sometimes its not enough to use only TOS and traffic shapers are better.
however, you can set TOS flags to certain ports using iptables.
here is an example that I used for years, even before iptables.
I even used 3 computers with browsers on a 28k modem with success
using this method. (of course there were less multimedia objects back
then).
btw, I am not sure you need also OUTPUT, I think PREROUTING is enough.
also you must understand you only control with TOS the outgoing packets.
if I understand correctly TOS works by grouping packets in 5 queues of
importance:
delay Throughput cost Reliability and normal
do: iptables -m tos -h
shapers also allow to chock bandwidth which is different.
$iptdir -A PREROUTING -t mangle -p tcp --dport 21 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 21 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 22 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 22 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 23 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 23 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 80 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 80 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 110 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 110 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 25 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 25 -j TOS --set-tos
Minimize-Delay
#mp3
$iptdir -A PREROUTING -t mangle -p tcp --dport 5190 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 5190 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 8890 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 8890 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport 6667:6669 -j TOS --set-tos
Minimize-Delay
$iptdir -A OUTPUT -t mangle -p tcp --dport 6667:6669 -j TOS --set-tos
Minimize-Delay
$iptdir -A PREROUTING -t mangle -p tcp --dport ftp-data -j TOS --set-tos
Maximize-Throughput
$iptdir -A OUTPUT -t mangle -p tcp --dport ftp-data -j TOS --set-tos
Maximize-Throughput
#overnet
$iptdir -A PREROUTING -t mangle -p tcp --dport 4662 -j TOS --set-tos
Maximize-Throughput
$iptdir -A OUTPUT -t mangle -p tcp --dport 4662 -j TOS --set-tos
Maximize-Throughput
$iptdir -A PREROUTING -t mangle -p udp --dport 4966 -j TOS --set-tos
Maximize-Throughput
$iptdir -A OUTPUT -t mangle -p udp --dport 4966 -j TOS --set-tos
Maximize-Throughput
$iptdir -A PREROUTING -t mangle -p tcp --dport nntp -j TOS --set-tos
Minimize-Cost
$iptdir -A OUTPUT -t mangle -p tcp --dport nntp -j TOS --set-tos
Minimize-Cost
Regards,
tzahi.
> -----Original Message-----
> From: Ilya Konstantinov [mailto:[EMAIL PROTECTED] On Behalf
> Of Ilya Konstantinov
> Sent: Wednesday, September 08, 2004 8:23 PM
> To: Skliarouk Arieh
> Cc: [EMAIL PROTECTED]
> Subject: Re: ADSL QoS shaper
>
>
> On Wed, Sep 08, 2004 at 12:26:48PM +0300, Skliarouk Arieh wrote:
> > Hello,
> >
> > Recently I wrote QoS setup script for shaping ADSL and Cable
> > connections (that suffer from stuck download in presence of upload).
>
> From my experience, it's enough to cap the upstream to your
> actual cap (as enforced by Bezeq anyway) to get excellent
> pings and ssh sessions even in presense of uploads.
>
> Programs like 'ping' and 'ssh' are smart enough to set TOS
> information on their own. I'm not sure, but it's possible
> that 'scp' takes care not to set itself as Minimize-Delay.
> Other programs are categorized in the middle queue (of the
> Linux pfifo_fast 3-queue discipline) so they don't hurt
> interactive performance anyway.
>
> Simply speaking, just add this to your pppd's ip-up script[1]:
>
> # Replace $PPP_IFACE with whatever it is in your distro.
> # Replace 90kbit with your real upstream, minus few kbit.
> tc qdisc add dev $PPP_IFACE root tbf rate 90kbit latency 50ms
> burst 1540
>
>
> [1] People who use ppp for other needs as well (e.g. VPN)
> might want to extend this to avoid capping their VPN.
>
> =================================================================
> To unsubscribe, send mail to [EMAIL PROTECTED]
> with the word "unsubscribe" in the message body, e.g., run
> the command echo unsubscribe | mail [EMAIL PROTECTED]
>
>
>
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
