| 1 | How do we use Prometheus QoS in Brevnov: |
| 2 | |
| 3 | 1) /etc/prometheus/hosts |
| 4 | |
| 5 | 1500+ IP addresses are asigned either guaranted speed classes 64, 128, 256 |
| 6 | and 512 kbps, with various HTB ceil rates, using "via-prometheus-" keyword. |
| 7 | Some of IP addresses are set to share connection speed with internet |
| 8 | gateway using "sharing-" keyword. |
| 9 | |
| 10 | 2) /etc/prometheus/prometheus.conf |
| 11 | |
| 12 | There are daily traffic quotas defined using "magic-relative-limit" value |
| 13 | se to 8. This translates into 48h quota 1 GB for 64 kbps lines, |
| 14 | 2 GB for 128 kbps lines, etc., with unused credit from day before yesterday |
| 15 | stored in /var/run/prometheus.credit. Soft quotas (fair use policy) are |
| 16 | applied (resulting in lower HTB priority) even before hard quotas are reached |
| 17 | (magic-relative-prio set to 6, which is less then magic-relative-limit set |
| 18 | to 8). |
| 19 | |
| 20 | Daily limits are applied by running prometheus every day at 3:00 AM. Between |
| 21 | 3:00 AM and 6:00 AM, there is QoS free period, enabled by "qos-free-delay" |
| 22 | value set to 10800. However, yesterday's data transfer statistics are kept |
| 23 | in memory while prometheus QoS is iddle in this sleep mode. |
| 24 | |
| 25 | Undefined IP addresses share 32 kbps guaranted and 64 kbps maximum speed, |
| 26 | set using "free-rate" and "free-ceil" keyword. |
| 27 | |
| 28 | There is QoS-free zone defined using "qos-free-zone" too be 10.0.0.0/8. |
| 29 | This allows for example easy management of gateway from inside this range, |
| 30 | or remote management of entire network after ssh to gatway and then another |
| 31 | ssh to this zone. |
| 32 | |
| 33 | We used to run HTTP proxy at port 3128 of LAN interface of internet gateway. |
| 34 | This proxy was inside "qos-free-zone". With "qos-proxy-enable", |
| 35 | "qos-proxy-ip" (which is actually IP/number of bits of netmask) and |
| 36 | "qos-proxy-port" settings, this port was excluded from QoS-free zone. |
| 37 | |
| 38 | 3) NAT |
| 39 | |
| 40 | Both symetrical and asymetrical NAT is defined by another script file, in |
| 41 | iptables nat table (-t nat). Prometheus QoS uses only iptables mangle |
| 42 | tables (-t mangle), see FAQ. |
| 43 | |
| 44 | 4) /etc/cron.d/prometheus and related files |
| 45 | |
| 46 | Every hour, we run prometheus with -p switch to generate preview. On system |
| 47 | boot, we run prometheus with -n switch to skip QoS free period. |