[LARTC] Bandwith sharing in NAT environment.

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In a NAT environment, it is advisable to mark packets in prerouting stage.
Subsequently, till the packets leaves the system , the mark will not be
changed by any other process except a explicit mark iptables statement. Even
if NAT changes IP address, the fw mark will still be the same allowing for
classification. AFAIK, mark can have values rangign from 1 to 255.

Mohan

-----Original Message-----
From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx]On
Behalf Of Raghuveer
Sent: Thursday, August 14, 2003 4:33 PM
To: rajesh_khanduja@xxxxxxxxx
Cc: lartc@xxxxxxxxxxxxxxx
Subject: Re: [LARTC] Bandwith sharing in NAT environment.



Rajesh wrote:

>Hi
>
>I wish to implement Bandwith sharing in a NAT environment.
>
>The question is whether I can classify input packets on the basis of
ip-addresses (private LAN addresses)? These packets finally need to be NATed
before going on to Internet.
>
>Would the tc filters see the private addresses and put it in the
appropriate classes or would the tc filters see only the NATed address and
the filter would fail in putting the packets in the appropriate classes?
>
>The n/w diag would be somewhat like this
>
>private address LAN ips ------>iptables(NAT)------>Internet.
>
>
private address LAN
ips ------>tc(netlink)--------->iptables(NAT)------>Internet
I feel this is how it is...so dnat will be after tc in LAN to WAN and snat
will be before tc in WAN to LAN.

-Raghu

>Can I mark packets using iptables matching source ip-address?
>What address will tc filter see when the private addresses are masqueraded
?
>
>Any help is most welcome.
>
>Cheers,
>Rajesh
>
>
>
>
>_______________________________________________
>No banners. No pop-ups. No kidding.
>Introducing My Way - http://www.myway.com
>_______________________________________________
>LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
>
>
>


_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux