HI , I wonder if anyone could help me with the following. I'm trying to divide bandwith across a NAT'ed linux router based on (internal) source IP. I've been trying something like the following: iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to $EXTERNAL_IP iptables -t mangle -A PREROUTING -i eth0 -s 192.168.2.0/24 -j MARK --set-mark 0x1 iptables -t mangle -A PREROUTING -i eth0 -s 192.168.2.111 -j MARK --set-mark 0x2 tc qdisc add dev eth0 root handle 1: cbq bandwidth 100Mbit avpkt 1000 tc class add dev eth0 parent 1:0 classid 1:1 cbq bandwidth 100Mbit rate 1Mbit weight 100Kbit prio 8 maxburst 20 avpkt 1000 bounded 1015 tc class add dev eth0 parent 1:1 classid 1:999 cbq bandwidth 8Mbit rate 4096Kbit weight 410Kbit prio 5 maxburst 20 avpkt 1000 bounded 1016 tc class add dev eth0 parent 1:1 classid 1:512 cbq bandwidth 1Mbit rate 512Kbit weight 51Kbit prio 5 maxburst 20 avpkt 1000 bounded 1017 tc qdisc add dev eth0 parent 1:999 tbf rate 4096Kbit burst 64000b lat 1us 1018 tc qdisc add dev eth0 parent 1:512 tbf rate 512Kbit burst 64000b lat 1us 1019 tc filter add dev eth0 parent 1:0 protocol ip prio 3 handle 0x1 fw classid 1:999 1020 tc filter add dev eth0 parent 1:0 protocol ip prio 5 handle 0x2 fw classid 1:512 However although the packets are marked correctly they do not actually traver se the tc subclasses hanging off eth0 as intended. I actually had this set-up working fine under ipchains with the -m option to set the mark. Could anyone advise me as to what I'm doing wrong? Thanks in advance NIck Gresham.
