| 1 |
> > After a lot of testing, these numbers seem to give me the best |
| 2 |
> > performance as far as bittorrent download speed. |
| 3 |
> > How can that be? Is DOWNLINK my upload and UPLINK my download? |
| 4 |
> |
| 5 |
> Hm, usually not. Are you by chance shaping the internal (i.e. LAN) |
| 6 |
> interface on a router? Then, of course, it would make sense (except |
| 7 |
> from the fact that shaping your actual bottle neck, i.e. Internet |
| 8 |
> connection, would make more sense). |
| 9 |
|
| 10 |
Thanks a lot for that. I switched the interface to eth0 and reversed |
| 11 |
the DOWNLINK and UPLINK values. |
| 12 |
|
| 13 |
> > I tried to define the bittorrent ports as a low priority like this: |
| 14 |
> > NOPRIOPORTSRC=6881:6999 |
| 15 |
> > NOPRIOPORTDST=6881:6999 |
| 16 |
> > |
| 17 |
> > but I get this when restarting shorewall: |
| 18 |
> > Illegal "match" |
| 19 |
> |
| 20 |
> In the wshaper source, the action happens here (and the same for *DST): |
| 21 |
> ---snip |
| 22 |
> for a in $NOPRIOPORTSRC |
| 23 |
> do |
| 24 |
> tc filter add dev $DEV parent 1: protocol ip prio 15 u32 \ |
| 25 |
> match ip sport $a 0xffff flowid 1:30 |
| 26 |
> done |
| 27 |
> ---snip |
| 28 |
> |
| 29 |
> In this configuration, it expects a shell-separatable list of ports, |
| 30 |
> i.e. separated by whitespace. It will create a rule for each one. |
| 31 |
> |
| 32 |
> The dirty, easy way: |
| 33 |
> | NOPRIOPORTSRC=$(seq 6881 6999) |
| 34 |
> | NOPRIOPORTDST=$NOPRIOPORTSRC |
| 35 |
> |
| 36 |
> But I would rather extend wshaper by another (custom) line and dump your |
| 37 |
> NOPRIOPORT*-settings. |
| 38 |
> |
| 39 |
> The syntax is "match ip sport PATTERN MASK". The port of an incoming |
| 40 |
> packet is AND'ed w/ the MASK and compared to the PATTERN. |
| 41 |
> |
| 42 |
> e.g. "match ip sport 6880 0xffe0" would match 6880-6911, a further |
| 43 |
> "match ip sport 6912 0xffc0" would match 6912-6975. |
| 44 |
> |
| 45 |
> The advantage of this is simply speed/CPU cycles. Alternatively, you |
| 46 |
> could just use iptables to mark your packets (which probably means even |
| 47 |
> more precious CPU cycles). The wshaper script, however, doesn't use |
| 48 |
> iptables. |
| 49 |
|
| 50 |
I switched to wshaper from wshaper.htb and now ssh and browsing seem a |
| 51 |
lot more responsive. Could that be because I'm missing something in |
| 52 |
my kernel that I need for htb? I don't get any errors when restarting |
| 53 |
the firewall. |
| 54 |
|
| 55 |
One other thing is if I don't limit the upload rate within my |
| 56 |
bittorrent client, it really goes nuts and everything else suffers. I |
| 57 |
don't see how that's possible with UPLINK and the bittorrent source |
| 58 |
and destination ports defined. |
| 59 |
|
| 60 |
What I'd really like to do is limit the bittorrent upload rate so |
| 61 |
Verizon doesn't throttle my connection. Can I do that with The Wonder |
| 62 |
Shaper without limiting the total upload rate? I don't trust the |
| 63 |
bittorrent clients I use to limit it. |
| 64 |
|
| 65 |
- Grant |
| 66 |
-- |
| 67 |
gentoo-user@g.o mailing list |
Archives