aboutsummaryrefslogtreecommitdiffstats
path: root/main/iproute2-qos/qos.eth0.sample
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2009-10-20 13:01:40 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2009-10-20 13:01:40 +0000
commit0732f85009f5ce5a820b0c2ace2dc46e059b53ff (patch)
treefc8c97ca56d2ff294bcde30f60eb63516347aaf8 /main/iproute2-qos/qos.eth0.sample
parent34cf1842fe9ecfa0091bc37d885311a8ad2fcd4b (diff)
downloadaports-0732f85009f5ce5a820b0c2ace2dc46e059b53ff.tar.gz
aports-0732f85009f5ce5a820b0c2ace2dc46e059b53ff.tar.bz2
aports-0732f85009f5ce5a820b0c2ace2dc46e059b53ff.tar.xz
main/iproute2-qos: misc bugfixes
fixed couple bugs and changed some logic how packets are being inspected and classified.
Diffstat (limited to 'main/iproute2-qos/qos.eth0.sample')
-rw-r--r--main/iproute2-qos/qos.eth0.sample97
1 files changed, 59 insertions, 38 deletions
diff --git a/main/iproute2-qos/qos.eth0.sample b/main/iproute2-qos/qos.eth0.sample
index a8d1d38567..1578dfa572 100644
--- a/main/iproute2-qos/qos.eth0.sample
+++ b/main/iproute2-qos/qos.eth0.sample
@@ -5,8 +5,8 @@ DEV=eth0
IFB_DEV=ifb0 # Leave blank if $DEV is ifbX
# Internet EGRESS/INGRES rates in kbit or mbit. Measure this on a free line to gain precise value
-EGRESS_RATE=1000kbit # 128kbit, 256kbit, 512kbit
-INGRESS_RATE=1000kbit # 256kbit, 512kbit, 1024kbit
+EGRESS_RATE=512kbit # 128kbit, 256kbit, 512kbit
+INGRESS_RATE=2048kbit # 256kbit, 512kbit, 1024kbit
# In order to control a queue at the router/bridge side we will downgrade a real link speed on purpose
RATE_SUB_PERCENT=5 # 20, 10
@@ -23,7 +23,7 @@ DEV_RATE=50mbit
# prio: if rate is variable and you want to be sure that interactive traffic has ultimate priority
# none: if link is not congested
#
-EGRESS_ALG=hfsc
+EGRESS_ALG=htb
# EGRESS leaf Queuing Disciplines
#
@@ -31,9 +31,9 @@ EGRESS_ALG=hfsc
# sfq: TCP sessions or best-effort class traffic
# red: hightly congested links or high-speed Internet [> 10Mbit/sec])
#
-INTERACTIVE_LEAF_QDISC=pfifo
+INTERACTIVE_LEAF_QDISC=pfifo
PRIVILEGED_LEAF_QDISC=pfifo
-BESTEFFORT_LEAF_QDISC=red
+BESTEFFORT_LEAF_QDISC=red
LAN_LEAF_QDISC=sfq
# INGRESS treatment
@@ -50,21 +50,19 @@ INGRESS_ALG=ifb
# Maximum 100 filter items are allowed for each class.
# By default ALL unclassified traffic is being assined to Best-Effort class.
-# UDP
-INTERACTIVE_FILTER_1="protocol ip prio 100 u32 match ip protocol 0x11 0xff"
-
-# ICMP
-INTERACTIVE_FILTER_2="protocol ip prio 100 u32 match ip protocol 0x1 0xff"
+###################################
+### INTERACTIVE FILTERING RULES ###
+###################################
# ACK with payload < 64 bytes (32-bit version)
-INTERACTIVE_FILTER_3="protocol ip prio 100 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33"
+INTERACTIVE_FILTER_10="protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33"
# ACK with payload < 64 bytes
-INTERACTIVE_FILTER_4="protocol ip prio 100 u32 match ip protocol 6 0xff match u8 0x10 0xff at nexthdr+13 match u16 0x0000 0xffc0 at 2"
+INTERACTIVE_FILTER_11="protocol ip prio 11 u32 match ip protocol 6 0xff match u8 0x10 0xff at nexthdr+13 match u16 0x0000 0xffc0 at 2"
-# PHB TOS HEX
-# --------------------------
-# 0x10
+# PHB TOS HEX NOTES
+# ----------------------------------------------
+# 0x10 SSH, IAX2
# 0x18
# CS1 PRIORITY 0x20
# AF11 0x28
@@ -77,54 +75,77 @@ INTERACTIVE_FILTER_4="protocol ip prio 100 u32 match ip protocol 6 0xff match u8
# AF23 0x58
#
# CS5 CRITICAL 0xA0
-# EF 0xB8
+# EF 0xB8 IAX2, SIP Voice
#
-# CS6 INTERNETWORKCONTROL 0xC0
+# CS6 INTERNETWORKCNTRL 0xC0 BGP (by default)
# CS7 NETWORKCONTROL 0xE0
-INTERACTIVE_FILTER_5="protocol ip prio 100 u32 match ip tos 0x10 0xff"
-INTERACTIVE_FILTER_6="protocol ip prio 100 u32 match ip tos 0x18 0xff"
-INTERACTIVE_FILTER_7="protocol ip prio 100 u32 match ip tos 0xa0 0xff"
-INTERACTIVE_FILTER_8="protocol ip prio 100 u32 match ip tos 0xb8 0xff"
+INTERACTIVE_FILTER_30="protocol ip prio 30 u32 match ip tos 0xb8 0xff"
+INTERACTIVE_FILTER_31="protocol ip prio 31 u32 match ip tos 0x10 0xff"
+INTERACTIVE_FILTER_32="protocol ip prio 32 u32 match ip tos 0x18 0xff"
+INTERACTIVE_FILTER_33="protocol ip prio 33 u32 match ip tos 0xa0 0xff"
+
+# UDP
+INTERACTIVE_FILTER_90="protocol ip prio 90 u32 match ip protocol 0x11 0xff"
+
+# ICMP
+INTERACTIVE_FILTER_91="protocol ip prio 91 u32 match ip protocol 0x1 0xff"
+
+##################################
+### PRIVILEGED FILTERING RULES ###
+##################################
# SSH
-PRIVILEGED_FILTER_1="protocol ip prio 100 u32 match ip dport 22 0xffff"
-PRIVILEGED_FILTER_2="protocol ip prio 100 u32 match ip sport 22 0xffff"
+PRIVILEGED_FILTER_20="protocol ip prio 20 u32 match ip dport 22 0xffff"
+PRIVILEGED_FILTER_21="protocol ip prio 21 u32 match ip sport 22 0xffff"
# Remote Desktop
-PRIVILEGED_FILTER_3="protocol ip prio 100 u32 match ip dport 3389 0xffff"
-PRIVILEGED_FILTER_4="protocol ip prio 100 u32 match ip sport 3389 0xffff"
+PRIVILEGED_FILTER_22="protocol ip prio 22 u32 match ip dport 3389 0xffff"
+PRIVILEGED_FILTER_23="protocol ip prio 23 u32 match ip sport 3389 0xffff"
# ESP
-PRIVILEGED_FILTER_5="protocol ip prio 100 u32 match ip protocol 0x32 0xff"
+PRIVILEGED_FILTER_50="protocol ip prio 50 u32 match ip protocol 0x32 0xff"
# AH
-PRIVILEGED_FILTER_6="protocol ip prio 100 u32 match ip protocol 0x33 0xff"
+PRIVILEGED_FILTER_51="protocol ip prio 51 u32 match ip protocol 0x33 0xff"
+
+# IPSEC-NAT
+PRIVILEGED_FILTER_52="protocol ip prio 52 u32 match ip protocol 0x11 0xff match ip dport 4500 0xffff"
+PRIVILEGED_FILTER_53="protocol ip prio 53 u32 match ip protocol 0x11 0xff match ip sport 4500 0xffff"
-# PHB TOS HEX
-# --------------------------
-# CS3 FLASH 0x60
+# PHB TOS HEX NOTES
+# --------------------------------------
+# CS3 FLASH 0x60 SIP signaling
# AF31 0x68
# AF32 0x70
# AF33 0x78
#
# CS4 FLASHOVERRIDE 0x80
-# AF41 0x88
+# AF41 0x88 SIP Video
# AF42 0x90
# AF43 0x98
-PRIVILEGED_FILTER_7="protocol ip prio 100 u32 match ip tos 0x88 0xff"
+PRIVILEGED_FILTER_80="protocol ip prio 80 u32 match ip tos 0x60 0xff"
+PRIVILEGED_FILTER_81="protocol ip prio 81 u32 match ip tos 0x88 0xff"
-# IPSEC-NAT
-PRIVILEGED_FILTER_8="protocol ip prio 90 u32 match ip protocol 0x11 0xff match ip dport 4500 0xffff"
-PRIVILEGED_FILTER_9="protocol ip prio 90 u32 match ip protocol 0x11 0xff match ip sport 4500 0xffff"
+###################################
+### BEST-EFFORT FILTERING RULES ###
+###################################
+BESTEFFORT_FILTER_85="protocol ip prio 85 u32 match ip tos 0x4 0xff"
+BESTEFFORT_FILTER_86="protocol ip prio 86 u32 match ip tos 0x6 0xff"
+BESTEFFORT_FILTER_87="protocol ip prio 87 u32 match ip tos 0x90 0xff"
+BESTEFFORT_FILTER_88="protocol ip prio 88 u32 match ip tos 0x98 0xff"
# Example: Any traffic from/to 192.168.1.0/24 network will be classified as best-effort
#
-### BESTEFFORT_FILTER_1="protocol ip prio 3 u32 match ip src 192.168.1.0/24"
-### BESTEFFORT_FILTER_2="protocol ip prio 4 u32 match ip dst 192.168.1.0/24"
+### BESTEFFORT_FILTER_5="protocol ip prio 10 u32 match ip src 192.168.1.0/24"
+### BESTEFFORT_FILTER_6="protocol ip prio 11 u32 match ip dst 192.168.1.0/24"
+
+###########################
+### LAN FILTERING RULES ###
+###########################
# Example: Traffic Originated from router
#
-###LAN_FILTER_1="protocol ip prio 10 u32 match ip src 192.168.1.10" \ No newline at end of file
+###LAN_FILTER_10="protocol ip prio 10 u32 match ip src 192.168.1.10"