I've recently tried to setup a 3-interface transparent bridge, where 2 internal interfaces (eth1,eth2) funnel into 1 outgoing interface (eth0). The idea was to be that eth1 gets priority over eth2 in all cases.
The bridge works flawlessly - it passes all layer2 traffic through properly. The traffic control however, does not work at all. (The LARTC Howto says bridging + tc should "work as advertised", but no examples or instructions are given...)
The conclusion I came to was that bridging is done in layer2, and so traffic control code (typically layer3) never gets to touch it. Am I wrong?
Setup was: mark packets with ebtables, then filter into 2 qdiscs based on those marks.
Ebtables bit:
ebtables -A FORWARD -i eth1 -j mark --set-mark 0x1
ebtables -A FORWARD -i eth2 -j mark --set-mark 0x2
- This works, as ebtables' counters do count matching packets correctly (connecting a machine to and interface, and starting . (I assume that they set sk_buff->nfmark properly.)
.
Classes: tc qdisc add dev eth0 root handle 1: htb default 10 tc class add dev eth0 parent 1: classid 1:1 htb rate 500kbit ceil 500kbit tc class add dev eth0 parent 1:1 classid 1:10 htb rate 450kbit ceil 500kbit prio 0 tc class add dev eth0 parent 1:1 classid 1:20 htb rate 50kbit ceil 500kbit prio 1
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 2 handle 2 fw classid 1:20
As I understand it, the second last line should put packets with nfmark 1 into class 1:10 (450-500 kbit), and the last line should put packets with nfmark 2 into class 1:20 (50-500kbit).
With an active host plugged into eth2, all I get is traffic going through the default class (1:10) according to 'tc -s show class dev eth0'
If anyone could offer any suggestions, I'd be glad to hear 'em.
Cheers,
jon anderson
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
