Re: Packets Redirection

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thursday 24 October 2002 08:22, Tom wrote:
> Hi all,
>
> I use a Debian Woody with Kernel 2.4.18 patched with the HTB queue. I use
> the tc binay given within the HTB targz. Iptables 1.2.6a
> I wrote this script based on the ADSL Bandwith management howto :
>
> DEV=eth0
> RATEUP=128
>
> tc qdisc add dev $DEV root handle 1: htb default 22
> tc class add dev $DEV parent 1: classid 1:1 htb rate ${RATEUP}kbit
> tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[$RATEUP/7]kbit
> ceil ${RATEUP}kbit prio 0
> tc class add dev $DEV parent 1:1 classid 1:21 htb rate $[$RATEUP/7]kbit
> ceil 88kbit prio 1
> tc class add dev $DEV parent 1:1 classid 1:22 htb rate $[$RATEUP/7]kbit
> ceil 88kbit prio 2
a tip : make sure the sum of the rates = ceil of the parent.  It's not needed, 
but it's more logic.   And you have to be sure YOU are the bottleneck on the 
link.  It's possible that you have to set RATE=120 to get results.

> tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
> tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10
> tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10
> tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid
> 1:20 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw
> flowid 1:21 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22
> fw flowid 1:22
>
> iptables -t mangle -N MYSHAPER-OUT
> iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
> iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 22
> iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20
> iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21
>
> I transfered a file by ftp. The packets was sent through the class 22 and
> its bandwith limited to 88kbits, which is normal. But i sent pings and
> thoose packets were sent through the class 22 too which is not normal due
> to the mangle packets marking.
> I know which class was used by looking the tc classes status. Why icmp
> packets was not sent through class 20 ?
Can you check out the iptables counters to see if the packets are really 
marked like you want ?
And you can get the same filter results if you add a fw filter with no option.  
The mark will be used as classid :
tc filter add dev $DEV parent 1:0 prio 0 protocol ip fw

Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux