fixes, upstream2, upstream.shaping
This commit is contained in:
parent
2f603182ff
commit
fb65984b0b
|
@ -12,6 +12,7 @@ hosts-inet:
|
||||||
priv1-gw: 172.20.72.4
|
priv1-gw: 172.20.72.4
|
||||||
priv2-gw: 172.20.72.5
|
priv2-gw: 172.20.72.5
|
||||||
upstream1: 172.20.72.6
|
upstream1: 172.20.72.6
|
||||||
|
upstream2: 172.20.72.8
|
||||||
anon1: 172.20.72.7
|
anon1: 172.20.72.7
|
||||||
pub:
|
pub:
|
||||||
pub-gw: 172.20.76.1
|
pub-gw: 172.20.76.1
|
||||||
|
|
|
@ -136,7 +136,7 @@ switches:
|
||||||
=/BZc
|
=/BZc
|
||||||
-----END PGP MESSAGE-----
|
-----END PGP MESSAGE-----
|
||||||
|
|
||||||
switch-b2:
|
switch-b2:
|
||||||
model: '3com-4200G'
|
model: '3com-4200G'
|
||||||
location: Haus B Souterrain
|
location: Haus B Souterrain
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -1,2 +1,5 @@
|
||||||
upstream:
|
upstream:
|
||||||
interface: ipredator
|
interface: ipredator
|
||||||
|
up-bandwidth: 2000
|
||||||
|
flow-keys: nfct-src,nfct-dst
|
||||||
|
flows: 2048
|
||||||
|
|
|
@ -1,2 +1,5 @@
|
||||||
upstream:
|
upstream:
|
||||||
interface: up1
|
interface: up1
|
||||||
|
up-bandwidth: 6000
|
||||||
|
flow-keys: nfct-src,nfct-dst
|
||||||
|
flows: 2048
|
||||||
|
|
|
@ -33,6 +33,13 @@ upstream1:
|
||||||
up1:
|
up1:
|
||||||
type: phys
|
type: phys
|
||||||
|
|
||||||
|
upstream2:
|
||||||
|
interfaces:
|
||||||
|
core:
|
||||||
|
type: veth
|
||||||
|
up1:
|
||||||
|
type: phys
|
||||||
|
|
||||||
anon1:
|
anon1:
|
||||||
interfaces:
|
interfaces:
|
||||||
core:
|
core:
|
||||||
|
|
|
@ -15,6 +15,7 @@ base:
|
||||||
- forwarding
|
- forwarding
|
||||||
- ospf
|
- ospf
|
||||||
- upstream.dhcp
|
- upstream.dhcp
|
||||||
|
- upstream.shaping
|
||||||
- unbound
|
- unbound
|
||||||
'anon*':
|
'anon*':
|
||||||
- no-ssh
|
- no-ssh
|
||||||
|
@ -22,3 +23,4 @@ base:
|
||||||
- ospf
|
- ospf
|
||||||
- vpn.openvpn
|
- vpn.openvpn
|
||||||
- upstream.masquerade
|
- upstream.masquerade
|
||||||
|
- upstream.shaping
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "$IFACE" = "{{ pillar['upstream']['interface'] }}" ]; then
|
||||||
|
tc qdisc del dev $IF_WAN root 2> /dev/null > /dev/null
|
||||||
|
tc qdisc add dev $IF_WAN root handle 1 hfsc default 1
|
||||||
|
tc class add dev $IF_WAN parent 1: classid 1:1 hfsc sc rate ${UP_RATE}kbit ul rate {{ pillar['upstream']['up-bandwidth'] }}kbit
|
||||||
|
tc qdisc add dev $IF_WAN parent 1:1 handle 11: fq_codel
|
||||||
|
tc filter add dev $IF_WAN parent 11: handle 11 protocol all flow hash keys {{ pillar['upstream']['flow-keys'] }} divisor {{ pillar['upstream']['flows'] }}
|
||||||
|
fi
|
|
@ -0,0 +1,12 @@
|
||||||
|
{%- set upstream = pillar['upstream'] %}
|
||||||
|
|
||||||
|
iptables:
|
||||||
|
pkg.installed: []
|
||||||
|
|
||||||
|
/etc/network/if-up.d/shaping:
|
||||||
|
file.managed:
|
||||||
|
- source: salt://upstream/shaping
|
||||||
|
- template: 'jinja'
|
||||||
|
- mode: 755
|
||||||
|
- require:
|
||||||
|
- pkg: tc
|
Loading…
Reference in New Issue