The netmask is /8 in my config, but it can be /24 (doesn't matter a whole lot). The traffic is not being bridged at Machine1, its simple routing coz I've setup a route & ARP entry for Machine2 on Machine1 and IP Forwarding, Proxy ARP is enabled on Machine1. Thanks --- Lawrence MacIntyre <lpz@xxxxxxxx> wrote: > Is the netmask actually /24 instead of /8 or are you bridging the > traffic with Machine1? > > On Thu, 2003-10-16 at 17:26, Amit Gandhi wrote: > > Please consider the following scenario & corresponding question..... > > > > > > Machine1 Machine2 > > _________________ _________________ > > MachineX | | | | > > HTTP(1) | | | HTTP Server | > > ------>-------->| -----|------------------| | > > eth0| / |eth1 |eth0 | > > 10.20.253.242/8| / |10.20.255.238/8 |10.20.246.247/8| > > | HTTP(2) | | | > > |_______________| |_______________| > > > > 10.20.246.247 dev eth1 > > 10.20.246.247 dev eth1 lladdr xx:xx:xx:xx:xx:xx > > proxy_arp =1 > > ip_forward=1 > > > > Here are my shaping rules (primary goal is to send the web traffic > > through a seperate queue) > > > > tc qdisc add dev eth1 root handle 1: htb default 20 > > > > tc class add dev eth1 parent 1: classid 1:1 htb rate 2mbit burst 15k > > > > tc class add dev eth1 parnet 1:1 classid 1:10 htb rate 1mbit ceil > 2mbit > > burst 15k > > tc class add dev eth1 parnet 1:1 classid 1:20 htb rate 1mbit burst > 15k > > > > tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 > > tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 > > > > tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip > dport > > 0x50 0xffff flowid 1:10 > > > > > > Now, after all of this configuration I've observed that: > > > > a) All the web requests comming from "MachineX" go thru the default > > queue 20 > > b) Web traffic generated from "Machine1" does gets send thru queue > 10 > > > > > > Why, is the forwarded traffic bypassing the filter? > > > > I inserted debug messages in the 'u32_classify' function > > inside the kernel, just to make sure that the filter is not > > failing, but the function never gets called for HTTP(1) > > traffic!!! > > > > > > Regards, > > +Amit > > email: subscribeamit@xxxxxxxxx > > > > __________________________________ > > Do you Yahoo!? > > The New Yahoo! Shopping - with improved product search > > http://shopping.yahoo.com > > _______________________________________________ > > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: > http://lartc.org/ > -- > Lawrence MacIntyre 865.574.8696 lpz@xxxxxxxx > Oak Ridge National Laboratory > High Performance Information Infrastructure Technology Group > > > ATTACHMENT part 2 application/pgp-signature name=signature.asc __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
