 |
BQOS
Managing Bandwidth with bqos
| |
home | download | FAQ | docs | TODO | contact
I> What can be done with bqos ?
Managing bandwidth on a linux gateway is a long and fastidious task. bqos
bordned with the need of making this task quicker and easier.
There are different ways to manage bandwidth :
- First It is possible to associate a certain type of traffic with a
cetain part of the bandwith. Then, it is possible to give a
maximum or a minimum rate to a computer or to a certain
service.
- It is also possible to give a priority to specific services
(using known ports). This is very usefull if you have a link that
is 100% used and you want to use something interactive (like
telnet or ssh). If you give a highter priority to this services,
you will get a better response time.
bqos is based on iproute2 and curses.
II> Notions
All along this documentation, we will work with a linux gateway. On the
linux box, eth1 is connected to Internet and eth0 is connected to the
internal network (LAN).
1) Managing NICs
It is very important to understand that it is only possible to shape the
outgoing traffic on a NIC. That's why you will have to configure each NIC
if you want to manage the input and the output traffic of your Linux
gateway.
For examlpe, if you want to limit the download speed of the users on the
LAN, you will have to shape the traffic on the internal NIC of your
gateway (eth0 in our scheme).
Respectively, shapping the traffic on the external NIC (eth1, connected to
Internet) will be usefull to control the outgoing traffic and the upload
speed of the LAN.
2) Classes
When you want to manage the bandwidth, you first have to specify the NIC
speed and the link speed of the NIC (the available bandwidth on the
NIC). Next, you can divide this bandwidth into different classes.
If you want to shape the traffic, you have to imagine yourself a tree. The
trunk represent the maximal bandwidth you can get on the link. Each branch
uses a part of the available bandwidth of its parent and is called a class.
Traffic that flows in a class is tied to this class.
You will see that a class can be the child of an other class.
3) Filters
Filters are the way you put traffic into specific classes. A filter match
some traffic, and you can then put the matching traffic in the class you
want.
There are different manners to match the traffic :
- source port and/or destination port
- source and/or destination IP range
- TOS (Type of Service)
- protocol (icmp, tcp or udp)
For advanced users, it is also possible to match bits in the IP packet. For
example it is possible to match flags in the TCP header, or the TTL in the
IP header.
Each filter is associated to a class. So all the matching traffic is tied to
this class.
4) Priorities
In a class, you can give a highter or a lower priority to some
protocols. You match a procotol with the source and/or destination port it
uses.
By default, you will have the choice to put the matching traffic in three
queues. The traffic in these different queues is sended after each
other. First everything will be sended from queue 1, then everything from
queue 2 and then everything from queue3.
This is usualy usefull when you have interactive and data traffic
together. You generaly give a highter priority to the interactive traffic,
so that you will get a good response time on your interactive traffic
without deterioring the data traffic rate.
III> Bandwidth management using bqos
1) Main menu
The main menu is the first menu you get when you launch bqos.
On the right, you can see what is the current NIC you are working with.
You then have the different choice in the menu:
1) Change the working device
2) Set current device settings
3) Modify bandwidth
4) Save configuration script
5) Exit
2) Change device menu
With this menu you can change the current working device. The current
device is the NIC on which the bandwidth management is applied to :
1) (Accept this setting)
2) [X] eth0
3) [ ] eth1
4) [ ] eth2
The default selected NIC is usualy eth0. To change the working NIC, move
with the arrows to the NIC you want to select, and then press 'Enter'. You
have to valid your choice by pressing 'Enter' on 'Accept this setting'.
3) Set device settings menu
It's in this menu that you specify the NIC speed and the link speed (which
should be equal to the available bandwidth on the link) :
NIC speed : [ ] Mbit
Link speed : [ ] kbit
The NIC speed is usualy 10 or 100 mbit (1000 mbit for a gigabit NIC).
The link speed is given in kbits. For example if you have a 1024 kbps
download and 128 kbps upload connection, you would put 1024 in Link speed
for the internal device (eth0) and 128 for the external device (eth1).
These values ae needed for the bandwidth management, so you'll have to
enter them before trying to shape the traffic.
4) Modify bandwidth menu
The first time this menu is displayed, only the folowing line is displayed:
|
Interface eth0 1024 kbit (1024kbit free)
|
This line must be considered as the root class. From this root class, you
will create sub-classes on which you will attach traffic.
eth0 is the current device you are working with
1024 is the link speed if the NIC (eth0)
1024kbit free means that you have 1024kbit free to give to the child
classes. You won't be able to create a class if there is not enough free
bandwidth.
Here are the actions you can perform on the classes:
c)reate d)elete b)ounded
f)ilter p)riorities q)uit
a- Create a new class
When you are positionned on a class and you want to create a subclass, a
popup window appear asking you the desired bandwidth for the new class.
There must have enough free bandwidth in the parent class, otherwise you
won't be able to create the new class.
At the end of the work, the root class should not have any free
bandwidth. If not, the free bandwidth will be lost.
when you have more than the only root class, you can select the different
classes using the arrows to move.
You can create as much classes as you want.
b- Delete a class
Each created class can be deleted. But the class you want to delete should
not be the parent of any other class. If so, you must delete the child
classes first.
c- Bound a class
By default, when you give a rate to a class, you give a minimum rate. This
mean that if the link is full, the class will have at least what you gave
to it. But if the link is not full and there is free bandwidth, then the
class can borrow some bandwidth to the other classes.
If you specify that the class is bounded, this tell that this class may
not get more than its rate.
NB:
If the parent of the a class is bounded, the class is bounded to the rate
of its parent.
d- Set a filter to match some traffic
Now, it's time to put traffic into the classes.
You can match the traffic according to :
- its source and/or destination IP address
- its source and/or desniation port
- the TOS of the IP packet
- the IP protocol (tcp, icmp or udp)
Of course, you can mix the matches. For example you can match the traffic
according to the source address and the port.
Here is the filter menu:
protocol [ ]
ip source [ . . . / ]
ip destination [ . . . / ]
source port [ ]
destination port [ ]
TOS [ ] (hexadecimal value)
expression [ ]
Note that TOS (type of service) is an hexadecimal value.
The 'expression' field is to be used carrefully by qualified persons. Here
are some examples of expressions:
- match u8 0x10 0xff at nexthdr+13
-> match the ACK bit of the tcp header
- match u8 64 0xff at 8
-> match a TTL value of 64 in the IP header
Please, refer to the advanced routing howto for more informations about
what can be matched with the 'expression' field.
NB:
All the unmatched traffic will be dropped. What people generaly do is to
create a last class in which they redirect all the unmatched traffic (with
a ip source or dest like 0.0.0.0/0).
e- Set class priorities
Remember that you can only set the prio if a filter already exist in the
class.
Here is the prio menu :
source PORTS destination PORTS
1: [ ] [ ]
2: [ ] [ ]
3: [ ] [ ]
1:, 2: and 3: represent the priority queues. You have to put the traffic in
these queues. The traffic in these queues is sended after each other. First
is sended traffic in queue 1. When there is no traffic left in queue 1,
then traffic in queue 2 is sended. Traffic in queue 3 is sended when there
is no traffic in queue 1 and 2.
To put some traffic in a queue, you have to match a protocol, matching its
source port and/or its destination port.
You can use protocols port number, or protocol name, refering to the file
/etc/services.
When you want to match the rest of the traffic, i.e. the unmatched traffic,
you simply write REST in the queue.
Example:
Imagine you're in a configuration where the users in the lan do a lot web,
and they sometimes use ssh. You would like your ssh to have a good reponse
time, without slowdown the web traffic.
This is how you would configure the prio in your class:
source PORTS destination PORTS
1: [ ] [ ssh ]
2: [ REST ] [ ]
3: [ ] [ www ]
5) Save configuration script
bqos do not use any configuration file. It simply generate a shell script
which contains the commands to manage the bandwidth as you configured it.
So after your modifications, and after quiting bqos, you should execute
the script you just created.
It is a good idea to execute the script on each system start.
When you want to save the configuration script, a popup window should ask
you the file you want to save the script to.
files hosted on 