optimizing traffic to a web server

Discussion:

kamen

2007-11-23 14:24:29 UTC

Hi,

I have a Linux server and provide Internet access in the neighborhood
and I also run a web server on the same machine.

Although our external connection is not bad, the access to the web
server from outside is awful - the web pages always require "Try
again" when accessed.

Do you think I can prioritize the traffic to the web server? How? I
have a traffic shaper of the internal and the external interface. I
use "tc" with HTB and "iptables" for that purpose. I mark the packets
and then filter them. I just don't seem to have written the write
filters.

Thanks in advance!

--
Kamen

Radek 'Goblin' Pieczonka

2007-11-23 20:31:15 UTC

Permalink

Post by kamen
Hi,
I have a Linux server and provide Internet access in the neighborhood
and I also run a web server on the same machine.
Although our external connection is not bad, the access to the web
server from outside is awful - the web pages always require "Try
again" when accessed.
Do you think I can prioritize the traffic to the web server? How? I
have a traffic shaper of the internal and the external interface. I
use "tc" with HTB and "iptables" for that purpose. I mark the packets
and then filter them. I just don't seem to have written the write
filters.
Thanks in advance!

this task should be an easy objective to acomplish, do you have some
kind of shaping in place at this moment ? anyway, please supply more
info on priv and i may be able to help you.

--
Radek 'Goblin' Pieczonka
***@pentex.pl

kamen

2007-11-24 01:45:49 UTC

Permalink

Post by Radek 'Goblin' Pieczonka
this task should be an easy objective to acomplish, do you have some
kind of shaping in place at this moment ? anyway, please supply more
info on priv and i may be able to help you.

Cool... here is how I tried to optimize the traffic:

helper () {
...
iptables -t mangle -A $CHAIN -p tcp -m tcp --sport 80 --source my-domain.com -j MARK --set-mark 0x2
iptables -t mangle -A $CHAIN -p tcp -m tcp --sport 80 -j RETURN
...
}

OPR=start CHAIN=OUTPUT helper
OPR=start CHAIN=PREROUTING helper

tc_helper () {
...
tc qdisc add dev ${WAN_IF} root handle 1: htb default 15 r2q 1
tc class add dev ${WAN_IF} parent 1: classid 1:1 htb rate ${UPLINK} ceil ${UPLINK} burst 6k
tc class add dev ${WAN_IF} parent 1:1 classid 1:10 htb rate 64kbit ceil 64kbit prio 0
tc class add dev ${WAN_IF} parent 1:1 classid 1:11 htb rate 64kbit ceil ${UPLINK} prio 1

tc filter add dev ${WAN_IF} parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10
tc filter add dev ${WAN_IF} parent 1:0 protocol ip prio 2 handle 2 fw classid 1:11
...
}

WAN_IF=eth2 tc_helper

Please tell me if you need more information.

Thanks,

--
Kamen

kamen

2007-11-26 15:20:24 UTC

Permalink

I still don't have a solution of how optimize the access to my web
server. By the way I'd like to do this with other ports as well (ssh
for example).

Any help would be appreciated.

--
Kamen