jamal wrote:
Changed subject to whats being discused ;->
On Fri, 2005-03-25 at 16:18, Andy Furniss wrote:
jamal wrote:
[..]
OK I would need that to recreate what I do now with IMQ hooked after
deNAT so I can see local addresses and use connbytes in prerouting
mangle (though that's on my 2.4 I can't get connbytes to work with
latest netfilter yet anyway)
What exactly do you use such a scenario for?
IMQ because my shaping box counts as my 3rd PC and sometimes runs bt,
mldonkey, wget.
After deNAT so I can do per user fairness.
Connbytes has dual use - I mark first 80KB of bulk tcp with it and send
it to a shortish queue which I hacked to head drop and has half my
512kbit bandwidth.
This either priorotises browsing in the presence of bulk or stops
multiple connections in slowstart causing latency bumps if I am gaming
and someone else is browsing big web pages.
Doesn't fix game + bulk + browsing - I think only a hack to htb/hfsc to
have a class behave as full before it is would help this.
If i was to prioritize my time for new actions - how important is this?
Things are OK for me with IMQ - low bandwidth and not many filters seem
fine. At high bandwidth/lots of filters it seems problematic - but then
most people can use dummy now :-)
I'll have to re-run a test I did recently which was lots of tc filter
matches at 8000pps - on egress IMQ was almost as good as directly on
eth0. On ingress it was more than 10X worse.
How many filters? I wont suspect any difference between ingress
and egress.
I'll have to run again to be sure but I saw a big difference - on egress
I could generate 8000pps and have each packet tested by about 1500 filters.
On ingress I saw packet loss with only a couple of hundred or so - it
was a tcp test though - so it backed off the loss was deduced by looking
at netstat retrans on the sender I couldn't see it on any stats. This
was with netperf. Maybe I should think of a better test - I tried udp
and it whacked my PC so much I thought it had locked up.
Hey, you want to get started let me know ;-> Thomas and myself plan to
do good documentation on the actions and ematch as they say Real Soon
Now ;->
I look forward to reading them :-)
Andy.
|