On Wednesday 30 January 2002 05:01, Arindam Haldar wrote: > hi all, > hi stef, > > stef i went thru the site www.docum.org & would really like to thank u > on one part--->monitor.pl.. :-).. havent tried it yestreday but will > today when i find time but reading it i know that ... :-) > 1) comming accros 2 one of the pages --> > www.docum.org/stef.coene/qos/tests/cbq/splitting/weight/splitting-weigh= t.ht >ml ..i saw these 4 lines & got curious 2know y ur sending pkts with mark= of > 1 & 2 to both classes 10:2 & 20:10 ?..wont there b confusion 2 what rul= esse > 2b applied? > tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid > 10:2 > tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid > 10:2 > tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid > 20:10 > tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid > 20:20 The filters are attached to different parents. So when a packets enters = 10:,=20 it's matched. If it has mark 1 it's sended to class 10:2. But qdisc 20:= is=20 attached to 10:2 so the packet is matched to the filter that puts the pac= ket=20 in 20:10. This test was to see how you have to attach the filters. But = it's=20 not recommended to use more then 1 qdisc in your setup. > 2) our linux box does managemnt of public lan(office ) & pvt > lan(cable)--by ip's.. sucess with public ips, marking & using tc filter > is sucessful but not true with pvt ips (10 series, marking part!).. to > let u know better here is what we did with public ip.. > iptables -t mangle -A PREROUTING -i eth1 -s <a.b.c.0/26> -d > <a.b.e.0/25> -j MARK --set-mark 90 > iptables -t mangle -A PREROUTING -i eth0 -d <a.b.c.0/26> -s > <a.b.e.0/25> -j MARK --set-mark 91 > the tc commands > tc filter add dev eth0 parent 1:105 pfifo limit 2 > tc filter add dev eth1 parent 2:105 pfifo limit 2 > This works fine--tested with different traffic loads of download& > upload. > BUT with lan on eth4 which has pvt ip range(10series) vr not sucesful. > the problem is how to make sure that the pkts detination for 10.0.0.0/8 > should be marked as they r MASQUERADEd. so i trired to mark with > FORWARD/OUTPUT/POSTROUTING but unsuccesful. tc -s class.... etc command > doesnt show any data being passed thru the class while iptables -nvL -t > mangle shows pkts r being marked & passing thru. > > 3) do we need to reset/restart the iptables script when iproute script > is reapplied or vice versa ? Nop. Stef --=20 stef.coene@docum.org More QOS info : http://www.docum.org/ Title : "Using Linux as bandwidth manager" =20
