--=-hvA9hqwoLg7e/I7QiOZe Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi folks I've read Advanced Routing HOWTO and decided to implement some concepts on a network I manage. I am trying to set up a simple HTB-based traffic shaping with four classes on my firewall machine (2.4.17 HTB patch applied. iproute2 compiled with HTB patch, PH_ECHO line removed). Firewall box has two interfaces: eth0 - 172.18.200.1/24 and eth1 - to Internet. Class 1:10 and 1:12 has a 76 kbps rate (max of 256 kbps). Class 1:11 has a 54 kbps rate (max of 256 kpbs). Class 1:13 has a 50 kbps rate (max of 256). Filters are quite simple: Traffic from IPs 172.18.200.223 to 172.18.200.226 should go to class 1:10. Traffic from IPs 172.18.200.2 and 172.18.200.4 should go to class 1:11. Traffic from IP 172.18.200.232 should go to class 1:12. All other traffic must follow 1:13. The problem is also simple: nothing is being filtered. All traffic follow 1:13. I'm quite frustrated and really don't know what could be wrong. I've talked to a few fellows at #lartc on Open Projects, but it also didn't work. This is what I am using for creation of this scenario: tc qdisc add dev eth0 root handle 1: htb default 13 tc class add dev eth0 parent 1: classid 1:1 htb rate 256kbit ceil 2mbit burst 15k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 76kbit ceil 256kbit burst 15k tc class add dev eth0 parent 1:1 classid 1:11 htb rate 54kbit ceil 256kbit burst 15k tc class add dev eth0 parent 1:1 classid 1:12 htb rate 76kbit ceil=20 256kbit burst 15k tc class add dev eth0 parent 1:1 classid 1:13 htb rate 50kbit ceil 256kbit burst 15k tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev eth0 parent 1:11 handle 20: sfq perturb 10 tc qdisc add dev eth0 parent 1:12 handle 30: sfq perturb 10 tc qdisc add dev eth0 parent 1:13 handle 40: sfq perturb 10 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.223 flowid 1:10 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.224 flowid 1:10 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.225 flowid 1:10 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.226 flowid 1:10 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.2 flowid 1:11 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.4 flowid 1:11 tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 172.18.200.232 flowid 1:12 --=20 Sellaro Agente Livre - Linux Community (www.agentelivre.org) PGP Key ID: 3ADF8645 PGP Key Fingerprint: 6AB0 D60B 69B5 B3F9 4553 2242 A1D0 17C0 3ADF 8645 --=-hvA9hqwoLg7e/I7QiOZe Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8XmuLodAXwDrfhkURAn4cAKCJ4D5X2ieUOWb+PebHjh3s+gfO3QCg5izF Gn8bi/Msm3u9nir0erzIlZ4= =ioMB -----END PGP SIGNATURE----- --=-hvA9hqwoLg7e/I7QiOZe--
