Hierarchical Token Bucket

Introduction
Hierarchical Token Bucket is a faster replacement for Class Based Queuing. It's pretty much CBQ re-arranged in a hierarchical manner.

Before you dive into traffic shaping, make sure to visit the QoS, and the HTB wiki pages.

Kernel Config
Kernel config for 2.6.32-gentoo-r7.

Note all of these options are not needed.

Networking Support ---> Networking Options ---> --- QoS and/or fair queueing   Hierarchical Token Bucket (HTB)   Hierarchical Fair Service Curve (HFSC)   Multi Band Priority Queueing (PRIO) (NEW)   Stochastic Fairness Queueing (SFQ)   Token Bucket Filter (TBF) (NEW)   Elementary classification (BASIC)   Traffic-Control Index (TCINDEX)   Routing decision (ROUTE)   Netfilter mark (FW)   Universal 32bit comparisons w/ hashing (U32) [*]    Performance counters support [*]    Netfilter marks support   Flow classifier [*]  Extended Matches (32)   Stack size (NEW)     Simple packet data comparison     Multi byte comparison     U32 key     Metadata     Textsearch

HTB.init
HTB.init is a shell script derived from CBQ.init that allows for easy setup of HTB-based traffic control on Linux. HTB (Hierachical Token Bucket) is a new queueing discipline which attempts to address the weaknesses of current CBQ implementations.

This script is a clone of CBQ.init and is meant to simplify setup of HTB based traffic control. HTB setup itself is pretty simple compared to CBQ, so the purpose of this script is to allow the administrator of large HTB configurations to manage individual classes using simple, human readable files.

Installation
Prepare your modules, then emerge.

Configuration
This script allows for an extremely diverse array of setups, so for the purposes of this wiki, I am going to only give an example that throttles the outgoing (upload) connection on a two-interface server. This config will be setup to manage ssh, ftp, http, bittorrent, and xbox-like traffic. Remember, this is only for the upload stream.

Some of you may be asking yourselves, why only the outgoing? Well, you can implement full download throttling, but really you should only have a default class for all traffic that simply makes sure you don't go above your total dl speed and congest traffic. The reason for not wanting to throttle incoming traffic, is because scheduling takes place through the dropping of packets. Which is all fine and dandy if it's happening locally, because we can generate packets quickly, but we don't want to wait for packets to be re-sent over the slow internet.

Before jumping into configuration...let's go over the scheme (my interfaces are renamed 'wan' and 'lan' accordingly, replace with eth0, or whatever your interface is named). If you feel like straying away from this configuration, make sure to check out the external links section for some good info. An important thing to note is that you should put things in order or priority...even though you will be setting the priority within the config file, it speeds up traffic shaping. wan-&-wan-2.root (5894/491kbps) |---wan-2:3.lan    # used for internal traffic, because you don't want to limit it. |---wan-2:4.remote    # all out going traffic |---wan-2:4:10.ssh    # Of course we want to make sure that ssh its super fast |---wan-2:4:20.www    # this is only if you run a web server |---wan-2:4:30.ftp    # this is only if you run a ftp server |---wan-2:4:40.xbox |---wan-2:4:50.torrent |---wan-2:4:60.annoyinglanuser    # I am not going to include or go over this one, |                                 # you should be able to figure this one out by the end, |                                 # just wanted to make sure you remembered you could do that |---wan-2:4:100.default    # this is where everything will default to if it is unmatched OK, on to the good stuff. Make sure that you know what bandwidth you are working with. If you don't, visit Speakeasy to find out. Now, when you emerge HTB.init, it creates the directory, which is where you are going to place all your configuration files for the script. So go ahead and jump into that directory.

...And strike up your favorite editor for the following configuration files.

If you would like details on how to configure the files for yourself, which you should, visit this site

This file is where you place all your default settings for the interface. Specific to this file is the r2q value which is kind of complicated to explain. Pretty much you are shooting for rate/r2q<1500.

As stated before, you want to make sure not to limit the internal network. So set the rate to be just below the speed of your lan.

Same thing as root, and make sure it only does this for the internal network.

Limit all traffic under remote to be just under your max upload speed.

This will guarantee bandwidth for all ssh connections on the network (since we are using the wildcard). You might want to use sfq because that will distribute bandwidth evenly to all ssh connections, it's not really needed.

If you run a webserver, you want to make sure people can always connect to your site.

If you happen to have a few different servers, you may want to make sure they are all watched.

Since the xbox does only one thing, we are just going to shape all traffic originating from the xbox.

The name says it all

Finally tell HTB what to do if nothing matched the rules we set: