[NCLUG] Bandwidth throttling when SIP connection is in progress.

Michael Milligan milli at acmeps.com
Sat Oct 18 14:54:32 MDT 2008


Scott Scriven wrote:
> * John Gilmore <jgilmore at glycou.com> wrote:
>> HTB doesn't have an equivalent to the "condition" match, so I'd 
>> have to create or modify the rules when a SIP connection 
>> started, and destroy or modify them when it stopped.
> 
> No, that's not necessary.  When your high-priority SIP bucket is 
> active, it will automatically tone down the other traffic 
> appropriately.

I don't think John gets it, and this may not something you can really do
justice in email.  This really requires a whiteboard discussion.  :-/

Still, John, in a nutshell, you give certain traffic guaranteed
bandwidth over other traffic.  You are not just giving some traffic
priority over other traffic, you use HTB to *guarantee* certain traffic
*always* has a specific amount of bandwidth available.  It's called
(Hierarchical) Token Bucket for this reason.

E.g., you can lump all traffic into a top-level bucket set at 1Mb/sec
(or whatever is just shy of your upstream bandwidth), then define a
child bucket that gets 32Kb/s of that 1Mb/sec as guaranteed bandwidth
for VoIP traffic.  Defining it this way means all *non*-VoIP traffic
uses what's left of the bandwidth defined in the parent bucket (1Mb/sec
minus 32Kb/sec when VoIP traffic is present).  That's about as simple as
you can make it to do what you want.  At any given moment then, when
VoIP traffic is present, the VoIP traffic will always gets at least
32Kb/s of bandwidth and the rest of the traffic is queued and has to
wait for wire time.

The end result is low "ping" times (really, stable round-trip times with
minimal jitter) and no packet drops for VoIP traffic.  Provided, of
course, that 32Kb/s is enough for the VoIP traffic as outlined in my
example.  That may need to be higher... measurements would need to be done.

To identify VoIP traffic, you can identified and tag by UDP ports, or if
you have a VLAN capable switch, put the VoIP equipment on it's own VLAN
and then tag all traffic coming from your voice VLAN so the HTB traffic
shaping engine knows what is VoIP traffic and what is not.  You "tag"
this traffic using the --set-mark feature of iptables.

Looks to me like this is all pretty well spelled out in Scott's script.
 The hard part is just understanding the config directives and what they
do, hence the real need here for a whiteboard.

You could ignore all the TOS-related stuff to try and get your head
around this.  I have found trying to use TOS to generally be useless.
At least for me.  My ISP doesn't honor those flags, and I don't know of
any that do (unless you pay more for it).

Regards,
Mike

-- 
Michael Milligan                                   -> milli at acmeps.com



More information about the NCLUG mailing list