[LARTC] Marks are ignored by classes

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Here is how I'm setting up my PRIO:

	# iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 22 -j
MARK --set-mark 1
	# iptables -A PREROUTING -i eth0 -t mangle -p tcp --sport 22 -j
MARK --set-mark 1
	# iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --dport 22
-j MARK --set-mark 2
	# iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --sport 22
-j MARK --set-mark 2
	# tc qdisc del dev eth0 root handle 1:
	# tc qdisc add dev eth0 root handle 1: prio bands 4 priomap 0 1
2 3 3 3 3 3 3 3 3 3 3 3 3 3
	# tc qdisc add dev eth0 parent 1:1 handle 10: sfq
	# tc qdisc add dev eth0 parent 1:2 handle 20: sfq
	# tc qdisc add dev eth0 parent 1:3 handle 30: sfq
	# tc qdisc add dev eth0 parent 1:4 handle 40: sfq
	# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 4
fw classid 1:4
	# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3
fw classid 1:3
	# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 2
fw classid 1:2
	# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1
fw classid 1:1

Then I send a few SSH packets.  The packets are marked in PREROUTING.
But why is everything winding up in 1:4?  Also, if anyone knows why I am
marking 4 packets, but only 3 packets wind up in the qdisc, that would
be appreciated:

[root@boss root]# ./qos status
LAN Queues:
qdisc sfq 40: quantum 1514b
 Sent 246 bytes 3 pkts (dropped 0, overlimits 0)

 qdisc sfq 30: quantum 1514b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)

 qdisc sfq 20: quantum 1514b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)

 qdisc sfq 10: quantum 1514b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)

 qdisc prio 1: bands 4 priomap  0 1 2 3 3 3 3 3 3 3 3 3 3 3 3 3
 Sent 246 bytes 3 pkts (dropped 0, overlimits 0)

 IPTables:
Chain PREROUTING (policy ACCEPT 1050K packets, 257M bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 MARK       tcp  --  eth0   *       0.0.0.0/0
0.0.0.0/0          tcp dpt:22 MARK set 0x1
    2   216 MARK       tcp  --  eth0   *       0.0.0.0/0
0.0.0.0/0          tcp spt:22 MARK set 0x1
    2   216 MARK       tcp  --  eth0   *       0.0.0.0/0
0.0.0.0/0          tcp dpt:!22 MARK set 0x2
    0     0 MARK       tcp  --  eth0   *       0.0.0.0/0
0.0.0.0/0          tcp spt:!22 MARK set 0x2

Chain OUTPUT (policy ACCEPT 50963 packets, 9269K bytes)
 pkts bytes target     prot opt in     out     source
destination

Scott Kaplan
Libritas
Suite 1300
180 Grand Avenue
Oakland, CA  94612
(510) 740-7701
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux