[LARTC] Help Needed with TC qdisc and filters

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Normally, either src or dst from an internal ip alone will be effective on
an interface as we can shape only outgoing traffic. Thus if eth0 is the
internal LAN interface for 1.2.3.x network, only dst will be effective. If
eth0 is the gateway to the other side with say eth1 as the internal
interface to 1.2.3.x LAN, then src will be effective. You will need to apply
src and dst to different interfaces to achieve what you want.

e.g. eth0 is WAN side and eth1 is LAN side then
	tc qdisc add dev eth0 root handle 10: prio
	tc class add dev eth0 parent 10: classid 10:1 htb rate 512kbit ceil 1Mbit
	tc class add dev eth0 parent 10:1 classid 10:10 htb rate 512kbit ceil 1Mbit
	tc class add dev eth0 parent 10: classid 10:20 htb rate 2kbit ceil 1Mbit
	tc filter add dev eth0 parent 10:1 protocol ip prio 1 u32 \
		match ip src 1.2.3.4/32 flowid 10:10
	tc filter add dev eth0 parent 10:1 protocol ip prio 1 u32 \
		match ip src 1.2.3.5/32 flowid 10:20

	tc qdisc add dev eth1 root handle 11: prio
	tc class add dev eth1 parent 11: classid 11:1 htb rate 512kbit ceil 1Mbit
	tc class add dev eth1 parent 11:1 classid 11:10 htb rate 512kbit ceil 1Mbit
	tc class add dev eth1 parent 11:1 classid 11:20 htb rate 2kbit ceil 1Mbit
	tc filter add dev eth1 parent 11:0 protocol ip prio 1 u32 \
		match ip dst 1.2.3.4/32 flowid 11:10
	tc filter add dev eth1 parent 11:0 protocol ip prio 1 u32 \
		match ip dst 1.2.3.5/32 flowid 11:20

You had not mentioned classes earlier. These are needed and filters will
assign traffic to classes. Thus traffic to and from 1.2.3.5/24 has 2kbit
borrowable upto a max of 1Mbit while 1.2.3.4/24 has 512kbit borrowable upto
1Mbit. Thus 1.2.3.4 will get 512/514 portion of the bandwidth always. if no
traffic comes from 1.2.3.4, 1.2.3.5 will get full bandwidth.

I gave rate as 512 and ceil as 1mbit assuming WAN is a 1Mbit interface
reserving 512 for ingress and 512 for egress. In case incoming traffic does
not take 512, the outgoing traffic can borrow that bandwidth upto max link
capacity.

HTH
Mohan

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Andreas Wright
Sent: 20 January 2003 14:30
To: LARTC@mailman.ds9a.nl
Subject: [LARTC] Help Needed with TC qdisc and filters


Hello ,
I am trying to use tc to do the following ..on the interface(eth0) I want to
give priority to  to packets coming from a specific IP address 1.2.3.4 over
packets from  IP address 1.2.3.5 .
I would like to know if the following setup would work with PRIO qdisc.
tc qdisc add dev eth0 root handle 10 : prio
tc filter add dev eth0 parent 10:0 protocol ip prio 1 u32 \
match ip src 1.2.3.4/32 flowid 10:1
tc filter add dev eth0 parent 10:0 protocol ip prio 1 u32 \
match ip dst 1.2.3.4/32 flowid 10:1
tc filter add dev eth0 parent 10:0 protocol ip prio 1 u32 \
match ip src 1.2.3.5/32 flowid 10:2
tc filter add dev eth0 parent 10:0 protocol ip prio 1 u32 \
match ip dst 1.2.3.5/32 flowid 10:2
Can I test this setup by using flooding ping from 1.2.3.4 and 1.2.3.5 to the
machine configured with tc ?
I expected that pings from 1.2.3.5 will be dropped giving priority to
1.2.3.4
Looking forward to your input,
Andreas.









With Yahoo! Mail you can get a bigger mailbox -- choose a size that fits
your needs



[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux