On Wed, 04 Aug 2004 14:31:06 +0000 zoop@xxxxxxxxxxx wrote: > it looks like you might have a problem with your marking with the FW. That's what I thought, but I can't troubleshoot any other way. I tried both ways 0x80, 80 to the same affect. The strange problem is if I omitted the source ip part, so iptables -A OUTPUT -p tcp -t mangle --dport www -j MARK --set-mark 40 it works I'm out of my head ^_^ > > From Looking at this I see the first commented link that as the mark in hex, Don't > all the marks need to be written this way? 0x80 0x40 0x20 ? > > This is just a guess I don't really know. > > > Ing Isianto Istiadi (isianto.istiadi@xxxxxxxxxxxxxxx) wrote: > > > >Dear All, > >I'm using the kernel 2.6.6, iproute2-2.4.7.20020116, iptables v1.2.9, and gentoo. > >I have a leased-line 64 kbps. > >I can see the counter works in iptables, but in the htb, it doesn't go to the right > class (it always go to the default class). > > > >Any help will be appreciated > > > > > >here's my htb conf > >#!/bin/bash > > > >tc qdisc del dev eth1 root > > > >tc qdisc add dev eth1 root handle 1: htb default 80 > >tc class add dev eth1 parent 1: classid 1:1 htb rate 65kbps ceil 65kbps > >tc class add dev eth1 parent 1:1 classid 1:10 htb rate 20kbps ceil 35kbps prio 3 > >tc class add dev eth1 parent 1:1 classid 1:20 htb rate 5kbps ceil 10kbps prio 0 > >tc class add dev eth1 parent 1:1 classid 1:30 htb rate 8kbps ceil 11kbps prio 2 > >tc class add dev eth1 parent 1:1 classid 1:40 htb rate 23kbps ceil 40kbps prio 1 > >tc class add dev eth1 parent 1:1 classid 1:80 htb rate 8kbps ceil 10kbps prio 4 > > > >tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 > >tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 > >tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10 > >tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10 > >tc qdisc add dev eth1 parent 1:80 handle 80: sfq perturb 10 > > > >tc filter add dev eth1 parent 1:0 protocol ip handle 10 fw flowid 1:10 > >tc filter add dev eth1 parent 1:0 protocol ip handle 20 fw flowid 1:20 > >tc filter add dev eth1 protocol ip parent 1:0 handle 30 fw flowid 1:30 > >tc filter add dev eth1 parent 1:0 protocol ip handle 40 fw classid 1:40 > >tc filter add dev eth1 protocol ip parent 1:0 handle 80 fw flowid 1:80 > > > >Here's my iptables rules*mangle > >:PREROUTING ACCEPT [1061:863210] > >:INPUT ACCEPT [1022:857788] > >:FORWARD ACCEPT [0:0] > >:OUTPUT ACCEPT [947:201743] > >:POSTROUTING ACCEPT [947:201743] > >-N personal > >-N others > >-N personal1 > >#-A OUTPUT -p tcp -m tcp --sport 3128 -j MARK --set-mark 0x2 > >-A OUTPUT -p tcp -m tcp --sport 3128 --destination 192.168.1.145 -j personal > >#-A OUTPUT -p tcp -m tcp --dport 80 -j MARK --set-mark 20 > >-A OUTPUT -p tcp -m tcp --dport 80 -j others > >-A personal -j MARK --set-mark 40 > >-A others -j MARK --set-mark 20 > > > > > >Here's my iptables -L -v -t mangle -x output > >Chain PREROUTING (policy ACCEPT 580535 packets, 176796832 bytes) > > pkts bytes target prot opt in out source destination > > > >Chain INPUT (policy ACCEPT 573475 packets, 174919251 bytes) > > pkts bytes target prot opt in out source destination > > > >Chain FORWARD (policy ACCEPT 5656 packets, 1810367 bytes) > > pkts bytes target prot opt in out source destination > > > >Chain OUTPUT (policy ACCEPT 598621 packets, 392036436 bytes) > > pkts bytes target prot opt in out source destination > > 11105 14785525 personal tcp -- any any anywhere > 192.168.1.145 tcp spt:webcache > > 28465 2233910 others tcp -- any any anywhere anywhere > tcp dpt:www > > > >Chain POSTROUTING (policy ACCEPT 604295 packets, 393851150 bytes) > > pkts bytes target prot opt in out source destination > > > >Chain others (1 references) > > pkts bytes target prot opt in out source destination > > 28465 2233910 MARK all -- any any anywhere anywhere > MARK set 0x14 > > > >Chain personal (1 references) > > pkts bytes target prot opt in out source destination > > 11105 14785525 MARK all -- any any anywhere anywhere > MARK set 0x28 > > > >Chain personal1 (0 references) > > pkts bytes target prot opt in out source destination > > > >Here's my > > > >/sbin/tc -s qdisc show dev eth1 > > > >qdisc sfq 80: limit 128p quantum 1514b perturb 10sec > > Sent 386 bytes 5 pkts (dropped 0, overlimits 0) > >qdisc sfq 40: limit 128p quantum 1514b perturb 10sec > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > >qdisc sfq 30: limit 128p quantum 1514b perturb 10sec > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > >qdisc sfq 20: limit 128p quantum 1514b perturb 10sec > > Sent 12272 bytes 72 pkts (dropped 0, overlimits 0) > >qdisc sfq 10: limit 128p quantum 1514b perturb 10sec > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > >qdisc htb 1: r2q 10 default 80 direct_packets_stat 0 > > Sent 12658 bytes 77 pkts (dropped 0, overlimits 0) > > > > > >tc -s -d filter show dev eth1 > > > >filter parent 1: protocol ip pref 49151 fw > >filter parent 1: protocol ip pref 49151 fw handle 0x50 classid 1:80 > >filter parent 1: protocol ip pref 49151 fw > >filter parent 1: protocol ip pref 49151 fw handle 0x28 classid 1:40 > >filter parent 1: protocol ip pref 49151 fw > >filter parent 1: protocol ip pref 49151 fw handle 0x1e classid 1:30 > >filter parent 1: protocol ip pref 49151 fw > >filter parent 1: protocol ip pref 49151 fw handle 0x14 classid 1:20 > >filter parent 1: protocol ip pref 49152 fw > >filter parent 1: protocol ip pref 49152 fw handle 0xa classid 1:10 > > > > > >tc -s class show dev eth1 > > > >class htb 1:1 root rate 520Kbit ceil 520Kbit burst 2264b cburst 2264b > > Sent 174465 bytes 1142 pkts (dropped 0, overlimits 0) > > rate 712bps 5pps > > lended: 4 borrowed: 0 giants: 0 > > tokens: 34107 ctokens: 34107 > > > >class htb 1:10 parent 1:1 leaf 10: prio 3 rate 160Kbit ceil 280Kbit burst 1803b > cburst 1957b > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > > lended: 0 borrowed: 0 giants: 0 > > tokens: 90199 ctokens: 55942 > > > >class htb 1:20 parent 1:1 leaf 20: prio 0 rate 40Kbit ceil 80Kbit burst 1650b > cburst 1701b > > Sent 115721 bytes 990 pkts (dropped 0, overlimits 0) > > rate 340bps 3pps > > lended: 990 borrowed: 0 giants: 0 > > tokens: 320599 ctokens: 165400 > > > >class htb 1:30 parent 1:1 leaf 30: prio 2 rate 64Kbit ceil 88Kbit burst 1680b > cburst 1711b > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > > lended: 0 borrowed: 0 giants: 0 > > tokens: 210124 ctokens: 155635 > > > >class htb 1:40 parent 1:1 leaf 40: prio 1 rate 184Kbit ceil 320Kbit burst 1834b > cburst 2008b > > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > > lended: 0 borrowed: 0 giants: 0 > > tokens: 79781 ctokens: 50224 > > > >class htb 1:80 parent 1:1 leaf 80: prio 4 rate 64Kbit ceil 80Kbit burst 1680b > cburst 1701b > > Sent 58744 bytes 152 pkts (dropped 0, overlimits 0) > > rate 3Kbit 1pps > > lended: 148 borrowed: 4 giants: 0 > > tokens: 202125 ctokens: 163799 > >_______________________________________________ > >LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > > -- > When dealing with a slow pipe, never underestimate the throughput of the postal system. > > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
