hi all, my system with kernel 2.4.16 & 2.4.17( RH-7.2) has netfilter-1.2.4, iproute-ss010803, squid, dns with 4 ether cards.i am trying a simple situation where i want to shape traffic all the interfaces. at present iam using netfilter to allow a few ips, using transparent squid & iproute to limit bandwidth. i feel i must give more bandwidth for my local servers for my office & customers. i need some help from u Gurus in knowing what i did wrong here. a) y no trafic is passing thru the http handle 101. infcat only the 102 handle is working(seen below) ?? b) whats recomended--marking pkts in iproute or iptables ?? c) if i mark pkts with iptables, will i be still able to use transparent squid as well as shape bandwidth(i havnt tried this so far) [root@xxxx root]# tc -s -d class ls dev eth1 class htb 2: parent 2: class htb 2: parent 2: class htb 2: parent 2: class htb 2: parent 2: class htb 2: parent 2: [root@xxxx root]# tc -s -d qdisc ls dev eth1 qdisc pfifo 102: limit 2p Sent 1067212 bytes 991 pkts (dropped 114, overlimits 0) backlog 2p qdisc pfifo 101: limit 2p Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc pfifo 100: limit 2p Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc htb 2: Sent 1067296 bytes 993 pkts (dropped 114, overlimits 1414) backlog 2p [root@xxxx root]# cat yemp #!/bin/sh tc qdisc add dev eth0 root handle 1: htb default 100 tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit burst 5k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 256kbit ceil 1mbit burst 2 tc class add dev eth0 parent 1:10 classid 1:100 htb rate 2kbit burst 2 tc class add dev eth0 parent 1:10 classid 1:101 htb rate 4kbit burst 2 tc class add dev eth0 parent 1:10 classid 1:102 htb rate 32kbit burst 2 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dst 10.1.1.0/24 match tcp dst 25 0xffff flowid 1:100 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match tcp src 80 0xffff flowid 1:101 tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match tcp dst 80 0xffff flowid 1:101 tc filter add dev eth0 protocol ip parent 1:0 prio 2 u32 match ip dst 10.1.1.0/24 flowid 1:102 ##tc qdisc add dev eth0 parent 1:100 handle 101 sfq perturb 10 tc qdisc add dev eth0 parent 1:100 handle 100 pfifo limit 2 tc qdisc add dev eth0 parent 1:101 handle 101 pfifo limit 2 tc qdisc add dev eth0 parent 1:102 handle 102 pfifo limit 2 tc qdisc add dev eth1 root handle 2: htb tc class add dev eth1 parent 2: classid 2:1 htb rate 10mbit burst 5k tc class add dev eth1 parent 2:1 classid 2:10 htb rate 256kbit ceil 1mbit burst 2 tc class add dev eth1 parent 2:10 classid 2:100 htb rate 2kbit burst 2 tc class add dev eth1 parent 2:10 classid 2:101 htb rate 4kbit burst 2 tc class add dev eth1 parent 2:10 classid 2:102 htb rate 32kbit burst 2 tc filter add dev eth1 protocol ip parent 2:0 prio 1 u32 match ip dst 10.1.1.0/24 match tcp dst 25 0xffff flowid 2:100 tc filter add dev eth1 protocol ip parent 2:0 prio 1 u32 match tcp src 80 0xffff flowid 2:101 tc filter add dev eth1 protocol ip parent 2:0 prio 1 u32 match tcp dst 80 0xffff flowid 2:101 tc filter add dev eth1 protocol ip parent 2:0 prio 2 u32 match ip dst 10.1.1.0/24 flowid 2:102 ##tc qdisc add dev eth1 parent 2:200 handle 102 sfq perturb 10 tc qdisc add dev eth1 parent 2:100 handle 100 pfifo limit 2 tc qdisc add dev eth1 parent 2:101 handle 101 pfifo limit 2 tc qdisc add dev eth1 parent 2:102 handle 102 pfifo limit 2 [root@xxxx root]# tc -s -d qdisc ls dev eth1 qdisc pfifo 102: limit 2p Sent 1372419 bytes 1210 pkts(dropped 129, overlimits 0) backlog 1p qdisc pfifo 101: limit 2p Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc pfifo 100: limit 2p Sent 0 bytes 0 pkts (dropped 0, overlimits 0) qdisc htb 2: Sent 1372545 bytes 1213 pkts (dropped 129, overlimits 1744) backlog 1p thanking u all in advance.. arindam __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
