[QoS] Óñòàíîâêà è íàñòðîéêà nShaper

[as_lan]

Øåéïåð ïî÷åìó òî íå õî÷åò íîðìàëüíî ðàáîòàòü, êàíàë îòäàåò òîðåíòó õîòü è èäåò çàãðóçêà ñòðàíèöû

# * * * GLOBAL CONSTANTS * * *
# WAN_IF (ppp0) Internet connection interface name
WAN_IF=vlan1
# LAN _IF (br0) This interface includes ethernet and wifi
LAN_IF=br0

# All rates below are in kilobits (kbit)
# WAN port real rate (dsl or ppp download/upload)
WAN_DN_RATE=1000
WAN_UP_RATE=550

# Zone order represents their priority, decreasing from the first to the last
# "inet" zone means everything not matched with other zones
WAN_ZONES="inet piring"

# zone IP files search path
ZONE_PATH="$(dirname $0)/ip_%ZONE%.lst"

# !!! All rates need to be measured first !!!
# Set rate to value 5-10% less than measured, if real rate is less than rate
# in list below, the shaper will not work properly!
# I've got double speed for inet and cn zones at night between 1:00-8:00
if test `date +%H` -ge 1 -a `date +%H` -lt 8; then
WAN_ZONES_DN_RATE="590 490 "
WAN_ZONES_UP_RATE="490 400"
else
WAN_ZONES_DN_RATE=" 590 490"
WAN_ZONES_UP_RATE=" 490 400"
fi

# Shaper creates 5 bands for Internet traffic (see schemes below)
# Guarantee rate for each band is, in %-s:
RATES="20 20 40 10 10"


# Setup internet zones names here (for "nshaper status" command)
INET_NAMES="Crit Prio Web Other Lazy"

################################################## #########################
# Application/user filters setup #
################################################## #########################

# Usage: setrule [all] [proto tcp|udp|icmp] [short] [flag ack|syn|rst|...] \
# [afc 1-4] [afd 1-3] [dscp 0-63]\
# [lan|wan|both] [ip a.b.c.d/m] [port n] [prio u16] \
# queue 0-4
#
# list of parameters:
#
# all (keyword) - match everything (no filtering, move all to queue)
# proto - target proto (icmp/tcp/udp)
# short (keyword) - match only short packets (<64b length, =20b header)
# flag ack|syn|... - match tcp control flag. may be used multiple times
# afc 1-4 - match assured forward class (higher => lower latency)
# afd 1-3 - match assured forward drop prec (lower => lower drop)
# dscp 0-63 - match DiffServ codepoint
# lan/wan/both - assignes a place of matched target. default is {both}
# ip ip_addr/mask - target ip address
# port port - target port
# prio - sequence number for filter. auto incremented
# if omitted. default is {10}, 1 is reserved!
# queue 0-4 - assignes queue for the rule, lower is better
#
# Example: setrule wan port 80 lan ip 192.168.1.10 queue 1
# -- move http traffic to 192.168.1.10 to high priority queue
#
# Example: setrule wan ip 82.66.15.0/24 queue 3
# -- move all traffic from 82.66.15.0/24 net to low priority queue
#
# In rules you can use vars $WAN_IP, $LAN_IP & $LAN_MASK

rules() {
# set rules for time-critical queue (both users' and router's traffic)
setrule proto icmp prio 10 queue 0 # ICMP
setrule port 53 queue 0 # DNS
setrule short flag ack queue 0 # TCP ACK
setrule short flag syn queue 0 # TCP SYN
setrule short flag rst queue 0 # TCP RST


# extract users' traffic using destiation ip
LAN="$LAN_IP/$LAN_MASK"

# set rules for high-priority queue
setrule lan ip $LAN afc 4 queue 1 # assured forward GOLD class
# (af4x obsoletes TOS=10)
setrule lan ip $LAN wan port 554 queue 1 # MMS/RealMedia
setrule lan ip $LAN wan port 1755 queue 1 # MMS
setrule lan ip $LAN wan port 1935 queue 1 # RTMP/Flash
setrule lan ip $LAN wan port 5060 queue 1 # SIP

# set rules for middle-priority queue
setrule lan ip $LAN afc 3 queue 2 # assured forward SILVER class
setrule lan ip $LAN wan port 80 queue 2 # HTTP
setrule lan ip $LAN wan port 443 queue 2 # HTTPS
setrule lan ip $LAN wan port 5190 queue 2 # AIM

# set rules for low-prority queue
setrule lan ip $LAN queue 3 # all remaining users' traffic


# only router's traffic remains unfiltered here
setrule lan port 50022 queue 1 # router's SSH
setrule lan port 8081 queue 1 # router's WEB server

# move all other router's traffic (such as P2P) to lazy queue
setrule lan all queue 4 # all other traffic to router
}

[sadmin]

Äîáðûé äåíü âñåì.
Ïîñîâåòóéòå êòî çíàåò ïî ñëåäóþùåé ñèòóàöèè:
îáùàÿ øèðèíà êàíàëà 8160, òàðèô 3800 ñ íî÷íûì óäâîåíèåì, nshaper íàñòðîåí è ðàáîòàåò (îòäåëüíî - îãðîìíîå ñïàñèáî àâòîðó çà åãî òðóä),
åñòü ïèðèíãîâàÿ çîíà - íà íåå íåò îãðàíè÷åíèé.
Ñåé÷àñ íàñòðîåíî òàê

Code:

  
  WAN_ZONES_DN_RATE="7400 8159"
  WAN_ZONES_UP_RATE="660 220"
else
  WAN_ZONES_DN_RATE="3350 8159"
  WAN_ZONES_UP_RATE="400 200"

Ïîýòîìó êîãäà íà÷èíàåøü ðàáîòàòü â èíåòå è ñ ïèðèíãîâîé çîíû ÷òî òî ëüåòñÿ, íàïðèìåð òîððåíò, êàíàë íå îñâîáîæäàåòñÿ, à åñëè ïîñòàâèòü çíà÷åíèÿ äëÿ ïèðèíãîâîé çîíû ïîìåíüøå, òî íå ïîëó÷èòñÿ çàäåéñòâîâàòü ïîä íåå âåñü êàíàë.
À õî÷åòñÿ ñòðàííîãî:
ïîêà íèêòî â èíåòå íå ñèäèò, îòäàòü ïèðèíãîâîé çîíå âåñü êàíàë (8160), à êàê òîëüêî ÷òî-òî (êòî-òî) íà÷íåò ðàáîòàòü â èíåòå, çàáðàòü ïîëîñó â ñîîòâåñòâèè ñ íàñòðîéêàìè.

Âîçìîæíî ëè òàêîå?

[igor77777]

À õî÷åòñÿ ñòðàííîãî:
ïîêà íèêòî â èíåòå íå ñèäèò, îòäàòü ïèðèíãîâîé çîíå âåñü êàíàë (8160), à êàê òîëüêî ÷òî-òî (êòî-òî) íà÷íåò ðàáîòàòü â èíåòå, çàáðàòü ïîëîñó â ñîîòâåñòâèè ñ íàñòðîéêàìè.

Âîçìîæíî ëè òàêîå?

Íà ñòðàíèöå 17, ñ ýòîãî ñîîáùåíèÿ ìû îáñóæäàëè ñ íûíåøíèì ðàçðàáîò÷èêîì nshaper'a ïðîáëåìû øåéïèíãà ïèðèíãîâîãî òðàôèêà.

À åù¸, ìíå êàæåòñÿ åù¸ Nikus ïèñàë, ÷òî ïèðèíãîâûé òðàôèê äîëæåí ïîæèìàòüñÿ èíòåðíåòîâñêèì, à ÷òîáû ýòî ðàáîòàëî, íóæíî ïðàâèëüíî óêàçûâàòü ðåàëüíóþ øèðèíó êàíàëà, ïðè÷¸ì êàê ïîëíîãî, òàê èíòåðíåòîâñêîãî. Òî÷íåå, íóæíî óêàçûâàòü íà 5-10%% ìåíüøå ðåàëüíîé ïîëîñû.

PS: Íå æàäíè÷àéòå. Õîòèòå êîìôîðòíîãî ñåðôèíãà - 4-8 ìåãàáèò âïîëíå ìîãóò èõ îáåñïå÷èòü, òîëüêî çàäàéòå ëèìèòû íà 10% ìåíüøå ðåàëüíîé ñêîðîñòè êàíàëà..
Õîòèòå êà÷àòü áåç îãðàíè÷åíèé - îòêëþ÷àéòå øåéïåð íà íî÷ü. Òîãäà êà÷àëêà çàãðóçèò âàø êàíàë íà ïîëíóþ êàòóøêó.

PPS: Êñòàòè, îáùóþ øèðèíó êàíàëà íóæíî çàäàâàòü â WAN_DN_RATE=... è
WAN_UP_RATE=...
à â WAN_ZONES_DN_RATE=... è WAN_ZONES_UP_RATE=... óæå ïîäðåçàííóþ äëÿ êàæäîé çîíû.

[evgenych]

ïîäñêàæèòå êàêîå ïðàâèëî äîáàâèòü äëÿ IPTV UDP ïî ïîðòó 1234.

[tempik]

ïîäñêàæèòå êàêîå ïðàâèëî äîáàâèòü äëÿ IPTV UDP ïî ïîðòó 1234.

Ìîæåò âñå òàêè íàïèøåøü ïðîøèâêó è óñòðîéñòâî???

[evgenych]

Ïðîøó ïðîùåíèÿ. Asus WL-500GPv2, 1.9.2.7-d-r2624

[dansoftware]

Íà WAN-èíòåðôåéñå êîðîáî÷êè íà ïîðòó TCP 80 îòâå÷àåò Web-èíòåðôåéñ ruTorrent, à íà TCP 22 – ñîîòâåòñòâåííî SSH. Íåîáõîäèìî ýòèì ñåðâèñàì îáåñïå÷èòü ïðèîðèòåò, äàáû èìåòü ê íèì ñâîáîäíûé äîñòóï èç Internet. Êàê ïðàâèëüíî èäåíòèôèöèðîâàòü è îïðåäåëèòü â î÷åðåäü "Prio" òðàôèê, èäóùèé ê/îò Web è SSH íåïîñðåäñòâåííî ñàìîé êîðîáî÷êè, òàê, ÷òî áû ïîä ýòè ïðàâèëà íå ïîïàäàë âåñü Web è SSH èäóùèé èç LAN â Internet è â îáðàòíîì íàïðàâëåíèè?

Ñëåäóþùèõ ñòðîê äîñòàòî÷íî?

Code:

setrule lan proto tcp port 22 queue 1
setrule lan proto tcp port 80 queue 1

[partner]

Ïîäñêàæèòå ïîæàëóéñòà ñ íàñòðîéêàìè nshaper-à.
Ó ìåíÿ ïðîâàéäåð äàåò ñèììåòðè÷íûé êàíàë ïî "âèòîé ïàðå" ñ 10-00 äî 01-00 ÷àñîâ äî 7168 Êáèò/ñ., ñ 01-00 äî 10-00 äî 14336 Êáèò/ñ, àâòîðèçàöèÿ PPPoE.
1.Ïðàâèëüíî ëè ÿ ïîíèìàþ, íóæíî ñäåëàòü óäâîåíèå,
äíåì
WAN_DN_RATE=7168
WAN_UP_RATE=7168
íî÷üþ
WAN_DN_RATE=14336
WAN_UP_RATE=14336
èëè âñåãäà
WAN_DN_RATE=100000
WAN_UP_RATE=100000
è ñêîðîñòü ðåãóëèðîâàòü
WAN_ZONES_DN_RATE=
WAN_ZONES_UP_RATE=
2.Åñëè â ï.1 ìåíÿåì ñêîðîñòü íà äíåâíóþ è íî÷íóþ, òî ìîæíî ëè ñäåëàòü òàê êàê ñ
WAN_ZONES_DN_RATE=
WAN_ZONES_UP_RATE=
3.×òî çíà÷èò ñòðîêà
# I've got double speed for inet and cn zones at night between 1:00-8:00
if [ `date +%H` -ge 0 -a `date +%H` -lt 8 ]; then
âðîäå áû íàïèñàíî íî÷üþ ñ 1:00 äî 8:00, à ñòîèò -ge 0
4.Äëÿ ïåðåêëþ÷åíèÿ äåíü-íî÷ü â cron-å ÷òî-íèòü ïèñàòü íàäî?

[SerGri]

Ïîäñêàæèòå ïîæàëóéñòà ñ íàñòðîéêàìè nshaper-à.
Ó ìåíÿ ïðîâàéäåð äàåò ñèììåòðè÷íûé êàíàë ïî "âèòîé ïàðå" ñ 10-00 äî 01-00 ÷àñîâ äî 7168 Êáèò/ñ., ñ 01-00 äî 10-00 äî 14336 Êáèò/ñ, àâòîðèçàöèÿ PPPoE.
1.Ïðàâèëüíî ëè ÿ ïîíèìàþ......
2.Åñëè â ï.1 ìåíÿåì ñêîðîñòü íà äíåâíóþ è íî÷íóþ, òî ìîæíî ëè.....

Äëÿ Âàøåãî ñëó÷àÿ (îòâåò íà âîïðîñû 1,2):

Code:

#                      * * * GLOBAL CONSTANTS * * *
# WAN_IF (ppp0 or vlan1) Internet connection interface name
WAN_IF=ppp0
# LAN _IF (br0) This interface includes ethernet and wifi
LAN_IF=br0

# All rates below are in kilobits (kbit)
# WAN port real rate (dsl or ppp download/upload)
WAN_DN_RATE=14336
WAN_UP_RATE=14336

# Zone order represents their priority, decreasing from the first to the last
# "inet" zone means everything not matched with other zones
WAN_ZONES="inet"

# !!! All rates need to be measured first !!!
# Set rate to value 5-10% less than measured, if real rate is less than rate
# in list below, the shaper will not work properly!
if test `date +%H` -ge 1 -a `date +%H` -lt 10; then
  echo "Using Night UNLIM mode!"
  logger "==== nShaper work in Night UNLIM mode ===="
  WAN_ZONES_DN_RATE="13600" # download <= 14336
  WAN_ZONES_UP_RATE="13600" # upload <= 14336
else
  echo "Using Day BALLANCE mode!"
  logger "==== nShaper work in Day BALLANCE mode ===="
  WAN_ZONES_DN_RATE="7000" # download <= 7168
  WAN_ZONES_UP_RATE="7000" # upload <= 7168
fi
....

3.×òî çíà÷èò ñòðîêà
# I've got double speed for inet and cn zones at night between 1:00-8:00
if [ `date +%H` -ge 0 -a `date +%H` -lt 8 ]; then
âðîäå áû íàïèñàíî íî÷üþ ñ 1:00 äî 8:00, à ñòîèò -ge 0

Îøèáî÷íîå îïèñàíèå.
Ïðè äàííûõ óñëîâèÿõ ñêðèïò áóäåò ðàáîòàòü â íî÷íîì ðåæèìå ñ 00:00 äî 08:00

4.Äëÿ ïåðåêëþ÷åíèÿ äåíü-íî÷ü â cron-å ÷òî-íèòü ïèñàòü íàäî?

Äà íàäî. Íàäåþñü, êðîí ó Âàñ íàñòðîåí.
Ñîçäàéòå ôàéë /opt/etc/cron.hourly/nShaper_restart.sh ñî ñëåäóþùèì ñîäåðæèìûì::

Code:

#!/bin/sh
#
#
#Äíåâíîé ðåæèì - äëèòñÿ ñ  9:00  äî 00:00.
#Íî÷íîé ðåæèì  - äëèòñÿ ñ 00:00  äî  9:00.
#
# äíåâíîì ðåæèìå øåéïåð âêëþ÷¸í âñåãäà.
#
#Çàäà¸ì çíà÷åíèå ïåðåêëþ÷àòåëÿ íî÷íîãî ðåæèìà n_sw:
#on  - íî÷üþ (c 00:00 äî 9:00) øåéïåð âêëþ÷åí.
#of  - íî÷üþ (c 00:00 äî 9:00) øåéïåð îòêëþ÷åí.
#off - Âîîáùå íå ðåñòàðòîâàòü øåéïåð.

time=`/bin/date '+%d-%m-%Y  %H:%M:%S'`
n_sw=on

case $n_sw in
    on)
        if test `date +%H` -eq 0 -o `date +%H` -eq 9
           then
            echo "$time === Restarting nShaper... ===" >> /opt/var/log/nShaper.log
            /opt/etc/init.d/S20nshaper restart >> /opt/var/log/nShaper.log
            echo "$time === Done. ===" >> /opt/var/log/nShaper.log
           else
            echo "$time === Nothing to done! ===" >> /opt/var/log/nShaper.log
        fi
     ;;
    of)
       if test `date +%H` -eq 0
          then
            echo "$time === Stopping nShaper... ===" >> /opt/var/log/nShaper.log
           /opt/etc/init.d/S20nshaper stop >> /opt/var/log/nShaper.log
           iptables -t mangle -F >> /opt/var/log/nShaper.log
            echo "$time === Done. ===" >> /opt/var/log/nShaper.log
             elif test `date +%H` -eq 9
                  then
                   echo "$time === Starting nShaper... ===" >> /opt/var/log/nShaper.log
                   iptables -t mangle -F >> /opt/var/log/nShaper.log
                   /opt/etc/init.d/S20nshaper start >> /opt/var/log/nShaper.log
                   echo "$time === Done. ===" >> /opt/var/log/nShaper.log
          else
           echo "$time === Nothing to done! ===" >> /opt/var/log/nShaper.log
       fi
    ;;
    off)
       echo "$time === Nothing to done! ===" >> /opt/var/log/nShaper.log
    ;;
     *)
       echo "Íåâåðíî çàäàí ïàðàìåòð n_sw (on/of/off)"
     ;;
esac

È ñäåëàéòå åãî èñïîëíÿåìûì. Âðåìÿ ðåñòàðòà øåéïåðà è ïóòü äî ìåñòà ðàñïîëîæåíèÿ ñêðèïòà îòêîððåêòèðóéòå ïîä Âàøè óñëîâèÿ.

[partner]

SerGri áîëüøîå ñïàñèáî! ñåãîäíÿ âå÷åðîì ïîïðîáóþ.
Åùå âîïðîñ: ó ìåíÿ rt-n16, ïðîâàéäåð ìîæåò äàòü ñ 10-00 äî 01-00 ÷àñîâ äî 20480 Êáèò/ñ., ñ 01-00 äî 10-00 äî 40960 Êáèò/ñ. Ïîòÿíåò ëè ðîóòåð è nshaper òàêóþ ñêîðîñòü?

[SerGri]

SerGri áîëüøîå ñïàñèáî! ñåãîäíÿ âå÷åðîì ïîïðîáóþ.

Îê. Åñëè ÷òî - ïèøèòå.

Åùå âîïðîñ: ó ìåíÿ rt-n16, ïðîâàéäåð ìîæåò äàòü ñ 10-00 äî 01-00 ÷àñîâ äî 20480 Êáèò/ñ., ñ 01-00 äî 10-00 äî 40960 Êáèò/ñ. Ïîòÿíåò ëè ðîóòåð è nshaper òàêóþ ñêîðîñòü?

RT-N16 ìîæåò ìàðøðóòèçèðîâàòü äî 100Ìáèò/ñåê â íàïðàâëåíèè WAN <--->LAN. Øåéïåð 20 Ìáèò/ñåê òî÷íî ïîòÿíåò. Íàñ÷åò 40 Ìáèò/ñåê - ñêîðåå äà ÷åì íåò. Íàäî ïðîáîâàòü.

[evgenych]

äëÿ IPTV ïðîïèñàë ïðàâèëî
setrule proto udp port 1234 queue 1
åñòü åùå ëîêàëüíàÿ çîíà interzet.lst
192.168.0.0/255.255.0.0
10.180.0.0/255.255.0.0
10.184.0.0/255.255.0.0
10.188.0.0/255.255.0.0
10.192.0.0/255.255.0.0
10.194.0.0/255.255.0.0
10.196.0.0/255.255.0.0
10.200.0.0/255.255.0.0
10.204.0.0/255.255.0.0
10.208.0.0/255.255.0.0
òåëåâèäåíèå òîæå èäåò èç ýòèõ ïîäñåòåé è ïîëó÷àåòñÿ ÷òî íå ïîïàäàåò â ïðàâèëî Prio.
Ïîäñêàæèòå êàê â òàêîì ñëó÷àå ñäåëàòü ïðèîðèòåò IPTV

[vvsvic]

SerGri Åùå âîïðîñ: ó ìåíÿ rt-n16, ïðîâàéäåð ìîæåò äàòü ñ 10-00 äî 01-00 ÷àñîâ äî 20480 Êáèò/ñ., ñ 01-00 äî 10-00 äî 40960 Êáèò/ñ. Ïîòÿíåò ëè ðîóòåð è nshaper òàêóþ ñêîðîñòü?

Ó ìåíÿ wl500gp-2. Áåç øåéïåðà òÿíåò 70-80 ÌÁèò. À ñ øåéïåðîì íå áîëüøå 20 ÌÁèò â îäíó ñòîðîíó è 30 ÌÁèò â îáå ñòîðîíû ñóììàðíî.

[AlexeyS]

ä
åñòü åùå ëîêàëüíàÿ çîíà interzet.lst

Íà èíòåðçåòå âîîáùå øåéïåð èñïîëüçîâàòü ñåáå äîðîæå - èáî øåéïåð èíòåðíåò øëþçà ó íèõ øèáêî äèíàìè÷åñêèé è ñêîðîñòü êàíàëà â äàííûé ìîìåíò íå ïðåäóãàäàòü...

[SerGri]

Ó ìåíÿ wl500gp-2. Áåç øåéïåðà òÿíåò 70-80 ÌÁèò. À ñ øåéïåðîì íå áîëüøå 20 ÌÁèò â îäíó ñòîðîíó è 30 ÌÁèò â îáå ñòîðîíû ñóììàðíî.

RT-N16 ñóùåñòâåííî ïîìîùíåå áóäåò. ß ïîýòîìó è ñìåíèë wl500gpV1 íà RT-øêó.