Re: htb + tc filter

[choros <jorge@xxxxxxxx>]

Hi,
thanks for replay, i will include the whole script..
iptables -t mangle -F  2>/dev/null
iptables -t mangle -X  2>/dev/null
iptables -t mangle -N markov
iptables -t mangle -I PREROUTING -j markov
iptables -t mangle -N markov2
iptables -t mangle -I POSTROUTING -j markov2

unalias a
unalias s
unalias d
echo 'clear; tc -s class sh dev eth0 | grep p'> /usr/bin/a
echo 'clear; tc -s class sh dev eth1 | grep p'> /usr/bin/s
echo 'clear; tc -s class sh dev eth2 | grep p'> /usr/bin/d
chmod +x /usr/bin/a /usr/bin/s /usr/bin/d
alias s0='clear; tc -s class sh dev eth0 | grep p'
alias s1='clear; tc -s class sh dev eth1 | grep p'
alias s2='clear; tc -s class sh dev eth2 | grep p'
alias s3='clear; tc -s class sh dev eth3 | grep p'
alias z='clear; tc -s class sh dev '


tc qdisc del dev eth0 root >/dev/null 2>&1
tc qdisc del dev eth1 root >/dev/null 2>&1

# whole interface eth0 - 1024 kbps

tc qdisc add dev eth0 root handle 10: htb default 20
tc class add dev eth0 parent 10: classid 10:2 \
 htb rate 1024Kbit

tc filter add dev eth0 parent 10: protocol ip prio 1 u32 \
         match ip dst 0.0.0.0/0 flowid 10:2

# outgoing class for eth1 - 1024 kbps
tc class add dev eth0 parent 10:2 classid 10:21 \
htb rate 1024Kbit

# mark for it
tc filter add dev eth0 parent 10:2 protocol ip prio 1 \
handle 1 fw classid 10:21

echo eth0 '-->' from eth1 total 1024 kbps, weight 102,

tc qdisc add dev eth0 parent 10:21 sfq perturb 15
echo eth0 '-->' 1024 kbps total

# whole interface eth1 - 1024 kbps

tc qdisc add dev eth1 root handle 11: htb default 20
tc class add dev eth1 parent 11: classid 11:2 \
 htb rate 1024Kbit


tc filter add dev eth1 parent 11: protocol ip prio 1 u32 \
         match ip dst 0.0.0.0/0 flowid 11:2
tc qdisc add dev eth1 parent 11:2 sfq perturb 15
iptables -t mangle -A markov -i eth1 -j MARK --set-mark 1
echo eth1 '-->' 1024 kbps total


Jorge



Andreas Klauer wrote:

On Wednesday 28 September 2005 15:30, choros wrote:
  

the last filter should pass all traffic whitch dont pass the filters to
class 10:2 but this is not the case.
    

I'm not sure the order you add filters is actually the order filters are 
traversed... so why not use the prio parameter to make sure that your 
catchall comes last?

A completely different approach would be to just put the traffic you don't 
want to be shaped into a HTB class as well, by putting a fat class on top,
like this:

HTB Qdisc
|
\--- HTB root class (100mbit)
     |
     \--- HTB internet class (256kbit)
     \--- HTB lan class (100mbit minus 256kbit)

(I'm actually using a value lower than 100mbit though - due to overhead and 
other issues, in a 100mbit network you can never actually reach the full 
100mbit speed).

That way, I get packets that come from the internet and go to the LAN 
shaped down to 256kbit, while internal lan traffic (e.g. router is also a 
fileserver for the local network) can go by unaffected.

By the way, if you let this internal lan traffic go by completely unshaped, 
chances are that load gets so high it will even choke the internet 
connection. So even if the packets are allowed to go fast, it's a good 
idea to shape them in order of guaranteeing a 256kbit or whatever channel 
for internet.

HTH
Andreas Klauer
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
  

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc