How I Shape My Traffic
Mersault last edited by
I'm posting here my shaper config file, plus some comments about it. It works reasonably well, and I figured I'd post it so others can see what I've done. This isn't the config file for most people, but it works well in my apartment with three room mates to keep everyone happy. We have a PPPoE DSL connection with a sync rate of 8000/800Kb/sec. Accounting for PPPoE overhead, I have a useable 7100/710Kb/sec.
I modified the queues and the rules substantially from the wizard rules. Firstly, almost all bittorrent traffic on my network from one computer running TorrentFlux using a non-standard port range, so I set that port range for my bittorrent rules. Later I noticed that TF was sometimes using ports outside that range for outbound connections, so I just sent all traffic from that computer into the p2p queue, since the computer doesn't really do much other than bittorrent. This is a bit of a kludge, but it works.
From watching the bittorrent download speeds and comparing with the ACK traffic going out, I determined that about 5% of the download bandwidth would be transmitted back out in the form of ACK packets. If I'm downloading at 1000Kb/sec, I need 50Kb/sec outbound for ACK packets. Since my download speed is exactly 10 times my upload, this means my outbound ACK queue required 50% of the bandwidth to get full use out of the download pipe. Usually, I'm not downloading anywhere close to this, so the excess bandwidth is distributed wherever it's needed.
I also run a low-traffic FTP server, without the help of the FTP helper. This FTP server also syncs up with a remote site on a regular basis using rsync. I created a queue for the FTP traffic (including the rsync traffic) which has a higher priority than the p2p queue, as I don't mind what few FTP connections there are from occasionally stomping on the p2p queue. In practice, the two queues share the bulk of the upload connection fairly since I'm not generally downloading more than 1 to 1.5 megabits a second, so there's plenty of excess bandwidth from the ACK queue to go around.
I send SSH, DNS, and ICMP traffic into the high priority queue. I know ICMP should probably be in the default queue, but it's still in the high priority queue from testing. I find with this setup my ping times to google tend to be ~100ms, with an upload connection running at near full capacity. Without any traffic on the network (torrents turned off, no FTP users and no rsync going on) ping times to google run ~40-50ms. In practice surfing the net is very reasonable in this configuration, though I had to introduce hard limits for the p2p and ftp outbound queues in order to achieve this.
I don't have much fine grained control of traffic outside those defined in the rules. When the wizard creates the set of rules, there are dozens of rules for applications that just go to the default queue anyway. I guess this makes sense if you have the p2p catchall, but I chose to have the shaper treat most traffic as default queue traffic, and just send specific types of traffic into lower queues, rather than have the shaper treat all traffic as low queue traffic and only send specific traffic to the default queue. I may change my approach in the future, and see how it works, but it seems like my current approach will require less maintenance once I have it configured optimally.
Thoughts on what I'd like to improve:
I'd like to do away with the hard limits and keep good surfing. There are times when the FTP outbound queue is empty, and I wouldn't mind the p2p queue utilizing that bandwidth. There are also times where there's no bittorrent activity, and the reverse is true. However I found that without the hard limits, either queue would end up eating up almost all the outbound traffic, and surfing would slow to a crawl. I couldn't even check my gmail account.
I'm sure I could get regular web surfing sped up a little more. Considering ping times double, and that's in the high priority queue I'm sure HTTP traffic in the default queue is suffering. In practice it seems acceptable, but I'd like to find a way to improve surfing without hobbling FTP and p2p traffic in such a way that they can't utilize the connection fully when no one is home to surf.