Problem with HTB and IPTABLES

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear All,

I’m working with Fedora Core 3, kernel 2.9.1, MPLS-for-Linux-4.193, and having some problems when create a HTB queue. ALL packets goes to the default queue, they don’t care about any mark or ip field I use to enqueue them. : -/

 

That’s the deal, all packets that incoming the interface eth2 are classified and have theirs TOS field changed following some qos policy at the PREROUTING LEVEL.

Next, all packets are marked following the tos field previous changed, and them enqueued and labeled following the iptables marks.

 

I’ve checked using ethereal, and all the packets’ TOS field are been correctly changed, and the packets are been sent to the right mpls tunnel with the right label, proving that the iptables are correctly marking the packets.

Allthrought, the packets doesn’t go to the right class queue… all them goes to the default htb queue.      

 

Could some one give me some tips?

 

 

tc qdisc add dev eth1 root handle 1: htb default 13

 

tc class add dev eth1 parent 1: classid 1:1 htb rate 1Mbit ceil 1Mbit

tc class add dev eth1 parent 1:1 classid 1:10 htb rate 400kbit ceil 600kbit prio 0

tc class add dev eth1 parent 1:1 classid 1:11 htb rate 300kbit ceil 800kbit prio 1

tc class add dev eth1 parent 1:1 classid 1:12 htb rate 200kbit ceil 700kbit prio 2

tc class add dev eth1 parent 1:1 classid 1:13 htb rate 100kbit ceil 600kbit prio 2

 

tc qdisc add dev eth1 parent 1:10 handle 100: sfq perturb 10

tc qdisc add dev eth1 parent 1:11 handle 110: sfq perturb 10

tc qdisc add dev eth1 parent 1:12 handle 120: sfq perturb 10

tc qdisc add dev eth1 parent 1:13 handle 130: sfq perturb 10

 

tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 1 fw classid 1:10

tc filter add dev eth1 parent 1:0 protocol ip prio 2 handle 2 fw classid 1:11

tc filter add dev eth1 parent 1:0 protocol ip prio 3 handle 3 fw classid 1:12

tc filter add dev eth1 parent 1:0 protocol ip prio 4 handle 4 fw classid 1:13

 

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Delay -j MARK --set-mark 0x1

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Delay -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Throughput -j MARK --set-mark 0x2

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Throughput -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Cost -j MARK --set-mark 0x3

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Cost -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Reliability -j MARK --set-mark 0x4

iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Reliability -j RETURN

 

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 4321 -j TOS --set-tos Minimize-Delay

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 4321 -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 25 -j TOS --set-tos Minimize-Cost

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 25 -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -j TOS --set-tos Maximize-Throughput

iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -j RETURN

iptables -t mangle -A PREROUTING -i eth2 -p icmp -j TOS --set-tos Maximize-Reliability

 

 

 

 

 

tc -s class  show dev eth1
 
class htb 1:1 root rate 1Mbit ceil 1Mbit burst 100kb cburst 2264b
 Sent 74465 bytes 142 pkts (dropped 0, overlimits 0)
 rate 712bps 5pps
 lended: 4 borrowed: 0 giants: 0
 tokens: 34107 ctokens: 34107
 
class htb 1:10 parent 1:1 leaf 100: prio 0 rate 400Kbit ceil 600Kbit burst 1803b cburst 1957b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 0 ctokens: 0
 
class htb 1:11 parent 1:1 leaf 110: prio 1 rate 300Kbit ceil 800Kbit burst 1650b cburst 1701b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 0 ctokens: 0
 
class htb 1:12 parent 1:1 leaf 120: prio 2 rate 200Kbit ceil 700Kbit burst 1680b cburst 1711b
 Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
 lended: 0 borrowed: 0 giants: 0
 tokens: 0 ctokens: 0
 
class htb 1:13 parent 1:1 leaf 130: prio 2 rate 100Kbit ceil 600Kbit burst 1680b cburst 1701b
 Sent 58744 bytes 152 pkts (dropped 0, overlimits 0)
 rate 3Kbit 1pps
 lended: 148 borrowed: 4 giants: 0
 tokens: 202125 ctokens: 163799

 

 

 

 

Leandro Ramalho Fróio

Analista de Redes

RHOX - Redes Corporativas

Tel: (61) 361-1466 ext: 253

leandro@xxxxxxxxxxx

 

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux