Pages

Sunday, 13 August 2017

用uml实现OpenVZ vps的拥堵控制算法bbr

Execute the User Mode Linux of the lastest linux kernel version for TCP congestion control "BBR" .

OpenVZ Server

Install Ubuntu-14.04-x86_64 Trusty:

apt-get update
apt-get install tmux build-essential libncurses5-dev libvdeplug-dev libpcap-dev debootstrap -y

Download the lastest linux kernel for compiling the User Mode Linux(www.kernel.org)

wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.9.10.tar.xz
tar xvf linux-4.9.10.tar.xz
cd linux-4.9.10
make defconfig ARCH=um

Edit the .config file and insert the options for the configuration file.

CONFIG_BINFMT_ELF=y
CONFIG_HOSTFS=y
CONFIG_LBD=y
CONFIG_BLK_DEV=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_STDERR_CONSOLE=y
CONFIG_UNIX98_PTYS=y
CONFIG_EXT2_FS=y

Use menuconfig select for the TCP congestion control "BBR" and network device.

make menuconfig ARCH=um or make ARCH=um nconfig

Networking support  --->  Networking options  --->  TCP: advanced congestion control  --->

<*>BBR TCP (NEW)
<*> Default TCP congestion control (BBR) 

<*> UML Network Devices

Compile the vmlinux file with 4 Thread.

make ARCH=um vmlinux -j4

Use debootstrap for building the ubuntu14.04 container and install the package.

debootstrap --arch amd64 trusty ./ubuntu1404 http://ftp.ubuntu.com/ubuntu/
chroot ubuntu1404 /bin/bash
apt-get update
apt-get install git -y

Assign the ip address for the container eth0.

vi /etc/network/interfaces
auto eth0
iface eth0 inet static
address 10.0.0.2
netmask 255.255.255.0
gateway 10.0.0.1

For login the container to change the tty0 and securetty config.

#create the tty0 config and change the config.
cp /etc/init/tty1.conf /etc/init/tty0.conf
vi /etc/init/tty0.conf
exec /sbin/getty -8 38400 tty0

#insert the tty0 enable root login
vi /etc/securetty
tty0

#change passwd for root
passwd root

#if you need the openssh-server, it need to permit root login.
apt-get install openssh-server
vi /etc/ssh/sshd_config
PermitRootLogin yes

Install the shadowsocksr to the container and add the user.

cd /usr/local && git clone https://github.com/shadowsocksr/shadowsocksr.git
cd shadowsocksr && bash initcfg.sh
vi userapiconfig.py
API_INTERFACE = 'mudbjson'
python mujson_mgr.py -a -u ssr443 -p 443 -m aes-128-cfb -k ssr-passwd -O auth_aes128_sha1 -o tls1.2_ticket_auth

vi /etc/rc.local
/usr/local/shadowsocksr/run.sh

exit

Set up the Host SSH tcp port 22 for bypass and NAT traffic for container.

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 22 -j RETURN
iptables -t nat -A PREROUTING -d $(hostname -i)/32 -j DNAT --to-destination 10.0.0.2
iptables -t nat -A POSTROUTING -d 10.0.0.2/32 -j SNAT --to-source 10.0.0.1
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 ! -d 10.0.0.0/24 -j MASQUERADE

Set up the TAP for Host and Run the vmlinux

ip tuntap add tap0 mode tap
ip addr add 10.0.0.1/24 dev tap0
ip link set tap0 up  
mount -o remount,size=256m /dev/shm
dd if=/dev/zero of=rootfs.img bs=1MB count=1000
/root/vmlinux root=/dev/ubda rootfstype=hostfs hostfs=/root/ubuntu1404 ubd0=/root/rootfs.img eth0=tuntap,tap0 mem=256m rw


from  https://github.com/letssudormrf/openvz_uml
---------------

lkl-bbr 一键脚本


lkl-bbr 一键脚本 by 南琴浪
用法说明
Usage: { install | status | uninstall }
根据运行的 command,会输出日志文件 /home/lkl-{command}.log
releases: https://github.com/nanqinlang/lkl/releases

install

此命令用于安装 lkl-bbr:
  • 会在 /home/lkl 进行安装
  • 安装完成后会 开启lkl-bbr并加入开机自启
  • 若需要修改转发端口,请修改 /home/lkl/haproxy 中的 8080-9090/home/lkl/enable.sh 中的 8080:9090你自己想要的端口或端口段 修改完成后重启vps即可应用更改
  • 运行前请注意自己的 iptables 相关设置,例如防火墙和转发规则

status

此命令用于检查 lkl-bbr 运行与否,可通过返回的提示判断

uninstall

运行此命令 会删除 整个/home/lkl 并 卸载 haproxy 和 移除 /etc/rc/local 中的开机自启任务,重启后即完成完全卸载 不会有残留.
------------------

OpenVZ VPS使用BBR加速

建议系统为Debian 8 64、Centos 7及以上。
1、下载脚本
wget --no-check-certificate https://raw.githubusercontent.com/mixool/rinetd/master/rinetd_bbr_powered -O /root/rinetd
2、设置权限
chmod +x rinetd
3、添加监听地址
vi rinetd.conf
添加
# bindadress bindport connectaddress connectport
0.0.0.0 443 0.0.0.0 443
0.0.0.0 80 0.0.0.0 80
这块可以添加其他端口,如你的ss端口为9001,则再添加:
0.0.0.0 9001 0.0.0.0 9001
4、设置开机启动
vi /etc/systemd/system/rinetd.service
添加
[Unit]
Description=rinetd

[Service]
ExecStart=/root/rinetd -f -c /root/rinetd.conf raw venet0:0
Restart=always
  
[Install]
WantedBy=multi-user.target
5、启动
systemctl enable rinetd.service && systemctl start rinetd.service
6、效果
比较明显,对于OpenVZ VPS来说,救星啊。
我的alpharacks ovz vps,用了后,轻松1080P.
-------------

相关帖子: http://briteming.blogspot.com/2017/05/tcp-tcp-bbr.html

No comments:

Post a Comment