s qdisc show dev ppp0
#  tc -s class show dev ppp0

. /etc/functions.sh

# read settings from 
. /etc/tshaper.conf

#
# ***  DOWNLOAD  ***  DOWNLOAD  ***  DOWNLOAD  ***  DOWNLOAD  ***
#
# echo Clear all traffic control things to start from a clean state ...
tc qdisc del dev $LAN_IFACE root

# echo configuring HTB Queing ...
tc qdisc add dev $LAN_IFACE root handle 1: htb default 1

#This is for the intra-LAN traffic
tc class add dev $LAN_IFACE parent 1: classid 1:1 htb rate 99000kbit burst 6k cburst 2624b
tc class add dev $LAN_IFACE parent 1:1 classid 1:2 htb rate ${WAN_DOWN_RATE}kbit ceil ${WAN_DOWN_RATE}kbit

#Class for every computer minimum 250kbit maximum all  - 40 = default
tc class add dev $LAN_IFACE parent 1:2 classid 1:10 htb rate $HTBRATE ceil ${WAN_DOWN_RATE_SINGLE}kbit burst 6k cburst 2624b
tc class add dev $LAN_IFACE parent 1:2 classid 1:20 htb rate $HTBRATE ceil ${WAN_DOWN_RATE_SINGLE}kbit burst 6k cburst 2624b
tc class add dev $LAN_IFACE parent 1:2 classid 1:30 htb rate $HTBRATE ceil ${WAN_DOWN_RATE_SINGLE}kbit burst 6k cburst 2624b
tc class add dev $LAN_IFACE parent 1:2 classid 1:40 htb rate $HTBRATE ceil ${WAN_DOWN_RATE_SINGLE}kbit burst 6k cburst 2624b

# echo configuring RED Queing ...
tc qdisc add dev $LAN_IFACE parent 1:10 handle 10: red limit $LIMIT min $MIN max $MAX avpkt 1000 burst $BURST ecn
tc qdisc add dev $LAN_IFACE parent 1:20 handle 20: red limit $LIMIT min $MIN max $MAX avpkt 1000 burst $BURST ecn
tc qdisc add dev $LAN_IFACE parent 1:30 handle 30: red limit $LIMIT min $MIN max $MAX avpkt 1000 burst $BURST ecn
tc qdisc add dev $LAN_IFACE parent 1:40 handle 40: red limit $LIMIT min $MIN max $MAX avpkt 1000 burst $BURST ecn

# echo We assign the traffic to classes using the marks ...
tc filter add dev $LAN_IFACE protocol ip parent 1: handle 0x10 fw classid 1:10
tc filter add dev $LAN_IFACE protocol ip parent 1: handle 0x20 fw classid 1:20
tc filter add dev $LAN_IFACE protocol ip parent 1: handle 0x30 fw classid 1:30
tc filter add dev $LAN_IFACE protocol ip parent 1: handle 0x40 fw classid 1:40

#
# ***  UPLOAD  ***  UPLOAD  ***  UPLOAD  ***  UPLOAD  ***  UPLOAD  ***
# 
tc qdisc del dev $WAN_IFACE root

# tc add class dev $dev parent parentID classid $ID hfsc [ [ rt  SC ] [ ls  SC ] | [ sc  SC ] ]  [ ul  SC ]
# SC := [ [ m1 BPS ] [ d SEC ] m2 BPS
# m1 : slope of first segment
# d : x-coordinate of intersection
# m2 : slope of second segment
#
# Alternative format:
# Eine Service-Kurve wird durch die (Sende)-Rate (rate) beschrieben,
# Soll die Kurve aus zwei Teilstuecken bestehen, kann durch
# dmax die maximale Verzoegerungszeit fuer eine bestimmte
# Sendeleistung umax angegeben werden.
# SC := [ [ umax BYTE ] dmax SEC ] rate BPS
# umax : maximum unit of work
# dmax : maximum delay
# rate : rate

# SC := [ umax bytes  dmax ms ] rate BPS
# Real-Time Kurve (rt)
# Link-Sharing Kurve (ls)
# ul := obere Leistungsschranke

# echo configuring Root-Handle ...
tc qdisc add dev $WAN_IFACE root handle 1: hfsc default 140
tc class add dev $WAN_IFACE parent 1:  classid 1:1  hfsc sc rate ${UL_ALL}kbit ul rate ${UL_ALL}kbit

# echo configuring HFSC-Classes ...
tc class add dev $WAN_IFACE parent 1:1 classid 1:110 hfsc sc m1 ${UL_SINGLE}kbit d ${ALLOWED_DELAY}ms m2 ${UL_SINGLE_M2}kbit ul rate ${UL_SINGLE}kbit
tc class add dev $WAN_IFACE parent 1:1 classid 1:120 hfsc sc m1 ${UL_SINGLE}kbit d ${ALLOWED_DELAY}ms m2 ${UL_SINGLE_M2}kbit ul rate ${UL_SINGLE}kbit
tc class add dev $WAN_IFACE parent 1:1 classid 1:130 hfsc sc m1 ${UL_SINGLE}kbit d ${ALLOWED_DELAY}ms m2 ${UL_SINGLE_M2}kbit ul rate ${UL_SINGLE}kbit
tc class add dev $WAN_IFACE parent 1:1 classid 1:140 hfsc sc m1 ${UL_SINGLE}kbit d ${ALLOWED_DELAY}ms m2 ${UL_SINGLE_M2}kbit ul rate ${UL_SINGLE}kbit

# echo We assign the traffic to classes using the marks ...
tc filter add dev $WAN_IFACE protocol ip parent 1: handle 0x110 fw classid 1:110
tc filter add dev $WAN_IFACE protocol ip parent 1: handle 0x120 fw classid 1:120
tc filter add dev $WAN_IFACE protocol ip parent 1: handle 0x130 fw classid 1:130
tc filter add dev $WAN_IFACE protocol ip parent 1: handle 0x140 fw classid 1:140

#
# ***  MANGLE Table  ***  MANGLE Table  *** MANGLE Table  ***  MANGLE Table  ***  MANGLE Table  ***
#
# Flush the mangle table
iptables -t mangle -F

# Mark all 1) incoming traffic 10,20,30,40
# Mark all 2) outgoing traffic 110,120,130,140

#Default
iptables -t mangle -A POSTROUTING -d 192.168.1.0/24 -s ! 192.168.1.0/24 -j MARK --set-mark 0x40
iptables -t mangle -A POSTROUTING -s 192.168.1.0/24 -d ! 192.168.1.0/24 -j MARK --set-mark 0x140

#First computer 
iptables -t mangle -A POSTROUTING -d 192.168.1.2 -s ! 192.168.1.0/24 -j MARK --set-mark 0x10
iptables -t mangle -A POSTROUTING -s 192.168.1.2 -d ! 192.168.1.0/24 -j MARK --set-mark 0x110

#Second computer 
iptables -t mangle -A POSTROUTING -d 192.168.1.21 -s ! 192.168.1.0/24 -j MARK --set-mark 0x20
iptables -t mangle -A POSTROUTING -s 192.168.1.21 -d ! 192.168.1.0/24 -j MARK --set-mark 0x120

#Third computer 
iptables -t mangle -A POSTROUTING -d 192.168.1.10 -s ! 192.168.1.0/24 -j MARK --set-mark 0x30
iptables -t mangle -A POSTROUTING -s 192.168.1.10 -d ! 192.168.1.0/24 -j MARK --set-mark 0x130
iptables -t mangle -A POSTROUTING -d 192.168.1.11 -s ! 192.168.1.0/24 -j MARK --set-mark 0x30
iptables -t mangle -A POSTROUTING -s 192.168.1.11 -d ! 192.168.1.0/24 -j MARK --set-mark 0x130
# test PC 
iptables -t mangle -A POSTROUTING -d 192.168.1.3 -s ! 192.168.1.0/24 -j MARK --set-mark 0x30
iptables -t mangle -A POSTROUTING -s 192.168.1.3 -d ! 192.168.1.0/24 -j MARK --set-mark 0x130

TSHAPER (last edited 2006-03-02 02:35:24 by p5487DA32)