>>I can see the counter works in iptables, but in the htb, it doesn't go to the right class Please write what commands do you use to see "the counter" and what counter do you mean? I think counter for ip packets isn't it? You can try to see my problem in LARTC archive: "HTB 3.13 please help". In my opinion you have bad configured packet marking. See my configuration of packet marking. I included it with archive posts in "HTB 3.13 please help" ---------------------------------------------------------------------------- --------------------- > Dear All, > I'm using the kernel 2.6.6, iproute2-2.4.7.20020116, iptables v1.2.9, and gentoo. > I have a leased-line 64 kbps. > I can see the counter works in iptables, but in the htb, it doesn't go to the right class (it always go to the default class). > > Any help will be appreciated > > > here's my htb conf > #!/bin/bash > > tc qdisc del dev eth1 root > > tc qdisc add dev eth1 root handle 1: htb default 80 > tc class add dev eth1 parent 1: classid 1:1 htb rate 65kbps ceil 65kbps > tc class add dev eth1 parent 1:1 classid 1:10 htb rate 20kbps ceil 35kbps prio 3 > tc class add dev eth1 parent 1:1 classid 1:20 htb rate 5kbps ceil 10kbps prio 0 > tc class add dev eth1 parent 1:1 classid 1:30 htb rate 8kbps ceil 11kbps prio 2 > tc class add dev eth1 parent 1:1 classid 1:40 htb rate 23kbps ceil 40kbps prio 1 > tc class add dev eth1 parent 1:1 classid 1:80 htb rate 8kbps ceil 10kbps prio 4 > > tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 > tc qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 > tc qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10 > tc qdisc add dev eth1 parent 1:40 handle 40: sfq perturb 10 > tc qdisc add dev eth1 parent 1:80 handle 80: sfq perturb 10 > > tc filter add dev eth1 parent 1:0 protocol ip handle 10 fw flowid 1:10 > tc filter add dev eth1 parent 1:0 protocol ip handle 20 fw flowid 1:20 > tc filter add dev eth1 protocol ip parent 1:0 handle 30 fw flowid 1:30 > tc filter add dev eth1 parent 1:0 protocol ip handle 40 fw classid 1:40 > tc filter add dev eth1 protocol ip parent 1:0 handle 80 fw flowid 1:80 > > Here's my iptables rules*mangle > :PREROUTING ACCEPT [1061:863210] > :INPUT ACCEPT [1022:857788] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [947:201743] > :POSTROUTING ACCEPT [947:201743] > -N personal > -N others > -N personal1 > #-A OUTPUT -p tcp -m tcp --sport 3128 -j MARK --set-mark 0x2 > -A OUTPUT -p tcp -m tcp --sport 3128 --destination 192.168.1.145 -j personal > #-A OUTPUT -p tcp -m tcp --dport 80 -j MARK --set-mark 20 > -A OUTPUT -p tcp -m tcp --dport 80 -j others > -A personal -j MARK --set-mark 40 > -A others -j MARK --set-mark 20 > > > Here's my iptables -L -v -t mangle -x output > Chain PREROUTING (policy ACCEPT 580535 packets, 176796832 bytes) > pkts bytes target prot opt in out source destination > > Chain INPUT (policy ACCEPT 573475 packets, 174919251 bytes) > pkts bytes target prot opt in out source destination > > Chain FORWARD (policy ACCEPT 5656 packets, 1810367 bytes) > pkts bytes target prot opt in out source destination > > Chain OUTPUT (policy ACCEPT 598621 packets, 392036436 bytes) > pkts bytes target prot opt in out source destination > 11105 14785525 personal tcp -- any any anywhere 192.168.1.145 tcp spt:webcache > 28465 2233910 others tcp -- any any anywhere anywhere tcp dpt:www > > Chain POSTROUTING (policy ACCEPT 604295 packets, 393851150 bytes) > pkts bytes target prot opt in out source destination > > Chain others (1 references) > pkts bytes target prot opt in out source destination > 28465 2233910 MARK all -- any any anywhere anywhere MARK set 0x14 > > Chain personal (1 references) > pkts bytes target prot opt in out source destination > 11105 14785525 MARK all -- any any anywhere anywhere MARK set 0x28 > > Chain personal1 (0 references) > pkts bytes target prot opt in out source destination > > Here's my > > /sbin/tc -s qdisc show dev eth1 > > qdisc sfq 80: limit 128p quantum 1514b perturb 10sec > Sent 386 bytes 5 pkts (dropped 0, overlimits 0) > qdisc sfq 40: limit 128p quantum 1514b perturb 10sec > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > qdisc sfq 30: limit 128p quantum 1514b perturb 10sec > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > qdisc sfq 20: limit 128p quantum 1514b perturb 10sec > Sent 12272 bytes 72 pkts (dropped 0, overlimits 0) > qdisc sfq 10: limit 128p quantum 1514b perturb 10sec > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > qdisc htb 1: r2q 10 default 80 direct_packets_stat 0 > Sent 12658 bytes 77 pkts (dropped 0, overlimits 0) > > > tc -s -d filter show dev eth1 > > filter parent 1: protocol ip pref 49151 fw > filter parent 1: protocol ip pref 49151 fw handle 0x50 classid 1:80 > filter parent 1: protocol ip pref 49151 fw > filter parent 1: protocol ip pref 49151 fw handle 0x28 classid 1:40 > filter parent 1: protocol ip pref 49151 fw > filter parent 1: protocol ip pref 49151 fw handle 0x1e classid 1:30 > filter parent 1: protocol ip pref 49151 fw > filter parent 1: protocol ip pref 49151 fw handle 0x14 classid 1:20 > filter parent 1: protocol ip pref 49152 fw > filter parent 1: protocol ip pref 49152 fw handle 0xa classid 1:10 > > > tc -s class show dev eth1 > > class htb 1:1 root rate 520Kbit ceil 520Kbit burst 2264b cburst 2264b > Sent 174465 bytes 1142 pkts (dropped 0, overlimits 0) > rate 712bps 5pps > lended: 4 borrowed: 0 giants: 0 > tokens: 34107 ctokens: 34107 > > class htb 1:10 parent 1:1 leaf 10: prio 3 rate 160Kbit ceil 280Kbit burst 1803b cburst 1957b > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > lended: 0 borrowed: 0 giants: 0 > tokens: 90199 ctokens: 55942 > > class htb 1:20 parent 1:1 leaf 20: prio 0 rate 40Kbit ceil 80Kbit burst 1650b cburst 1701b > Sent 115721 bytes 990 pkts (dropped 0, overlimits 0) > rate 340bps 3pps > lended: 990 borrowed: 0 giants: 0 > tokens: 320599 ctokens: 165400 > > class htb 1:30 parent 1:1 leaf 30: prio 2 rate 64Kbit ceil 88Kbit burst 1680b cburst 1711b > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > lended: 0 borrowed: 0 giants: 0 > tokens: 210124 ctokens: 155635 > > class htb 1:40 parent 1:1 leaf 40: prio 1 rate 184Kbit ceil 320Kbit burst 1834b cburst 2008b > Sent 0 bytes 0 pkts (dropped 0, overlimits 0) > lended: 0 borrowed: 0 giants: 0 > tokens: 79781 ctokens: 50224 > > class htb 1:80 parent 1:1 leaf 80: prio 4 rate 64Kbit ceil 80Kbit burst 1680b cburst 1701b > Sent 58744 bytes 152 pkts (dropped 0, overlimits 0) > rate 3Kbit 1pps > lended: 148 borrowed: 4 giants: 0 > tokens: 202125 ctokens: 163799 > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
