Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sqm-scripts: Smart Queue Management - experimental QoS

Browse source 
sqm-scripts is a new QoS system from Cerowrt / Bufferbloat.
I have tested it in my own community build.

More info at:
http://www.bufferbloat.net/projects/cerowrt/wiki/Smart_Queue_Management
http://www.bufferbloat.net/projects/cerowrt/wiki/Setting_up_SQM_for_CeroWrt_310

Dave Täht submitted this first via openwrt-devel mailing list in March 2014,
but that was not picked up before the switch to Github:
http://patchwork.openwrt.org/patch/5078/

Original code used as the base:
8ce2936110

I have modified:
- set the default interface to be eth1, like the Openwrt default.
- modified config to hide some of the advanced options by default
- beautified Makefile a bit
- added Toke Høiland-Jørgensen <toke@toke.dk> as the maintainer, as discussed
  in https://github.com/dtaht/ceropackages-3.10/issues/8#issuecomment-59215905

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This commit is contained in:
Hannu Nyman 2014-10-15 18:56:37 +03:00
parent 0dcfc24c04
commit 5113575fb9
12 changed files with 1383 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
net/sqm-scripts/Makefile Normal file
View file

@ -0,0 +1,50 @@
#
# Copyright (C) 2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=sqm-scripts
PKG_VERSION:=6
PKG_RELEASE:=1
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/sqm-scripts
SECTION:=net
CATEGORY:=Base system
DEPENDS:=+tc +kmod-sched +kmod-ifb iptables +ip \
+iptables-mod-filter +iptables-mod-ipopt +iptables-mod-conntrack-extra
TITLE:=SQM Scripts (QoS)
PKGARCH:=all
MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
endef
define Package/sqm-scripts/description
A set of scripts that does simple SQM configuration.
endef
define Package/sqm-scripts/conffiles
/etc/config/sqm
endef
define Build/Prepare
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/sqm-scripts/install
$(INSTALL_DIR) $(1)
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,sqm-scripts))

16
net/sqm-scripts/files/etc/config/sqm Normal file
View file

@ -0,0 +1,16 @@
config queue 'eth1'
option enabled '0'
option interface 'eth1'
option download '85000'
option upload '10000'
option qdisc 'fq_codel'
option script 'simple.qos'
option qdisc_advanced '0'
option ingress_ecn 'ECN'
option egress_ecn 'NOECN'
option qdisc_really_really_advanced '0'
option itarget 'auto'
option etarget 'auto'
option linklayer 'none'

23
net/sqm-scripts/files/etc/init.d/sqm Executable file
View file

@ -0,0 +1,23 @@
#!/bin/sh /etc/rc.common
START=50
reload()
{
/usr/lib/sqm/run.sh
}
restart()
{
reload
}
start()
{
reload
}
stop()
{
/usr/lib/sqm/run.sh stop
}

493
net/sqm-scripts/files/usr/lib/sqm/functions.sh Normal file
View file

@ -0,0 +1,493 @@
#improve the logread output
sqm_logger() {
logger -t SQM -s ${1}
}
insmod() {
lsmod | grep -q ^$1 || $INSMOD $1
}
ipt() {
d=`echo $* | sed s/-A/-D/g`
[ "$d" != "$*" ] && {
iptables $d > /dev/null 2>&1
ip6tables $d > /dev/null 2>&1
}
d=`echo $* | sed s/-I/-D/g`
[ "$d" != "$*" ] && {
iptables $d > /dev/null 2>&1
ip6tables $d > /dev/null 2>&1
}
iptables $* > /dev/null 2>&1
ip6tables $* > /dev/null 2>&1
}
do_modules() {
insmod act_ipt
insmod sch_$QDISC
insmod sch_ingress
insmod act_mirred
insmod cls_fw
insmod sch_htb
}
# You need to jiggle these parameters. Note limits are tuned towards a <10Mbit uplink <60Mbup down
[ -z "$UPLINK" ] && UPLINK=2302
[ -z "$DOWNLINK" ] && DOWNLINK=14698
[ -z "$IFACE" ] && IFACE=ge00
[ -z "$QDISC" ] && QDISC=fq_codel
[ -z "$LLAM" ] && LLAM="tc_stab"
[ -z "$LINKLAYER" ] && LINKLAYER="none"
[ -z "$OVERHEAD" ] && OVERHEAD=0
[ -z "$STAB_MTU" ] && STAB_MTU=2047
[ -z "$STAB_MPU" ] && STAB_MPU=0
[ -z "$STAB_TSIZE" ] && STAB_TSIZE=512
[ -z "$AUTOFLOW" ] && AUTOFLOW=0
[ -z "$LIMIT" ] && LIMIT=1001 # sane global default for *LIMIT for fq_codel on a small memory device
[ -z "$ILIMIT" ] && ILIMIT=
[ -z "$ELIMIT" ] && ELIMIT=
[ -z "$ITARGET" ] && ITARGET=
[ -z "$ETARGET" ] && ETARGET=
[ -z "$IECN" ] && IECN="ECN"
[ -z "$EECN" ] && EECN="NOECN"
[ -z "$SQUASH_DSCP" ] && SQUASH_DSCP="1"
[ -z "SQUASH_INGRESS" ] && SQUASH_INGRESS="1"
[ -z "$IQDISC_OPTS" ] && IQDISC_OPTS=""
[ -z "$EQDISC_OPTS" ] && EQDISC_OPTS=""
[ -z "$TC" ] && TC=`which tc`
#[ -z "$TC" ] && TC="sqm_logger tc"# this redirects all tc calls into the log
[ -z "$IP" ] && IP=$( which ip )
[ -z "$INSMOD" ] && INSMOD=`which insmod`
[ -z "TARGET" ] && TARGET="5ms"
# find the ifb device associated with a specific interface, return nothing of no ifb is associated with IF
get_ifb_associated_with_if() {
CUR_IF=$1
# CUR_IFB=$( tc -p filter show parent ffff: dev ${CUR_IF} | grep -o -e ifb'[[:digit:]]\+' )
CUR_IFB=$( tc -p filter show parent ffff: dev ${CUR_IF} | grep -o -e ifb'[^)]\+' ) # my editor's syntax coloration is limitied so I need a single quote in this line (between eiditor and s)
sqm_logger "ifb associated with interface ${CUR_IF}: ${CUR_IFB}"
echo ${CUR_IFB}
}
# what is the lowest-index currently not used ifb device
#sm: hopefully this is not required any longer, and can be deleted after a bit more testing...
get_lowest_unused_ifb() {
LOWEST_FREE_IFB=
# this just returns a list of currently existing IFBs, these need not be associated with any interface
CUR_UP_IFBS=$( ifconfig | grep -o -e ifb'[[:digit:]]\+' )
# the possible IFBs (N in insmod ifb numifbs=N)
here=$( pwd )
cd /sys/devices/virtual/net/
CUR_ALLOWED_IFBS=$( ls -d ifb* )
sqm_logger "Currently allowed IFBs: ${CUR_ALLOWED_IFBS}"
cd ${here}
# this is the sorted list of the active ifbs
# note for 3.10.32 unused and even down IFBs linger on in the tc output, so take $CUR_UP_IFBS instead
# a better test might be to check for each allowed IFB whether it is in use
# but the only way I figured out doing this means interating over all interfaces and that sounds costly
# so instead we rely on stop.sh actually calling ifconfig ${LAST_USED_IFB} down
CUR_USED_IFBS=$( tc -d qdisc | grep -o -e ifb'[[:digit:]]\+' | sort -u)
sqm_logger "Currently used IFBs: ${CUR_USED_IFBS}"
# now find the lowest index not in the sorted list
local CUR_IDX=0
while [ -z "$LOWEST_FREE_IFB" ]
do
#TMP=$( echo "${CUR_USED_IFBS}" | grep -o -e ifb${CUR_IDX} )
TMP=$( echo "${CUR_UP_IFBS}" | grep -o -e ifb${CUR_IDX} )
[ -z "$TMP" ] && LOWEST_FREE_IFB="ifb"${CUR_IDX}
CUR_IDX=$(( $CUR_IDX + 1 ))
done
# check whether the number is in the allowed range
LOWEST_FREE_IFB=$( echo "${CUR_ALLOWED_IFBS}" | grep -o -e ${LOWEST_FREE_IFB} )
[ -z "${LOWEST_FREE_IFB}" ] && sqm_logger "The IFB candidate ifb$(( ${CUR_IDX} - 1 )) is not in the range of allowed IFBs, bailing out..."
sqm_logger "selected ifb index: ${LOWEST_FREE_IFB}"
echo ${LOWEST_FREE_IFB}
}
# instead of playing around with indices just create a named IFB
# ATTENTION, IFB names can only be 15 chararcters, so we chop of excessive characters at the start of the interface name
# if required
create_new_ifb_for_if() {
CUR_IF=$1
MAX_IF_NAME_LENGTH=15
IFB_PREFIX="ifb4"
NEW_IFB="${IFB_PREFIX}${CUR_IF}"
IFB_NAME_LENGTH=${#NEW_IFB}
if [ ${IFB_NAME_LENGTH} -gt ${MAX_IF_NAME_LENGTH} ];
then
sqm_logger "The requsted IFB name ${NEW_IFB} is longer than the allowed 15 characters, trying to make it shorter"
OVERLIMIT=$(( ${#NEW_IFB} - ${MAX_IF_NAME_LENGTH} ))
NEW_IFB=${IFB_PREFIX}${CUR_IF:${OVERLIMIT}:$(( ${MAX_IF_NAME_LENGTH} - ${#IFB_PREFIX} ))}
fi
sqm_logger "trying to create new IFB: ${NEW_IFB}"
$IP link add name ${NEW_IFB} type ifb #>/dev/null 2>&1 # better be verbose
echo ${NEW_IFB}
}
# the best match is either the IFB already associated with the current interface or a new named IFB
get_ifb_for_if() {
CUR_IF=$1
# if an ifb is already associated return that
CUR_IFB=$( get_ifb_associated_with_if ${CUR_IF} )
# otherwise find the lowest unused ifb device
#[ -z "$CUR_IFB" ] && CUR_IFB=$( get_lowest_unused_ifb )
[ -z "$CUR_IFB" ] && CUR_IFB=$( create_new_ifb_for_if ${CUR_IF} )
[ -z "$CUR_IFB" ] && sqm_logger "Could not find existing IFB for ${CUR_IF}, nor create a new IFB instead..."
echo ${CUR_IFB}
}
#sm: we need the functions above before trying to set the ingress IFB device
[ -z "$DEV" ] && DEV=$( get_ifb_for_if ${IFACE} ) # automagically get the right IFB device for the IFACE"
#sqm_logger "iqdisc opts: ${iqdisc_opts}"
#sqm_logger "eqdisc opts: ${eqdisc_opts}"
#sqm_logger "LLAM: ${LLAM}"
#sqm_logger "LINKLAYER: ${LINKLAYER}"
get_htb_adsll_string() {
ADSLL=""
if [ "$LLAM" = "htb_private" -a "$LINKLAYER" != "none" ];
then
# HTB defaults to MTU 1600 and an implicit fixed TSIZE of 256, but HTB as of around 3.10.0
# does not actually use a table in the kernel
ADSLL="mpu ${STAB_MPU} linklayer ${LINKLAYER} overhead ${OVERHEAD} mtu ${STAB_MTU}"
sqm_logger "ADSLL: ${ADSLL}"
fi
echo ${ADSLL}
}
get_stab_string() {
STABSTRING=""
if [ "${LLAM}" = "tc_stab" -a "$LINKLAYER" != "none" ];
then
STABSTRING="stab mtu ${STAB_MTU} tsize ${STAB_TSIZE} mpu ${STAB_MPU} overhead ${OVERHEAD} linklayer ${LINKLAYER}"
sqm_logger "STAB: ${STABSTRING}"
fi
echo ${STABSTRING}
}
sqm_stop() {
$TC qdisc del dev $IFACE ingress
$TC qdisc del dev $IFACE root
$TC qdisc del dev $DEV root
}
# Note this has side effects on the prio variable
# and depends on the interface global too
fc() {
$TC filter add dev $interface protocol ip parent $1 prio $prio u32 match ip tos $2 0xfc classid $3
prio=$(($prio + 1))
$TC filter add dev $interface protocol ipv6 parent $1 prio $prio u32 match ip6 priority $2 0xfc classid $3
prio=$(($prio + 1))
}
fc_pppoe() {
PPPOE_SESSION_ETHERTYPE="0x8864"
PPPOE_DISCOVERY_ETHERTYPE="0x8863"
PPP_PROTO_IP4="0x0021"
PPP_PROTO_IP6="0x0057"
ARP_PROTO_IP4="0x0806"
$TC filter add dev $interface protocol ip parent $1 prio $prio u32 match ip tos $2 0xfc classid $3
$TC filter add dev $interface parent $1 protocol ${PPPOE_SESSION_ETHERTYPE} prio $(( 400 + ${prio} )) u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 $2 0xfc at 9 \
flowid $3
prio=$(($prio + 1))
$TC filter add dev $interface protocol ipv6 parent $1 prio $prio u32 match ip6 priority $2 0xfc classid $3
$TC filter add dev $interface parent $1 protocol ${PPPOE_SESSION_ETHERTYPE} prio $(( 600 + ${prio} )) u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0${2:2:2}0 0x0fc0 at 8 \
flowid $3
prio=$(($prio + 1))
}
# FIXME: actually you need to get the underlying MTU on PPOE thing
get_mtu() {
BW=$2
F=`cat /sys/class/net/$1/mtu`
if [ -z "$F" ]
then
F=1500
fi
if [ $BW -gt 20000 ]
then
F=$(($F * 2))
fi
if [ $BW -gt 30000 ]
then
F=$(($F * 2))
fi
if [ $BW -gt 40000 ]
then
F=$(($F * 2))
fi
if [ $BW -gt 50000 ]
then
F=$(($F * 2))
fi
if [ $BW -gt 60000 ]
then
F=$(($F * 2))
fi
if [ $BW -gt 80000 ]
then
F=$(($F * 2))
fi
echo $F
}
# FIXME should also calculate the limit
# Frankly I think Xfq_codel can pretty much always run with high numbers of flows
# now that it does fate sharing
# But right now I'm trying to match the ns2 model behavior better
# So SET the autoflow variable to 1 if you want the cablelabs behavior
get_flows() {
if [ "$AUTOFLOW" -eq "1" ]
then
FLOWS=8
[ $1 -gt 999 ] && FLOWS=16
[ $1 -gt 2999 ] && FLOWS=32
[ $1 -gt 7999 ] && FLOWS=48
[ $1 -gt 9999 ] && FLOWS=64
[ $1 -gt 19999 ] && FLOWS=128
[ $1 -gt 39999 ] && FLOWS=256
[ $1 -gt 69999 ] && FLOWS=512
[ $1 -gt 99999 ] && FLOWS=1024
case $QDISC in
codel|ns2_codel|pie|*fifo|pfifo_fast) ;;
fq_codel|*fq_codel|sfq) echo flows $FLOWS ;;
esac
fi
}
# set the target parameter, also try to only take well formed inputs
# Note, the link bandwidth in the current direction (ingress or egress)
# is required to adjust the target for slow links
get_target() {
local CUR_TARGET=${1}
local CUR_LINK_KBPS=${2}
[ ! -z "$CUR_TARGET" ] && sqm_logger "cur_target: ${CUR_TARGET} cur_bandwidth: ${CUR_LINK_KBPS}"
CUR_TARGET_STRING=
# either e.g. 100ms or auto
CUR_TARGET_VALUE=$( echo ${CUR_TARGET} | grep -o -e \^'[[:digit:]]\+' )
CUR_TARGET_UNIT=$( echo ${CUR_TARGET} | grep -o -e '[[:alpha:]]\+'\$ )
# [ ! -z "$CUR_TARGET" ] && sqm_logger "CUR_TARGET_VALUE: $CUR_TARGET_VALUE"
# [ ! -z "$CUR_TARGET" ] && sqm_logger "CUR_TARGET_UNIT: $CUR_TARGET_UNIT"
AUTO_TARGET=
UNIT_VALID=
case $QDISC in
*codel|*pie)
if [ ! -z "${CUR_TARGET_VALUE}" -a ! -z "${CUR_TARGET_UNIT}" ];
then
case ${CUR_TARGET_UNIT} in
# permissible units taken from: tc_util.c get_time()
s|sec|secs|ms|msec|msecs|us|usec|usecs)
CUR_TARGET_STRING="target ${CUR_TARGET_VALUE}${CUR_TARGET_UNIT}"
UNIT_VALID="1"
;;
esac
fi
case ${CUR_TARGET_UNIT} in
auto|Auto|AUTO)
if [ ! -z "${CUR_LINK_KBPS}" ];
then
TMP_TARGET_US=$( adapt_target_to_slow_link $CUR_LINK_KBPS )
TMP_INTERVAL_STRING=$( adapt_interval_to_slow_link $TMP_TARGET_US )
CUR_TARGET_STRING="target ${TMP_TARGET_US}us ${TMP_INTERVAL_STRING}"
AUTO_TARGET="1"
else
sqm_logger "required link bandwidth in kbps not passed to get_target()."
fi
;;
esac
if [ ! -z "${CUR_TARGET}" ];
then
if [ -z "${CUR_TARGET_VALUE}" -o -z "${UNIT_VALID}" ];
then
[ -z "$AUTO_TARGET" ] && sqm_logger "${CUR_TARGET} is not a well formed tc target specifier; e.g.: 5ms (or s, us), or the string auto."
fi
fi
;;
esac
# sqm_logger "target: ${CUR_TARGET_STRING}"
echo $CUR_TARGET_STRING
}
# for low bandwidth links fq_codels default target of 5ms does not work too well
# so increase target for slow links (note below roughly 2500kbps a single packet will \
# take more than 5 ms to be tansfered over the wire)
adapt_target_to_slow_link() {
CUR_LINK_KBPS=$1
CUR_EXTENDED_TARGET_US=
MAX_PAKET_DELAY_IN_US_AT_1KBPS=$(( 1000 * 1000 *1540 * 8 / 1000 ))
CUR_EXTENDED_TARGET_US=$(( ${MAX_PAKET_DELAY_IN_US_AT_1KBPS} / ${CUR_LINK_KBPS} )) # note this truncates the decimals
# do not change anything for fast links
[ "$CUR_EXTENDED_TARGET_US" -lt 5000 ] && CUR_EXTENDED_TARGET_US=5000
case ${QDISC} in
*codel|pie)
echo "${CUR_EXTENDED_TARGET_US}"
;;
esac
}
# codel looks at a whole interval to figure out wether observed latency stayed below target
# if target >= interval that will not work well, so increase interval by the same amonut that target got increased
adapt_interval_to_slow_link() {
CUR_TARGET_US=$1
case ${QDISC} in
*codel)
CUR_EXTENDED_INTERVAL_US=$(( (100 - 5) * 1000 + ${CUR_TARGET_US} ))
echo "interval ${CUR_EXTENDED_INTERVAL_US}us"
;;
pie)
## not sure if pie needs this, probably not
#CUR_EXTENDED_TUPDATE_US=$(( (30 - 20) * 1000 + ${CUR_TARGET_US} ))
#echo "tupdate ${CUR_EXTENDED_TUPDATE_US}us"
;;
esac
}
# set quantum parameter if available for this qdisc
get_quantum() {
case $QDISC in
*fq_codel|fq_pie|drr) echo quantum $1 ;;
*) ;;
esac
}
# only show limits to qdiscs that can handle them...
# Note that $LIMIT contains the default limit
get_limit() {
CURLIMIT=$1
case $QDISC in
*codel|*pie|pfifo_fast|sfq|pfifo) [ -z ${CURLIMIT} ] && CURLIMIT=${LIMIT} # use the global default limit
;;
bfifo) [ -z "$CURLIMIT" ] && [ ! -z "$LIMIT" ] && CURLIMIT=$(( ${LIMIT} * $( cat /sys/class/net/${IFACE}/mtu ) )) # bfifo defaults to txquelength * MTU,
;;
*) sqm_logger "${QDISC} does not support a limit"
;;
esac
sqm_logger "get_limit: $1 CURLIMIT: ${CURLIMIT}"
if [ ! -z "$CURLIMIT" ]
then
echo "limit ${CURLIMIT}"
fi
}
get_ecn() {
CURECN=$1
#sqm_logger CURECN: $CURECN
case ${CURECN} in
ECN)
case $QDISC in
*codel|*pie|*red)
CURECN=ecn
;;
*)
CURECN=""
;;
esac
;;
NOECN)
case $QDISC in
*codel|*pie|*red)
CURECN=noecn
;;
*)
CURECN=""
;;
esac
;;
*)
sqm_logger "ecn value $1 not handled"
;;
esac
#sqm_logger "get_ECN: $1 CURECN: ${CURECN} IECN: ${IECN} EECN: ${EECN}"
echo ${CURECN}
}
# This could be a complete diffserv implementation
diffserv() {
interface=$1
prio=1
# Catchall
$TC filter add dev $interface parent 1:0 protocol all prio 999 u32 \
match ip protocol 0 0x00 flowid 1:12
# Find the most common matches fast
#fc_pppoe() instead of fc() with effectice ingress classification for pppoe is very expensive and destroys LUL
fc 1:0 0x00 1:12 # BE
fc 1:0 0x20 1:13 # CS1
fc 1:0 0x10 1:11 # IMM
fc 1:0 0xb8 1:11 # EF
fc 1:0 0xc0 1:11 # CS3
fc 1:0 0xe0 1:11 # CS6
fc 1:0 0x90 1:11 # AF42 (mosh)
# Arp traffic
$TC filter add dev $interface protocol arp parent 1:0 prio $prio handle 500 fw flowid 1:11
prio=$(($prio + 1))
}
diffserv_pppoe() {
interface=$1
prio=1
# Catchall
$TC filter add dev $interface parent 1:0 protocol all prio 999 u32 \
match ip protocol 0 0x00 flowid 1:12
# Find the most common matches fast
#fc_pppoe() instead of fc() with effectice ingress classification for pppoe is very expensive and destroys LUL
fc_pppoe 1:0 0x00 1:12 # BE
fc_pppoe 1:0 0x20 1:13 # CS1
fc_pppoe 1:0 0x10 1:11 # IMM
fc_pppoe 1:0 0xb8 1:11 # EF
fc_pppoe 1:0 0xc0 1:11 # CS3
fc_pppoe 1:0 0xe0 1:11 # CS6
fc_pppoe 1:0 0x90 1:11 # AF42 (mosh)
# Arp traffic
$TC filter add dev $interface protocol arp parent 1:0 prio $prio handle 500 fw flowid 1:11
prio=$(($prio + 1))
}

82
net/sqm-scripts/files/usr/lib/sqm/run.sh Executable file
View file

@ -0,0 +1,82 @@
#!/bin/sh
. /lib/functions.sh
STOP=$1
ACTIVE_STATE_PREFIX="SQM_active_on_"
ACTIVE_STATE_FILE_DIR="/var/run/SQM"
mkdir -p ${ACTIVE_STATE_FILE_DIR}
# the current uci config file does not necessarily contain sections for all interfaces with active
# SQM instances, so use the ACTIVE_STATE_FILES to detect the interfaces on which to stop SQM.
# Currently the .qos scripts start with stopping any existing traffic shaping so this should not
# effectively change anything...
PROTO_STATE_FILE_LIST=$( ls ${ACTIVE_STATE_FILE_DIR}/${ACTIVE_STATE_PREFIX}* 2> /dev/null )
for STATE_FILE in ${PROTO_STATE_FILE_LIST} ; do
if [ -f ${STATE_FILE} ] ;
then
STATE_FILE_BASE_NAME=$( basename ${STATE_FILE} )
CURRENT_INTERFACE=${STATE_FILE_BASE_NAME:${#ACTIVE_STATE_PREFIX}:$(( ${#STATE_FILE_BASE_NAME} - ${#ACTIVE_STATE_PREFIX} ))}
logger -t SQM -s "Stopping SQM on interface: ${CURRENT_INTERFACE}"
/usr/lib/sqm/stop.sh ${CURRENT_INTERFACE}
rm ${STATE_FILE} # well, we stop it so it is not running anymore and hence no active state file needed...
fi
done
config_load sqm
run_simple_qos() {
local section="$1"
export IFACE=$(config_get "$section" interface)
ACTIVE_STATE_FILE_FQN="${ACTIVE_STATE_FILE_DIR}/${ACTIVE_STATE_PREFIX}${IFACE}" # this marks interfaces as active with SQM
[ -f "${ACTIVE_STATE_FILE_FQN}" ] && logger -t SQM -s "Uh, oh, ${ACTIVE_STATE_FILE_FQN} should already be stopped." # Not supposed to happen
if [ $(config_get "$section" enabled) -ne 1 ];
then
if [ -f "${ACTIVE_STATE_FILE_FQN}" ];
then
# this should not be possible, delete after testing
local SECTION_STOP="stop" # it seems the user just de-selected enable, so stop the active SQM
else
logger -t SQM -s "SQM for interface ${IFACE} is not enabled, skipping over..."
return 0 # since SQM is not active on the current interface nothing to do here
fi
fi
export UPLINK=$(config_get "$section" upload)
export DOWNLINK=$(config_get "$section" download)
export LLAM=$(config_get "$section" linklayer_adaptation_mechanism)
export LINKLAYER=$(config_get "$section" linklayer)
export OVERHEAD=$(config_get "$section" overhead)
export STAB_MTU=$(config_get "$section" tcMTU)
export STAB_TSIZE=$(config_get "$section" tcTSIZE)
export STAB_MPU=$(config_get "$section" tcMPU)
export ILIMIT=$(config_get "$section" ilimit)
export ELIMIT=$(config_get "$section" elimit)
export ITARGET=$(config_get "$section" itarget)
export ETARGET=$(config_get "$section" etarget)
export IECN=$(config_get "$section" ingress_ecn)
export EECN=$(config_get "$section" egress_ecn)
export IQDISC_OPTS=$(config_get "$section" iqdisc_opts)
export EQDISC_OPTS=$(config_get "$section" eqdisc_opts)
export TARGET=$(config_get "$section" target)
export SQUASH_DSCP=$(config_get "$section" squash_dscp)
export SQUASH_INGRESS=$(config_get "$section" squash_ingress)
export QDISC=$(config_get "$section" qdisc)
export SCRIPT=/usr/lib/sqm/$(config_get "$section" script)
# # there should be nothing left to stop, so just avoid calling the script
if [ "$STOP" == "stop" -o "$SECTION_STOP" == "stop" ];
then
# /usr/lib/sqm/stop.sh
# [ -f ${ACTIVE_STATE_FILE_FQN} ] && rm ${ACTIVE_STATE_FILE_FQN} # conditional to avoid errors ACTIVE_STATE_FILE_FQN does not exist anymore
# $(config_set "$section" enabled 0) # this does not save to the config file only to the loaded memory representation
# logger -t SQM -s "SQM qdiscs on ${IFACE} removed"
return 0
fi
logger -t SQM -s "Queue Setup Script: ${SCRIPT}"
[ -x "$SCRIPT" ] && { $SCRIPT ; touch ${ACTIVE_STATE_FILE_FQN}; }
}
config_foreach run_simple_qos

212
net/sqm-scripts/files/usr/lib/sqm/simple.qos Executable file
View file

@ -0,0 +1,212 @@
#!/bin/sh
# Cero3 Shaper
# A 3 bin tc_codel and ipv6 enabled shaping script for
# ethernet gateways
# Copyright (C) 2012 Michael D Taht
# GPLv2
# Compared to the complexity that debloat had become
# this cleanly shows a means of going from diffserv marking
# to prioritization using the current tools (ip(6)tables
# and tc. I note that the complexity of debloat exists for
# a reason, and it is expected that script is run first
# to setup various other parameters such as BQL and ethtool.
# (And that the debloat script has setup the other interfaces)
# You need to jiggle these parameters. Note limits are tuned towards a <10Mbit uplink <60Mbup down
. /usr/lib/sqm/functions.sh
ipt_setup() {
ipt -t mangle -N QOS_MARK_${IFACE}
ipt -t mangle -A QOS_MARK_${IFACE} -j MARK --set-mark 0x2
# You can go further with classification but...
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS1 -j MARK --set-mark 0x3
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS6 -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class EF -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class AF42 -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m tos --tos Minimize-Delay -j MARK --set-mark 0x1
# and it might be a good idea to do it for udp tunnels too
# Turn it on. Preserve classification if already performed
if [ "$SQUASH_DSCP" = "1" ]
then
sqm_logger "Squashing differentiad services code points (DSCP) from ingress."
ipt -t mangle -I PREROUTING -i $IFACE -m dscp ! --dscp 0 -j DSCP --set-dscp-class be
else
sqm_logger "Keeping differentiad services code points (DSCP) from ingress."
ipt -t mangle -A PREROUTING -i $IFACE -m mark --mark 0x00 -g QOS_MARK_${IFACE}
fi
ipt -t mangle -A POSTROUTING -o $IFACE -m mark --mark 0x00 -g QOS_MARK_${IFACE}
# The Syn optimization was nice but fq_codel does it for us
# ipt -t mangle -A PREROUTING -i s+ -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x01
# Not sure if this will work. Encapsulation is a problem period
ipt -t mangle -I PREROUTING -i vtun+ -p tcp -j MARK --set-mark 0x2 # tcp tunnels need ordering
# Emanating from router, do a little more optimization
# but don't bother with it too much.
ipt -t mangle -A OUTPUT -p udp -m multiport --ports 123,53 -j DSCP --set-dscp-class AF42
#Not clear if the second line is needed
#ipt -t mangle -A OUTPUT -o $IFACE -g QOS_MARK_${IFACE}
}
# TC rules
egress() {
CEIL=${UPLINK}
PRIO_RATE=`expr $CEIL / 3` # Ceiling for prioirty
BE_RATE=`expr $CEIL / 6` # Min for best effort
BK_RATE=`expr $CEIL / 6` # Min for background
BE_CEIL=`expr $CEIL - 16` # A little slop at the top
LQ="quantum `get_mtu $IFACE $CEIL`"
$TC qdisc del dev $IFACE root 2> /dev/null
$TC qdisc add dev $IFACE root handle 1: `get_stab_string` htb default 12
$TC class add dev $IFACE parent 1: classid 1:1 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:10 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit prio 0 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:11 htb $LQ rate 128kbit ceil ${PRIO_RATE}kbit prio 1 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:12 htb $LQ rate ${BE_RATE}kbit ceil ${BE_CEIL}kbit prio 2 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:13 htb $LQ rate ${BK_RATE}kbit ceil ${BE_CEIL}kbit prio 3 `get_htb_adsll_string`
$TC qdisc add dev $IFACE parent 1:11 handle 110: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${PRIO_RATE}` ${EQDISC_OPTS}
$TC qdisc add dev $IFACE parent 1:12 handle 120: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${BE_RATE}` ${EQDISC_OPTS}
$TC qdisc add dev $IFACE parent 1:13 handle 130: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${EQDISC_OPTS}
# Need a catchall rule
$TC filter add dev $IFACE parent 1:0 protocol all prio 999 u32 \
match ip protocol 0 0x00 flowid 1:12
# FIXME should probably change the filter here to do pre-nat
$TC filter add dev $IFACE parent 1:0 protocol ip prio 1 handle 1 fw classid 1:11
$TC filter add dev $IFACE parent 1:0 protocol ip prio 2 handle 2 fw classid 1:12
$TC filter add dev $IFACE parent 1:0 protocol ip prio 3 handle 3 fw classid 1:13
# ipv6 support. Note that the handle indicates the fw mark bucket that is looked for
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 4 handle 1 fw classid 1:11
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 5 handle 2 fw classid 1:12
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 6 handle 3 fw classid 1:13
# Arp traffic
$TC filter add dev $IFACE parent 1:0 protocol arp prio 7 handle 1 fw classid 1:11
# ICMP traffic - Don't impress your friends. Deoptimize to manage ping floods
# better instead
$TC filter add dev $IFACE parent 1:0 protocol ip prio 8 \
u32 match ip protocol 1 0xff flowid 1:13
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 9 \
u32 match ip protocol 1 0xff flowid 1:13
#diffserv $IFACE
}
ingress() {
CEIL=$DOWNLINK
PRIO_RATE=`expr $CEIL / 3` # Ceiling for prioirty
BE_RATE=`expr $CEIL / 6` # Min for best effort
BK_RATE=`expr $CEIL / 6` # Min for background
BE_CEIL=`expr $CEIL - 16` # A little slop at the top
LQ="quantum `get_mtu $IFACE $CEIL`"
$TC qdisc del dev $IFACE handle ffff: ingress 2> /dev/null
$TC qdisc add dev $IFACE handle ffff: ingress
$TC qdisc del dev $DEV root 2> /dev/null
if [ "$SQUASH_INGRESS" = "1" ]
then
sqm_logger "Do not perform DSCP based filtering on ingress. (1-tier classification)"
# Revert to no dscp based filtering
$TC qdisc del dev $DEV root 2>/dev/null
$TC qdisc add dev $DEV root handle 1: `get_stab_string` htb default 10
$TC class add dev $DEV parent 1: classid 1:1 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:10 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit prio 0 `get_htb_adsll_string`
$TC qdisc add dev $DEV parent 1:10 handle 110: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_flows ${DOWNLINK}` ${IQDISC_OPTS}
else
sqm_logger "Perform DSCP based filtering on ingress. (3-tier classification)"
$TC qdisc add dev $DEV root handle 1: `get_stab_string` htb default 12
$TC class add dev $DEV parent 1: classid 1:1 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:10 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit prio 0 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:11 htb $LQ rate 32kbit ceil ${PRIO_RATE}kbit prio 1 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:12 htb $LQ rate ${BE_RATE}kbit ceil ${BE_CEIL}kbit prio 2 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:13 htb $LQ rate ${BK_RATE}kbit ceil ${BE_CEIL}kbit prio 3 `get_htb_adsll_string`
# I'd prefer to use a pre-nat filter but that causes permutation...
$TC qdisc add dev $DEV parent 1:11 handle 110: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 500` `get_flows ${PRIO_RATE}` ${IQDISC_OPTS}
$TC qdisc add dev $DEV parent 1:12 handle 120: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 1500` `get_flows ${BE_RATE}` ${IQDISC_OPTS}
$TC qdisc add dev $DEV parent 1:13 handle 130: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${IQDISC_OPTS}
diffserv $DEV
fi
ifconfig $DEV up
# redirect all IP packets arriving in $IFACE to ifb0
$TC filter add dev $IFACE parent ffff: protocol all prio 10 u32 \
match u32 0 0 flowid 1:1 action mirred egress redirect dev $DEV
}
do_modules
ipt_setup
if [ "$UPLINK" -ne 0 ];
then
egress
sqm_logger "egress shaping activated"
else
sqm_logger "egress shaping deactivated"
tc qdisc del dev $IFACE root 2> /dev/null
fi
if [ "$DOWNLINK" -ne 0 ];
then
ingress
sqm_logger "ingress shaping activated"
else
sqm_logger "ingress shaping deactivated"
tc qdisc del dev $DEV root 2> /dev/null
tc qdisc del dev $IFACE ingress 2> /dev/null
fi
# References:
# This alternate shaper attempts to go for 1/u performance in a clever way
# http://git.coverfire.com/?p=linux-qos-scripts.git;a=blob;f=src-3tos.sh;hb=HEAD
# Comments
# This does the right thing with ipv6 traffic.
# It also tries to leverage diffserv to some sane extent. In particular,
# the 'priority' queue is limited to 33% of the total, so EF, and IMM traffic
# cannot starve other types. The rfc suggested 30%. 30% is probably
# a lot in today's world.
# Flaws
# Many!

1
net/sqm-scripts/files/usr/lib/sqm/simple.qos.help Normal file
View file

@ -0,0 +1 @@
BW-limited three-tier prioritisation scheme with fq_codel on each queue. (default)

387
net/sqm-scripts/files/usr/lib/sqm/simple_pppoe.qos Executable file
View file

@ -0,0 +1,387 @@
#!/bin/sh
# Cero3 Shaper
# A 3 bin tc_codel and ipv6 enabled shaping script for
# ethernet gateways
# Copyright (C) 2012 Michael D Taht
# GPLv2
# Compared to the complexity that debloat had become
# this cleanly shows a means of going from diffserv marking
# to prioritization using the current tools (ip(6)tables
# and tc. I note that the complexity of debloat exists for
# a reason, and it is expected that script is run first
# to setup various other parameters such as BQL and ethtool.
# (And that the debloat script has setup the other interfaces)
# You need to jiggle these parameters. Note limits are tuned towards a <10Mbit uplink <60Mbup down
. /usr/lib/sqm/functions.sh
ipt_setup() {
ipt -t mangle -N QOS_MARK_${IFACE}
ipt -t mangle -A QOS_MARK_${IFACE} -j MARK --set-mark 0x2
# You can go further with classification but...
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS1 -j MARK --set-mark 0x3
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS6 -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class EF -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class AF42 -j MARK --set-mark 0x1
ipt -t mangle -A QOS_MARK_${IFACE} -m tos --tos Minimize-Delay -j MARK --set-mark 0x1
# and it might be a good idea to do it for udp tunnels too
# Turn it on. Preserve classification if already performed
if [ "$SQUASH_DSCP" = "1" ]
then
sqm_logger "Squashing differentiad services code points (DSCP) from ingress."
ipt -t mangle -I PREROUTING -i $IFACE -m dscp ! --dscp 0 -j DSCP --set-dscp-class be
else
sqm_logger "Keeping differentiad services code points (DSCP) from ingress."
ipt -t mangle -A PREROUTING -i $IFACE -m mark --mark 0x00 -g QOS_MARK_${IFACE}
fi
ipt -t mangle -A POSTROUTING -o $IFACE -m mark --mark 0x00 -g QOS_MARK_${IFACE}
# The Syn optimization was nice but fq_codel does it for us
# ipt -t mangle -A PREROUTING -i s+ -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x01
# Not sure if this will work. Encapsulation is a problem period
ipt -t mangle -I PREROUTING -i vtun+ -p tcp -j MARK --set-mark 0x2 # tcp tunnels need ordering
# Emanating from router, do a little more optimization
# but don't bother with it too much.
ipt -t mangle -A OUTPUT -p udp -m multiport --ports 123,53 -j DSCP --set-dscp-class AF42
#Not clear if the second line is needed
#ipt -t mangle -A OUTPUT -o $IFACE -g QOS_MARK_${IFACE}
}
# TC rules
egress() {
CEIL=${UPLINK}
PRIO_RATE=`expr $CEIL / 3` # Ceiling for prioirty
BE_RATE=`expr $CEIL / 6` # Min for best effort
BK_RATE=`expr $CEIL / 6` # Min for background
BE_CEIL=`expr $CEIL - 16` # A little slop at the top
LQ="quantum `get_mtu $IFACE $CEIL`"
$TC qdisc del dev $IFACE root 2> /dev/null
$TC qdisc add dev $IFACE root handle 1: `get_stab_string` htb default 12
$TC class add dev $IFACE parent 1: classid 1:1 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:10 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit prio 0 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:11 htb $LQ rate 128kbit ceil ${PRIO_RATE}kbit prio 1 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:12 htb $LQ rate ${BE_RATE}kbit ceil ${BE_CEIL}kbit prio 2 `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:13 htb $LQ rate ${BK_RATE}kbit ceil ${BE_CEIL}kbit prio 3 `get_htb_adsll_string`
$TC qdisc add dev $IFACE parent 1:11 handle 110: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${PRIO_RATE}` ${EQDISC_OPTS}
$TC qdisc add dev $IFACE parent 1:12 handle 120: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${BE_RATE}` ${EQDISC_OPTS}
$TC qdisc add dev $IFACE parent 1:13 handle 130: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${EQDISC_OPTS}
#sm: for testing we need a band to collect PPPOEd packets
$TC class add dev $IFACE parent 1:1 classid 1:14 htb $LQ rate ${BE_RATE}kbit ceil ${BE_CEIL}kbit prio 2 `get_htb_adsll_string`
$TC qdisc add dev $IFACE parent 1:14 handle 140: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${EQDISC_OPTS}
# Need a catchall rule (should also match VLANs and PPPoE packets)
$TC filter add dev $IFACE parent 1:0 protocol all prio 999 u32 \
match ip protocol 0 0x00 flowid 1:12
# FIXME should probably change the filter here to do pre-nat
$TC filter add dev $IFACE parent 1:0 protocol ip prio 1 handle 1 fw classid 1:11
$TC filter add dev $IFACE parent 1:0 protocol ip prio 2 handle 2 fw classid 1:12
$TC filter add dev $IFACE parent 1:0 protocol ip prio 3 handle 3 fw classid 1:13
# ipv6 support. Note that the handle indicates the fw mark bucket that is looked for
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 4 handle 1 fw classid 1:11
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 5 handle 2 fw classid 1:12
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 6 handle 3 fw classid 1:13
# Arp traffic
$TC filter add dev $IFACE parent 1:0 protocol arp prio 7 handle 1 fw classid 1:11
# ICMP traffic - Don't impress your friends. Deoptimize to manage ping floods
# better instead
$TC filter add dev $IFACE parent 1:0 protocol ip prio 8 \
u32 match ip protocol 1 0xff flowid 1:13
$TC filter add dev $IFACE parent 1:0 protocol ipv6 prio 9 \
u32 match ip protocol 1 0xff flowid 1:13
# PPPoE encapsulated packets traversing the router (e.g.: the router does PPPoE termination but we shape
# on the underlaying ethernet interface instead of the pppoe device)
PPPOE_SESSION_ETHERTYPE="0x8864"
PPPOE_DISCOVERY_ETHERTYPE="0x8863"
PPP_PROTO_IP4="0x0021"
PPP_PROTO_IP6="0x0057"
ARP_PROTO_IP4="0x0806"
# NOTE it seems prio can not be reused?
#$TC filter add dev $IFACE protocol 0x8863 parent 1:0 prio 1 u32 flowid 1:14
# PPPoE can be selected for by ether_type, the encapsulated IP version from the PPP (0x0021 IPv4, 0x0057 IPv6)
#U32_PREFIX="$TC filter add dev $IFACE" parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE}"
#BE: 1:12 is the default anyway, but this will catch all non marked packets
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 400 u32 \
# match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
# match u8 0x00 0xfb at 9 \
# flowid 1:12
#AF42
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 401 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0x90 0xfc at 9 \
flowid 1:11
#EF
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 402 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0xb8 0xfc at 9 \
flowid 1:11
#CS1
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 403 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0x20 0xf0 at 9 \
flowid 1:13
#IMM
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 404 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0x10 0xf0 at 9 \
flowid 1:11
#CS3
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 405 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0xc0 0xf0 at 9 \
flowid 1:11
#CS6
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 406 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0xe0 0xf0 at 9 \
flowid 1:11
## Arp traffic
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 409 u32 \
# match u16 ${ARP_PROTO_IP4} 0xffff at 6 \
# flowid 1:14
# ICMP traffic - Don't impress your friends. Deoptimize to manage ping floods
# better instead; sm: really only deprio echo requestst and echo replies instead?
# ECHO request, the rest stays in best effort
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 410 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0x01 0xff at 17 \
match u8 0x08 0xff at 28 \
flowid 1:13
# ECHO reply
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 410 u32 \
match u16 ${PPP_PROTO_IP4} 0xffff at 6 \
match u8 0x01 0xff at 17 \
match u8 0x00 0xff at 28 \
flowid 1:13
## ICMPv6 133-137 (NDP) is equivalent to IPv4 ARP, so only push echo request and reply into the bulk class
## 133
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u8 0x85 0xff at 48 \
# match u8 0x3a 0xff at 14 \
# flowid 1:14
## 134
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u8 0x86 0xff at 48 \
# match u8 0x3a 0xff at 14 \
# flowid 1:14
## 135
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u8 0x87 0xff at 48 \
# match u8 0x3a 0xff at 14 \
# flowid 1:14
## 136
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u8 0x88 0xff at 48 \
# match u8 0x3a 0xff at 14 \
# flowid 1:14
## 137
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u8 0x89 0xff at 48 \
# match u8 0x3a 0xff at 14 \
# flowid 1:14
# ICMPv6 echo request
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u8 0x3a 0xff at 14 \
match u8 0x80 0xff at 48 \
flowid 1:13
# ICMPv6 echo reply
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 610 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u8 0x3a 0xff at 14 \
match u8 0x81 0xff at 48 \
flowid 1:13
#IPV6
#BE: careful, will override ICMP
#$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 600 u32 \
# match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
# match u16 0x0000 0x0fb0 at 8 \
# flowid 1:12
#AF42
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 601 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0900 0x0fc0 at 8 \
flowid 1:11
#EF
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 602 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0b80 0x0fc0 at 8 \
flowid 1:11
#CS1
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 603 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0200 0x0fc0 at 8 \
flowid 1:13
#IMM
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 604 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0100 0x0fc0 at 8 \
flowid 1:11
#CS3
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 605 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0c00 0x0fc0 at 8 \
flowid 1:11
#CS6
$TC filter add dev $IFACE parent 1:0 protocol ${PPPOE_SESSION_ETHERTYPE} prio 606 u32 \
match u16 ${PPP_PROTO_IP6} 0xffff at 6 \
match u16 0x0e00 0x0fc0 at 8 \
flowid 1:11
#diffserv $IFACE
}
ingress() {
CEIL=$DOWNLINK
PRIO_RATE=`expr $CEIL / 3` # Ceiling for prioirty
BE_RATE=`expr $CEIL / 6` # Min for best effort
BK_RATE=`expr $CEIL / 6` # Min for background
BE_CEIL=`expr $CEIL - 16` # A little slop at the top
LQ="quantum `get_mtu $IFACE $CEIL`"
$TC qdisc del dev $IFACE handle ffff: ingress 2> /dev/null
$TC qdisc add dev $IFACE handle ffff: ingress
$TC qdisc del dev $DEV root 2> /dev/null
if [ "$SQUASH_INGRESS" = "1" ]
then
sqm_logger "Do not perform DSCP based filtering on ingress. (1-tier classification)"
# Revert to no dscp based filtering
$TC qdisc del dev $DEV root 2>/dev/null
$TC qdisc add dev $DEV root handle 1: `get_stab_string` htb default 10
$TC class add dev $DEV parent 1: classid 1:1 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:10 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit prio 0 `get_htb_adsll_string`
$TC qdisc add dev $DEV parent 1:10 handle 110: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_flows ${DOWNLINK}` ${IQDISC_OPTS}
else
sqm_logger "Perform DSCP based filtering on ingress. (3-tier classification)"
$TC qdisc add dev $DEV root handle 1: `get_stab_string` htb default 12
$TC class add dev $DEV parent 1: classid 1:1 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:10 htb $LQ rate ${CEIL}kbit ceil ${CEIL}kbit prio 0 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:11 htb $LQ rate 32kbit ceil ${PRIO_RATE}kbit prio 1 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:12 htb $LQ rate ${BE_RATE}kbit ceil ${BE_CEIL}kbit prio 2 `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:13 htb $LQ rate ${BK_RATE}kbit ceil ${BE_CEIL}kbit prio 3 `get_htb_adsll_string`
# I'd prefer to use a pre-nat filter but that causes permutation...
$TC qdisc add dev $DEV parent 1:11 handle 110: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 500` `get_flows ${PRIO_RATE}` ${IQDISC_OPTS}
$TC qdisc add dev $DEV parent 1:12 handle 120: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 1500` `get_flows ${BE_RATE}` ${IQDISC_OPTS}
$TC qdisc add dev $DEV parent 1:13 handle 130: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${IQDISC_OPTS}
#sm: for PPPoE packet testing
$TC class add dev $DEV parent 1:1 classid 1:14 htb $LQ rate ${BK_RATE}kbit ceil ${BE_CEIL}kbit prio 3 `get_htb_adsll_string`
$TC qdisc add dev $DEV parent 1:14 handle 140: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_quantum 300` `get_flows ${BK_RATE}` ${IQDISC_OPTS}
#diffserv $DEV
diffserv_pppoe $DEV
fi
ifconfig $DEV up
# redirect all IP packets arriving in $IFACE to ifb0
$TC filter add dev $IFACE parent ffff: protocol all prio 10 u32 \
match u32 0 0 flowid 1:1 action mirred egress redirect dev $DEV
}
do_modules
ipt_setup
if [ "$UPLINK" -ne 0 ];
then
egress
sqm_logger "egress shaping activated"
else
sqm_logger "egress shaping deactivated"
tc qdisc del dev $IFACE root 2> /dev/null
fi
if [ "$DOWNLINK" -ne 0 ];
then
ingress
sqm_logger "ingress shaping activated"
else
sqm_logger "ingress shaping deactivated"
tc qdisc del dev $DEV root 2> /dev/null
tc qdisc del dev $IFACE ingress 2> /dev/null
fi
# References:
# This alternate shaper attempts to go for 1/u performance in a clever way
# http://git.coverfire.com/?p=linux-qos-scripts.git;a=blob;f=src-3tos.sh;hb=HEAD
# Comments
# This does the right thing with ipv6 traffic.
# It also tries to leverage diffserv to some sane extent. In particular,
# the 'priority' queue is limited to 33% of the total, so EF, and IMM traffic
# cannot starve other types. The rfc suggested 30%. 30% is probably
# a lot in today's world.
# Flaws
# Many!

2
net/sqm-scripts/files/usr/lib/sqm/simple_pppoe.qos.help Normal file
View file

@ -0,0 +1,2 @@
BW-limited three-tier prioritisation scheme with fq_codel on each queue. Temporary version to implement shaping
of pass through PPPOE encapsulated packets.

81
net/sqm-scripts/files/usr/lib/sqm/simplest.qos Executable file
View file

@ -0,0 +1,81 @@
#!/bin/sh
# Cero3 Simple Shaper
# A 1 bin tc_codel and ipv6 enabled shaping script for
# ethernet gateways. This is nearly the simplest possible
# Copyright (C) 2013 Michael D Taht
# GPLv2
. /usr/lib/sqm/functions.sh
sqm_logger "Starting simplest.qos"
egress() {
LQ="quantum `get_mtu $IFACE ${UPLINK}`"
$TC qdisc del dev $IFACE root 2>/dev/null
$TC qdisc add dev $IFACE root handle 1: `get_stab_string` htb default 10
$TC class add dev $IFACE parent 1: classid 1:1 htb $LQ rate ${UPLINK}kbit ceil ${UPLINK}kbit `get_htb_adsll_string`
$TC class add dev $IFACE parent 1:1 classid 1:10 htb $LQ rate ${UPLINK}kbit ceil ${UPLINK}kbit prio 0 `get_htb_adsll_string`
$TC qdisc add dev $IFACE parent 1:10 handle 110: $QDISC `get_limit ${ELIMIT}` `get_target "${ETARGET}" ${UPLINK}` `get_ecn ${EECN}` `get_flows ${UPLINK}` ${EQDISC_OPTS}
}
ingress() {
sqm_logger "ingress"
$TC qdisc del dev $IFACE handle ffff: ingress 2>/dev/null
$TC qdisc add dev $IFACE handle ffff: ingress
LQ="quantum `get_mtu $IFACE ${DOWNLINK}`"
$TC qdisc del dev $DEV root 2>/dev/null
$TC qdisc add dev $DEV root handle 1: `get_stab_string` htb default 10
$TC class add dev $DEV parent 1: classid 1:1 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit `get_htb_adsll_string`
$TC class add dev $DEV parent 1:1 classid 1:10 htb $LQ rate ${DOWNLINK}kbit ceil ${DOWNLINK}kbit prio 0 `get_htb_adsll_string`
# FIXME: I'd prefer to use a pre-nat filter but we need to detect if nat is on this interface
# AND we need to permute by a random number which we can't do from userspace filters
# Most high rate flows are REALLY close. This stomps on those harder, but hurts on high rate long distance
#$TC qdisc add dev $DEV parent 1:10 handle 110: $QDISC limit $LIMIT $ECN interval 20ms target 3ms `get_flows ${DOWNLINK}`
$TC qdisc add dev $DEV parent 1:10 handle 110: $QDISC `get_limit ${ILIMIT}` `get_target "${ITARGET}" ${DOWNLINK}` `get_ecn ${IECN}` `get_flows ${DOWNLINK}` ${IQDISC_OPTS}
ifconfig $DEV up
# redirect all IP packets arriving in $IFACE to ifb0
$TC filter add dev $IFACE parent ffff: protocol all prio 10 u32 \
match u32 0 0 flowid 1:1 action mirred egress redirect dev $DEV
}
do_modules
if [ "$UPLINK" -ne 0 ];
then
egress
sqm_logger "egress shaping activated"
else
sqm_logger "egress shaping deactivated"
tc qdisc del dev $IFACE root 2> /dev/null
fi
if [ "$DOWNLINK" -ne 0 ];
then
ingress
sqm_logger "ingress shaping activated"
else
sqm_logger "ingress shaping deactivated"
tc qdisc del dev $DEV root 2> /dev/null
tc qdisc del dev $IFACE ingress 2> /dev/null
fi
# References:
# This alternate shaper attempts to go for 1/u performance in a clever way
# http://git.coverfire.com/?p=linux-qos-scripts.git;a=blob;f=src-3tos.sh;hb=HEAD
# Comments
# This does the right thing with ipv6 traffic.
# Flaws
# Many!

1
net/sqm-scripts/files/usr/lib/sqm/simplest.qos.help Normal file
View file

@ -0,0 +1 @@
Simplest possible configuration: HTB rate limiter with your qdisc attached.

35
net/sqm-scripts/files/usr/lib/sqm/stop.sh Executable file
View file

@ -0,0 +1,35 @@
#!/bin/sh
. /usr/lib/sqm/functions.sh
# allow passing in the IFACE as first command line argument
[ ! -z ${1} ] && IFACE=${1}
sqm_logger "${0} Stopping ${IFACE}"
# make sure to only delete the ifb associated with the current interface
CUR_IFB=$( get_ifb_associated_with_if ${IFACE} )
sqm_stop() {
tc qdisc del dev $IFACE ingress 2> /dev/null
tc qdisc del dev $IFACE root 2> /dev/null
[ ! -z "$CUR_IFB" ] && tc qdisc del dev $CUR_IFB root 2> /dev/null
[ ! -z "$CUR_IFB" ] && sqm_logger "${CUR_IFB} shaper deleted"
}
ipt_stop() {
[ ! -z "$CUR_IFB" ] && ipt -t mangle -D POSTROUTING -o $CUR_IFB -m mark --mark 0x00 -g QOS_MARK_${IFACE}
ipt -t mangle -D POSTROUTING -o $IFACE -m mark --mark 0x00 -g QOS_MARK_${IFACE}
ipt -t mangle -D PREROUTING -i vtun+ -p tcp -j MARK --set-mark 0x2
ipt -t mangle -D OUTPUT -p udp -m multiport --ports 123,53 -j DSCP --set-dscp-class AF42
ipt -t mangle -F QOS_MARK_${IFACE}
ipt -t mangle -X QOS_MARK_${IFACE}
}
sqm_stop
ipt_stop
[ ! -z "$CUR_IFB" ] && ifconfig ${CUR_IFB} down
[ ! -z "$CUR_IFB" ] && ip link delete ${CUR_IFB} type ifb
[ ! -z "$CUR_IFB" ] && sqm_logger "${CUR_IFB} interface deleted"
exit 0