Linux QoS Bridge HOWTO

发表于:2007-07-04来源:作者:点击数: 标签:
Linux Bridge w/ QoS Documentation UPDATE - 02/02/2005 While my original shaping worked well for Video + Citrix + Bulk, I havn't really been happy with it for VoIP thrown in the mix. I've created a new scheme for VoIP that works very well. E
Linux Bridge w/ QoS Documentation

UPDATE - 02/02/2005

While my original shaping worked well for Video + Citrix + Bulk, I havn't really been happy with it for VoIP thrown in the mix. I've created a new scheme for VoIP that works very well. Essentially, all non-VoIP traffic is throttled back enough so that VoIP will always have enough bandwidth. Also, VoIP gets true priority, such that -any- VoIP traffic is sent ASAP.

---------------------------------

Diagram

You’ll need Fedora Core 1 (2.4 kernel includes traffic control (tc) – this should work on FC2 but is not tested) which can be downloaded onto 3 CDs. We’ll actually only use discs 1 and 3 if you don’t want to download disc 2.

Use my scripts:

bridge

Original:

shape.eth0.sh

VoIP Gets Priority:

shape.eth0.sh

Create a copy of shape.eth0.sh once you've configured it. Simply change the name to shape.eth1.sh, and change the one line in the script where e=eth0.

Before installing, write down both NIC MAC addresses, and label the NICs on the outside so you know which label corresponds to which MAC address. This should be documented for the network administrators as it can come in handy for tweaking. Although we’ll be applying the same settings for upload as for download, these can be adjusted differently. Download needs to be throttled back slightly more than upload as we need to eliminate all possible queues upstream at the ISP level. This way the QoS box becomes the queue so you can manage downloads and uploads.

FC1 install
- Skip Media Check
- Welcome Screen – Next
- Language Selection – Next
- Keyboard Configuration – Next
- Mouse – Generic 2 Button PS2 – Next
- Monitor Configuration – Generic CRT Display - 800x600 – Next
- Upgrade Examine – Install Fedora Core – Next
- Installation Type – Custom – Next
- Disk Partitioning Setup – Automatically Partition
- Automatic Partitioning – “Remove all partitions on this system” – Next
Click yes to the warning
- Disk Setup – Leave defaults there – Next
- Boot Loader Configuration – Leave GRUB as the default – Next
- Network Configuration
- Active on Boot – Check this for both cards
- Leave both cards set to DHCP
- Set the hostname manually. I used WellsFargoQoS1 for the primary
- Firewall Configuration - No Firewall – Next – Hit Proceed to Warning
- Additional Language Support – Next
- Time Zone Selection – Pick Your Time Zone – Next
- Set Root Password – Enter your password – Next
- Package Group Selection – Scroll to bottom and select Minimal – Next
- About to Install – Next
- Create a boot diskette if you want
- Reboot with only 1 ethernet cable hooked in (keeps routes simple while setting up)
- Login as root
- insert Disc 3 so you can copy over the bridge-utils RPM
[root@WellsFargoQoS1 root]# mount /dev/cdrom /mnt/cdrom/
[root@WellsFargoQoS1 root]# rpm –ivh /mnt/cdrom/Fedora/RPMS/bridge-utils-0.9.6-2.i386.rpm

You should see it go to 100%.
The brctl command should now show options. You may have to type ‘exit’ and login again for this to work.
[root@WellsFargoQoS1 root]# brctl

Unmount the cdrom and remove it.
[root@WellsFargoQoS1 root]# umount /mnt/cdrom

This will show your network configuration (like an ipconfig in windows) for each card. This way you can discover the ip of the card that is hooked up, so you can ssh to it.
[root@WellsFargoQoS1 root]# ip a

Install Windows Utilities

OK, now you need to hit that Linux box from Windows. Download and install these utilities:
WinSCP: http://winscp.sourceforge.net/eng/
PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


Configure files:
All files have variables to modify at the top. I suggest you use TextPad to modify these files. It is a free download from http://www.textpad.com/ . I’ve found that Microsoft products tend to insert extra carriage return characters and things that will prevent your script from running. In other words, you are on your own if you use Notepad or WordPad.

bridge:
These variable names should make sense.

BRIDGENAME="myBridge1"   **
GATEWAY="192.168.1.1"
BRIDGE_IP="192.168.1.50"
BRIDGE_NETMASK="255.255.255.0"

Ok, these parameters depend if you’re setting these up for a failover Spanning Tree Protocol setup.

 


** BRIDGENAME can be anything. It’s just for reference internally, not how it appears on the network.

shape.eth0.sh
shape.eth1.sh
Both of these files should be configured identically. For sites with T1 connections, you may want to leave this as-is.
e=eth0       # interface
t1=1.25Mbit  # size of your WAN - remember you can't max this or you'll experience latency. 75-80% of max is a good place to start.
el=100Mbit   # size of eth0
w=0.125Mbit   # weighting of your WAN (10% of t1)
t2=0.3Mbit   # traffic group 1
t3=0.7Mbit   # traffic group 2
t4=0.25Mbit  # traffic group 3
w2=0.03Mbit  # weighting of $t2
w3=0.07Mbit  # weighting of $t3
w4=0.025Mbit # weighting of $t4
Colo1="XXX.XXX.XXX.XXX"
Colo2="XXX.XXX.XXX.XXX"

OK, now that you’ve modified the files, let’s transfer them to the Linux box. Fire up WinSCP and connect as root. Transfer the files to /etc/rc.d/init.d/

Start up PuTTY and connect as root. Type the following commands:
cd /etc/rc.d/init.d/
chmod 755 bridge.sh
chmod 755 shape.eth0.sh
chmod 755 shape.eth1.sh
chkconfig --add bridge
service bridge start

After starting the bridge service your ssh session will get killed. But guess what? You’re done. You should now be able to ssh to the box with the IP you gave it in the bridge file. The IP will work from either side. Think of the bridge as a managed switch. No matter what port your Ethernet cable is plugged into, the bridge still has the same IP.

Tweaks:
Login to the bridge and type ‘setup’
Select System services
-Deselect apmd, isdn, kudzu, pcmcia, sendmail
apmd is important. This disables power management.
suggest
I suggest you do some stuff to speed up the boot time. Typical things for the BIOS:
• Turn off boot-up floppy seek
• Set the boot order to C: first, so it doesn’t check for CD-ROMs or floppies

• ssh into the linux box, and type ‘setup’ at the command line. Turn off kudzu service for faster startup time (this service does a scan for new hardware).

• Edit /boot/grub/grub.conf and lower the timeout setting for a faster timeout on the splash screen. I set it to 2 seconds for good speed.

Commands:
You can edit these files on the Linux box using vi.
Example:
vi /etc/rc.d/init.d/shape.eth0.sh
Hit ‘i’ to go into insert mode.
Change what you want.
Hit ESC
SHIFT-Z-Z to save and close
If you screw up, force a quit. Hit ESC to make sure you’re no longer in insert mode.
Type :q!ENTER   (colon first indicates a command is coming)

To make sure that traffic is being routed to the different queues as expected, you can issue the following command and see how many packets have been assigned and routed by each queue discipline:
tc -s class show dev eth0


Reference:
http://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/
http://lartc.org/howto/lartc.qdisc.html
http://lartc.org/howto/lartc.qdisc.classful.html <-- important to understand
http://tcng.sourceforge.net/

原文转自:http://www.ltesting.net