Which mecanism is used?

dave08 · April 11, 2024, 3:37pm

Hello.
I set up 2 traffic policies, one for incoming traffic (type limit) and other for outgoing traffic (type shaper). This last one is based on ports and is working fine and I can see the result with “bmon” and traffic being classified accordingly. I can also see the classes that were created with “tc class dev show dev ethxx” .

My first policy should be even easier to set, but it is not working as supposed to:
I have something like this:
limiter Limit-Incoming {
class 50 {
bandwidth 60mbps
burst 15k
match Downloads {
ip {
destination {
}
source {
port 443
}
}
}
priority 20
}
default {
bandwidth 40mbps
burst 15k
}
}
People work with huge datasets at this lab, so although I have a solution for uploads from the lab, the downloads seem to consume all available bandwidth.
This rule doesn’t show up in “tc class dev…” neither iptables. Was it supposed to?
Any ideas please?

Apachez · April 11, 2024, 6:15pm

Is the down/up speed symmetric?

A common solution is to prioritize ACK’s so that the TCP congestion protocols can maximize the available bandwidth in both directions.

If the clients are linuxbased you can also change the congestion control to BBR and FQ_CODEL on them like so (through /etc/sysctl.conf):

net.core.default_qdisc=fq_codel
net.ipv4.tcp_congestion_control=bbr

dave08 · April 12, 2024, 8:28am

Thanks for the reply!
100Mbps full duplex only.
Clients are mixed windows and linux. On my vyos:
net.core.default_qdisc=fq_codel
net.ipv4.tcp_congestion_control=cubic
Does that make any difference? Also, How can I see the applied policy for this?
On the shaper traffic-policy I can read with " tc class show dev ethX"

Thanks

dave08 · April 12, 2024, 4:29pm

Working now.
mbit and not mbps (the switch is 100mbit per second (hence my mistake with mbps).
On a shaper traffic policy it was mbit and that made me think.

Nevertheless, I would like to be able to monitor in real time the application of this policy, as i do with “bmon” for my shaper policies. Ideas?
Thanks.

Apachez · April 12, 2024, 6:22pm

Mbit/s = Megabit per second.

Mbps = Megabit per second.

MB/s = Megabyte per second.

dave08 · April 15, 2024, 8:26am

Not really. I read the Traffic Policy — VyOS 1.3.x (equuleus) documentation

kbit (10^3) kilobit per second
mbit (10^6) megabit per second
gbit (10^9) gigabit per second
tbit (10^12) terabit per second

kbps (810^3) kilobyte per second
mbps (810^6) megabyte per second
gbps (810^9) gigabyte per second
tbps (810^12) terabyte per second

Originally I had my policy defined as bandwidth 60mbps, not 60 mbit as intended. Working now.

Apachez · April 25, 2024, 7:40pm

m is milli in the ISO-world, M is Mega.

So 1mbit/s means 1 millibit/s… which is way slower than 1 Mbit/s aka 1Mbps

dave08 · April 29, 2024, 8:30am

Hi. Yes, but the problem here was not related with capital “m”. It is the “mbit” vs “mbps” which I wrote in bold. Everything working now. Thanks anyway!