Konrad wrote:
> So I assume the routing is working OK. Yes... routing is working well.
OK - I am still confused about what interfaces you have your script uses 1 2 and 3.
That rule will send all packets going through postrouting to imq1 whether they are going inside or outside ...
OK. You right... never mind.
I will try to explain You:P
I attached file... with code, and comments and explanation of problem.
isp=0; v=1
for device in $dev_isp #one time for one link...
do
# Calculations - in array ext_upl i have speed of interfaces.
tmp=$(echo "scale=3; ${ext_upl[$isp]}%$ile" | bc) #the rest from division. All users have guaranted speed.
min=$(echo "scale=3; ${ext_upl[$isp]}/$ile" | bc) #I divide by number of IP the maximum speed.
pri_min=$(echo "scale=3; $min/2+$min%2" | bc) #Divide by 2... to create two classes - prio 1 & prio 2.
sec_min=$(echo "scale=3; $min/2" | bc)
max=${ext_upl[$isp]} #Maximum speed...
(...)
qu0=`printf "%x\n" $v`#Hexadecimal numeration queues. - qu0 is the number of link queue.
$TC class add dev imq1 parent 2:0 classid 2:$qu0 htb rate ${ext_upl[$isp]}kbit ceil ${ext_upl[$isp]}kbit #link queue...
let "v=v+1" #counter:P
for usr in $zew
do #Hexadecimal numeration classes.
qu1=`printf "%x\n" $v` #qu1 is the number of user class.
qu2=`printf "%x\n" $((v+1))` #qu2 is the number of high priority traffic class.
qu3=`printf "%x\n" $((v+2))` #qu3 is the number of low priority traffic class.
$TC class add dev imq1 parent 2:$qu0 classid 2:$qu1 htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum #users queues with user guaranted traffic rate and max link speed ceil.
$TC class add dev imq1 parent 2:$qu1 classid 2:$qu2 htb rate ${pri_min}kbit ceil ${max}kbit prio 1 quantum $u_quantum #high priority traffic...
(...)
$TC class add dev imq1 parent 2:$qu1 classid 2:$qu3 htb rate ${sec_min}kbit ceil ${max}kbit prio 2 quantum $u_quantum #low priority...
(...)
$TC qdisc add dev imq1 parent 2:$qu2 sfq
$TC qdisc add dev imq1 parent 2:$qu3 sfq
#This is the problem! Packets are being thrown to users class. I classify them using packets source IP.
#The problem doesn't exist if I do it for one link. But if I want second link - this rule match all traffic to first and second link:/
$TC filter add dev imq1 protocol ip parent 2:0 pref 5 u32 match ip src $usr flowid 2:$qu1
#That I tried to solve this problem that...
$TC filter add dev eth0 protocol ip parent 2:0 handle $((isp+1)) fw flowid 2:$qu0 #this match packets which going to interface, but unfortunately this doesn't working for POSTROUTING:/
$TC filter add dev imq1 protocol ip parent 2:qu0 pref 5 u32 match ip src $usr flowid 2:$qu1
#CUT here :P
(...) users filters...
$TC filter add dev imq1 protocol ip parent 2:0 pref 1 u32 match ip src $usr match ip dport $p_squid 0xffff flowid 2:$qu2 #If squid miss, traffic will go to user queue.
(...)
#Here I have LAN traffic queues.
(...)
if [ $sqd_spd -ne 0 ] && [ $p_squid != "" ]; then #Independent from LAN queue speed class for HIT Squid (I've patch... TOS). $p_squid = squid port...
qu1=`printf "%x\n" $v`
$TC class add dev imq1 parent 2:0 classid 2:$qu1 htb rate ${sqd_spd}Mbit ceil ${sqd_spd}Mbit quantum $u_quantum #sqd_spd - speed fo HIT traffic
$TC qdisc add dev imq1 parent 2:$qu1 sfq
for ipek in $lan_int ${zew/$srv_ext/}
do
$TC filter add dev imq1 protocol ip parent 2:0 pref 2 u32 match ip dst $ipek match ip sport $p_squid 0xffff flowid 2:$qu1 #this catch all traffic from source port Squid...
done
let "v=v+1"
fi
i=0
for ntr in $lan_int #LAN queues - $lan_int: 192.168.0.0/24 (eth2); 192.168.1.0/24 (eth3)... etc.
do
qu1=`printf "%x\n" $v` #Hexadecimal number of class..
$TC class add dev imq1 parent 2:0 classid 2:$qu1 htb rate ${int_dwl[$i]}Mbit ceil ${int_dwl[$i]}Mbit quantum $u_quantum
$TC qdisc add dev imq1 parent 2:$qu1 sfq
for pri in ${ext[$i]}
do
for sec in ${zew/${ext[$i]}/} #External IP adresses.
do
$TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $sec match ip dst $pri flowid 2:$qu1
done
done
for sec in $dev_ext
do
$TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $sec match ip dst $ntr flowid 2:$qu1
done
for ipek in $lan_int ${zew/$srv_ext/} #Traffic between subnets and external IP
do
$TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $ipek match ip dst $ntr flowid 2:$qu1
done
let "v=v+1"
let "i=i+1"
done
#All traffic is going to classes, but only users upload traffic, server download and traffic between subnets is queued
$IPTABLES -t mangle -A POSTROUTING -j IMQ --todev 1
$IP link set imq1 up
Everything is working for one link.
I do not know how can I put traffic to suitable link queues.
All filters that I wrote in this script uses IP adresses, subnets range of IP, source ports, destination ports, and TOS.
Never checked on which interface packet goes.
I wonder how to solve this for my route table and for load balancing... :/
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
