Hi! I just recently entered the wonderful world of the so called "advanced routing" and decided to try and limit the bandwidth of a MASQed network here and ended up in trouble :(. The setup is (as far as I can tell) pretty straightforward. eth0 is connected to the "real" network with a proper IP, and eth2 is 192.168.10.x (the MASQed network). All of it is basicly right out of the advanced routing howto. My problem is that it only shapes traffic going into the MASQed network and not from it. I've been trying to figure out why, and the only reason I can think of is that once the traffic passes through eth0 going out to the public network the packets are no longer tagged with a 192.168.10.x ip, but rather the public address. Is this the case? (The MASQ-box I'm using actually has 6 NICs, but I'm only using two of them right now, which explains why only eth0 and eth2 are in the example). Here's the setup as of right now: --- tc qdisc add dev eth0 root handle 10: cbq bandwidth 100Mbit avpkt 1000 tc qdisc add dev eth2 root handle 20: cbq bandwidth 100Mbit avpkt 1000 tc class add dev eth0 parent 10:0 classid 10:1 cbq bandwidth 100Mbit \ rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 20 avpkt 1000 tc class add dev eth2 parent 20:0 classid 20:1 cbq bandwidth 100Mbit \ rate 100Mbit allot 1514 weight 10Mbit prio 8 maxburst 20 avpkt 1000 tc class add dev eth0 parent 10:1 classid 10:100 cbq bandwidth \ 100Mbit rate 2Mbit allot 1514 weight 200Kbit prio 5 maxburst 20 \ avpkt 1000 bounded tc class add dev eth2 parent 20:1 classid 20:100 cbq bandwidth \ 100Mbit rate 2Mbit allot 1514 weight 200Kbit prio 5 maxburst 20 \ avpkt 1000 bounded tc qdisc add dev eth0 parent 10:100 sfq quantum 1514b perturb 15 tc qdisc add dev eth2 parent 20:100 sfq quantum 1514b perturb 15 tc filter add dev eth0 parent 10:0 protocol ip prio 100 u32 match ip src \ 192.168.10.0/24 flowid 10:100 tc filter add dev eth2 parent 20:0 protocol ip prio 100 u32 match ip dst \ 192.168.10.0/24 flowid 20:100 --- I hope someone can help! :) // Kim Lundgren
