[ale] Anyone good with traffic control?

Sun Apr 9 18:01:41 EDT 2023

Yeah, I've been back and forth with all sorts of documentation trying to 
make sense of everything.

So my new firewall has an Intel I225-V four-port Ethernet controller. 
This is replacing a Raspberry Pi that was using its on-board Ethernet 
and a USB dongle adapter.

So under the new router, the first port enp1s0 is the WAN port and I 
have two LAN ports going (enp2s0 and enp3s0). Currently the fourth one 
is unused but will likely be used later as yet another LAn port.

The default kernel configuration before playing with anything looks like 
this:

qdisc mq 0: dev enp1s0 root
qdisc fq_codel 0: dev enp1s0 parent :4 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp1s0 parent :3 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp1s0 parent :2 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp1s0 parent :1 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64

qdisc mq 0: dev enp2s0 root
qdisc fq_codel 0: dev enp2s0 parent :4 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp2s0 parent :3 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp2s0 parent :2 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp2s0 parent :1 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc mq 0: dev enp3s0 root

qdisc fq_codel 0: dev enp3s0 parent :4 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp3s0 parent :3 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp3s0 parent :2 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64
qdisc fq_codel 0: dev enp3s0 parent :1 limit 10240p flows 1024 quantum 
1514 target 5ms interval 100ms memory_limit 32Mb ecn drop_batch 64

So far the only thing I've played with is trying to use traffic shaping 
as per bufferbloat.net to prevent the AT&T modem from bogging down 
because my uplink is only about 4 Mbps.

So I have this set up currently though I think I need to make a fix:
tc qdisc add dev enp1s0 root handle 1: htb default 1
tc class add dev enp1s0 parent 1: classid 1:1 htb rate 3500kbit
tc qdisc add dev enp1s0 parent 1:1 fq_codel target 10ms noecn

On the old gateway I had this (eth0 being WAN):
tc qdisc add dev eth0 root handle 1: htb default 30
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit
tc class add dev eth0 parent 1: classid 1:2 htb rate 3mbit

tc filter add dev eth0 protocol all parent 1:0 prio 1 u32 match ip dst 
108.95.189.245/32 flowid 1:1
tc filter add dev eth0 protocol all parent 1:0 prio 1 u32 match ip src 
108.95.189.245/32 flowid 1:2

I think I may need to use the filtering in addition to adding a few 
extra IPs so I suspect I'll need to do this:
tc qdisc add dev enp1s0 root handle 1: htb default 1
tc class add dev enp1s0 parent 1: classid 1:1 htb rate 1000mbit
tc class add dev enp1s0 parent 1: classid 1:2 htb rate 3500kbit

tc filter add dev eth0 protocol all parent 1:0 prio 1 u32 match ip dst 
108.95.189.240/29 flowid 1:1
tc filter add dev eth0 protocol all parent 1:0 prio 1 u32 match ip src 
108.95.189.240/29 flowid 1:2

On 2023-04-09 10:47, Phil Turmel via Ale wrote:
> I've done some, including using intermediate links to shape inbound.  I 
> always have to open every scrap of docs any time I look at it. 
> Skull-crushing.
> 
> Share more details of what you have and what you want.
> 
> On 4/8/23 18:24, Alex Carver via Ale wrote:
>> I pretty much had the basics of that script in my old firewall except 
>> I was using fq_codel because it's supposed to be slightly better 
>> performance. New firewall is a bit of a larger beast and I'm running 
>> two LANs and one WAN port with multiple static IPs assigned to the WAN 
>> so lots of SNAT.
>>
>> I wanted to try and redo the traffic shaping on the new router 
>> primarily to make sure that my problems with service are the result of 
>> AT&T and not just me. :)  But then again I'm getting tired of AT&T's 
>> customer disservice and inability to provide anything faster than (an 
>> anticipated) 25/5 (on a maybe perfect day) so I'll likely end up with 
>> Spectrum soon. It's still asymmetric at an estimated 600/35 but it's 
>> technically cheaper than AT&T and upload speeds would be roughly seven 
>> times faster so VPNing into my home from elsewhere wouldn't be quite 
>> as bad.
>>
>> On 2023-04-08 14:18, Boris Borisov via Ale wrote:
>>> I always used https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.qdisc.html
>>>
>>> Not that I really understand it :)
>>>
>>> There is something i posted before. It is a traffic shaperscript file 
>>> and
>>> with good explanation on the bottom.
>>>
>>> https://www.zelow.no/floppyfw/download/HOWTOS/tc-readme.txt
>>>
>>> An yes I'm NOT an expert ...
>>>
>>>
>>>
>>> On Sat, Apr 8, 2023 at 3:11 PM Alex Carver via Ale <ale at ale.org> wrote:
>>>
>>>> I could use some help getting traffic control working to help with my
>>>> asymmetric DSL. I just replaced my router with another multi-port box
>>>> and I think I have some of the basics fixed up based on the
>>>> bufferbloat.net instructions but some additional input or suggestions
>>>> may be useful. Any of you out there have a better understanding of TC
>>>> than I do?
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo