Use this to match ACKs on packets smaller than 64 bytes: ## match acks the hard way, ## IP protocol 6, ## IP header length 0x5(32 bit words), ## IP Total length 0x34 (ACK + 12 bytes of TCP options) ## TCP ack set (bit 5, offset 33) # tc filter add dev ppp14 parent 1:0 protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 1:3.
ISPs know that they are benchmarked solely on how fast people can download. Large queues can help prevent packet loss, and speed up downloads. So ISPs configure large queues. Besides available bandwidth, download speed is influenced heavily by packet loss, which seriously hampers TCP/IP performance.
Avpkt should be your average packet size. Additionally, you need to set limit and avpkt. 1000 works OK on high speed Internet links with a 1500byte MTU. Limit is a safety value, after there are limit bytes in the queue, RED ‘turns into’ tail-drop. I typical set limit to eight times max.
Because of the clear interest of the community, it has been decided to start a mailinglist where people can talk to each other about Advanced Routing and Traffic Control. You can subscribe to the list here. The authors receive an increasing amount of mail about this HOWTO.
Peter Bieringer reports: Here are some results (tunnel mode only tested, auth=SHA1): DES: ok 3DES: ok AES-128: ok AES-192: not supported by CP VPN-1 AES-256: ok CAST* : not supported by used Linux kernel Tested version: FP4 aka R54 aka w/AI.
Routing Flags Routes have associated flags which influence operation of the protocols when sending to destinations matched by the routes. These flags may be set (or sometimes cleared) by including the following corresponding modifiers on the com- mand line:.
Next we instruct the kernel to actually do NAT , so clients in the private network can start talking to the outside. 0 -o eth0 -j SNAT –to-source 212. 172 Now check that packets are flowing through 1:15: tc -s class show dev eth0. Echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s 172.
Unable to set up a static host route – “SIOCADDRT: No such process. My plan is to set up this box with a static route. Route add -net XXX.
Aside from the local routing table, which is maintained by the kernel, and the main routing table which is partially maintained by the kernel, all routing tables are controlled by the administrator or routing software. Each routing table can contain an arbitrary number of route entries. All routes on a machine can be changed or removed .
: event not found. D/ network restart :: Stopping Network SIOCDELRT: No such process :: Starting Network SIOCADDRT: No such process # WHY, LINUX, WHY. 1 SIOCADDRT: No such process # /etc/rc. Route add default gw 192.
Note that we need to specify our hash bucket in hex, 0x7b is 123. 123 flowid 1:2 This is entry 123, which contains matches for 1. 123 flowid 1:3 # tc filter add dev eth1 protocol ip parent 1:0 prio 5 u32 ht 2:7b: match ip src 1. # tc filter add dev eth1 protocol ip parent 1:0 prio 5 u32 ht 2:7b: match ip src 1. 123 flowid 1:2 # tc filter add dev eth1 protocol ip parent 1:0 prio 5 u32 ht 2:7b: match ip src 1. 123 flowid 1:1 # tc filter add dev eth1 protocol ip parent 1:0 prio 5 u32 ht 2:7b: match ip src 1. 123, and sends them to 1:1, 1:2, 1:3 and 1:2 respectively.
If you find the inevitable mistakes, please email bert hubert