I am trying to create a traffic shaping by HTB and iptables.I want to control bandwidth per IP so I create for each IP a class and I am using iptables marketing to assign individual filter to each class in other mean to each IP . I have near 11000 users in 6 different subnets and because I can not create more than 9999 classid I am using this scenario :
I create a root qdisc and assign to it 6 classes------------------------------------------------------------------------- ( classid 1:1 parent 1:0 , classid 1:2 parent 1:0 .....classid 1:6 parent 1:0 )
then assign to each class a qdisc -----------------------------------------------------------------------------------------( qdisc parent 1:1 handle 10: , qdisc parent 1:2 handle 20: , .... , qdisc parent 1:6 handle 60 )
and in final I assign every 2048 users in each subnet to these qdiscs.
qidsc with handle 10: has 2048 class (classid 10:1 to classid 10:2048)
qdisc with handle 20: has 2048 class (classid 20:1 to classid 20:2048) and ...
this is my file configuration for one subnet :
/bin/bash
NETCARD=eth0
MAXBANDWIDTH=100000
# reinit
tc qdisc del dev $NETCARD root handle 1
tc qdisc add dev $NETCARD root handle 1: htb default 9999
# create the default class
tc class add dev $NETCARD parent 1:0 classid 1:9999 htb rate $(( $MAXBANDWIDTH ))kbit ceil $(( $MAXBANDWIDTH ))kbit
# control bandwidth per IP
declare -A ipctrl
# define list of IP and bandwidth (in kilo bits per seconds) below
x=0
n=179
m=0
while [ x -lt 2048 ]do;
ipctrl[192.168.$n.$m]="2000"
m=expr( $m + 1 )
if [ 256 = m ]
then
n=expr( $n + 1 )
m=0
fi
done
mark=0
for ip in "${!ipctrl[@]}"
do
mark=$(( mark + 1 ))
bandwidth=${ipctrl[$ip]}
# traffic shaping rule
tc class add dev $NETCARD parent 1:0 classid 10:$mark htb rate $(( $bandwidth ))kbit ceil $(( $bandwidth ))kbit
# netfilter packet marking rule
iptables -t mangle -A FORWARD -i $NETCARD -s $ip -j CONNMARK --set-mark $mark
# filter that bind the two
tc filter add dev $NETCARD parent 1:0 protocol ip prio $mark handle $mark fw flowid 1:1
tc filter add dev $NETCARD parent 10:0 protocol ip prio $mark handle $mark fw flowid 10:$mark
echo "IP $ip is attached to mark $mark and limited to $bandwidth kbps"
done
#propagate netfilter marks on connections
iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark
I am using Ubuntu Server 14.04 and I am runing it on a real server. But in real when I run it the bandwidth for each user is very very less than the bandwidth I assigned to it's class , for example if I assigned to an IP 1000 kbit,in real his bandwidth is 10kbit. What is the problem with my configuration ? is it a good configuration or plan for traffic shaping ?