I read on the HTB homepage that tc filter has a bug when which causes duplicate entries to be listed by "tc filter show" when we use U32 classifiers with different prio values. OK. But then my case was more than that. First, I have 1280kbit link split into 3 classes serving 3 subnet. I put SSH traffic into default class with different prio, because those 3 classes are would be heavily loaded, and I think the default class would be sufficient for the ssh traffic to and from all directions.(see script below). everything worked fine. and then I got 4th customer/subnet. I increased my link to 1792kbit and assign 512kbit to it. the script is the same script I used before. Just add an additional class (1:13) , along with corresponding filter and leaf needed. here, I found that traffic for the 4th subnet didn't get into the slot where it should be. I did download tests with big ftp/scp, but from the "tc -s class show dev eth1" command, I see class 1:13 didn't send packets. the scp/ftp stalled then. the "tc filter show" command resulted duplicate entries for each pref. I then tried to not putting the SSH filter, and all four classes worked fine, delivering packets correctly as the filters said. I've tried to put prio value into the filter rules (instead the class) and vice versa, I've tried to assign all classes the same prio, I've tried other match methods for SSH filter, I've tried to put "ip address match" in addition to the "ip tos match" (thus 4 filter for SSH), only to no avail. unless the SSH filter removed, The class 1:13 didn't send packets in amount it should be. (just sent few pakets, fewer than the default). weird is the first three classes seemed fine from what listed in "tc -s class show" result. so is the actual traffic. I got my scp/ftp test for these three classes was OK. why? did I make any mistakes? any suggestions would be much appreciated. here is the currently "strange" script: --------------------------------------------------- tc qdisc add dev eth1 root handle 1: htb default 90 tc class add dev eth1 parent 1: classid 1:1 htb rate 1792kbit ceil 1792kbit tc class add dev eth1 parent 1:1 classid 1:10 htb rate 512kbit ceil 512kbit prio 2 tc class add dev eth1 parent 1:1 classid 1:11 htb rate 384kbit ceil 384kbit prio 2 tc class add dev eth1 parent 1:1 classid 1:12 htb rate 384kbit ceil 384kbit prio 2 tc class add dev eth1 parent 1:1 classid 1:13 htb rate 512kbit ceil 512kbit prio 2 tc class add dev eth1 parent 1:1 classid 1:90 htb rate 48kbit ceil 48kbit prio 1 tc filter add dev eth1 protocol ip parent 1:0 u32 \ match ip dst 202.59.196.192/28 flowid 1:10 tc filter add dev eth1 protocol ip parent 1:0 u32 \ match ip dst 202.59.196.208/28 flowid 1:11 tc filter add dev eth1 protocol ip parent 1:0 u32 \ match ip dst 202.59.206.0/27 flowid 1:12 tc filter add dev eth1 protocol ip parent 1:0 u32 \ match ip dst 202.59.196.224/28 flowid 1:13 tc filter add dev eth1 protocol ip parent 1:0 u32 \ match ip tos 0x10 0xff flowid 1:90 tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev eth1 parent 1:11 handle 11: sfq perturb 10 tc qdisc add dev eth1 parent 1:12 handle 12: sfq perturb 10 tc qdisc add dev eth1 parent 1:13 handle 13: sfq perturb 10 tc qdisc add dev eth1 parent 1:90 handle 90: sfq perturb 10 ------------------------------------------------- I patched and recompiled the RedHat 7.3 kernel sources (2.4.18) and iproute2-2.4.7-now-ss010824 and found no errors. __________________________________________________ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
