Zdravim, mam otazku ohladom QT a TCP / UDP trafficu.
Mam nastavene QT vsetko funguje OK, az na jednu vec, ked btestom vytazim oba smery naraz pri tcp - jeden smer mi ide tak stvrtinovou rychlostou. Toto sa mi zda z pohladu logiky veci asi aj ako vlastnost TCP.
Proste kvoli objemu traffiky v jednom smere sa k zakaznikovi nedostanu ACK pakety vcas a tcp nedokaze v jednom z 2 smerom ist na maximum linky.
Vedel by to ktosi potvrdit? Ak je to takto, riesite na shaperi aj nejaku prioritizaciu malych tcp paketov? alebo inak, ked mate zakaznikov a zalezi vam aby boli spokojni, ako mate ponastavovane QT/Prioritizaciu? Skuste dat nejake tipy.
Velka vdaka L.
add action=mark-packet chain=prerouting comment="Znackovanie DNS paketov UDP" \
disabled=no new-packet-mark=VH_prio p2p=!all-p2p passthrough=no protocol=\
udp src-port=53
add action=mark-packet chain=prerouting comment="Znackovanie DNS paketov TCP" \
disabled=no new-packet-mark=VH_prio p2p=!all-p2p passthrough=no protocol=\
tcp src-port=53
add action=mark-packet chain=prerouting comment=\
"Znackovanie TCP SYN paketov IN" disabled=no new-packet-mark=VH_prio p2p=\
!all-p2p packet-size=0-60 passthrough=no protocol=tcp tcp-flags=syn
add action=mark-packet chain=prerouting comment=\
"Znackovanie TCP ACK paketov IN" disabled=no new-packet-mark=VH_prio p2p=\
!all-p2p packet-size=0-100 passthrough=no protocol=tcp tcp-flags=ack
add action=mark-packet chain=prerouting comment="Znackovanie protokolu GRE" \
disabled=no new-packet-mark=VH_prio passthrough=no protocol=gre
add action=mark-packet chain=prerouting comment="Znackovanie TCP FIN paketov" \
disabled=no new-packet-mark=VH_prio packet-size=0-80 passthrough=no \
protocol=tcp tcp-flags=fin
Hentak nejak.
No a ked do toho zapojis toto:
add action=mark-connection chain=prerouting comment=\
"Znackovanie pre Dst.Limit port 80" disabled=no new-connection-mark=\
net-users-burst_conn p2p=!all-p2p passthrough=yes protocol=tcp src-port=\
80
add action=mark-connection chain=prerouting comment=\
"Znackovanie pre Dst.Limit port 443 (HTTPS)" disabled=no \
new-connection-mark=net-users-burst_conn p2p=!all-p2p passthrough=yes \
protocol=tcp src-port=443
add action=mark-packet chain=prerouting connection-mark=net-users-burst_conn \
disabled=no dst-limit=0/3m20s,400,src-and-dst-addresses/1m \
new-packet-mark=net-users-burst passthrough=no
tak zakaznici budu chrochtat balhom :
V Q-tree pre jednotlive packet mark si vytvoris potrebne queues s potrebnou ryhlostou a prioritou, ale to asi vies s prstom v nose.