Hi everybody!
I'm using an edge bridge box with two ethernet cards to shape traffic in
a WAN link. I'm running Debian 3.1 stable with kernel 2.6.8 and
iproute from packages. I recompiled the kernel with the following
built-in options:
[*] 802.1d Ethernet Bridging
[*] QoS and/or fair queueing
<*> HTB packet scheduler
<*> SFQ queue
[*] QoS support
<*> Firewall based classifier
<*> U32 classifier
I can mark packages with iptables, but I _can't_ make the packages get
queued in an specific class. Please, take a look on this sample script
that guarantees 64kbit (rate), 72kbit (ceil) to the packets coming from
the host 172.16.0.185 to the 172.16.1.0/24 network with 10000-10100
destination ports:
# Flush tc qdiscs:
/sbin/tc qdisc del dev eth0 root >/dev/null 2>&1
/sbin/tc qdisc del dev eth1 root >/dev/null 2>&1
# Create root qdiscs:
/sbin/tc qdisc add dev eth0 root handle 1: htb default 1000
/sbin/tc qdisc add dev eth1 root handle 2: htb default 1000
# Create root class (1:1 2:1) :
/sbin/tc class add dev eth0 parent 1: classid 1:1 htb rate 3456kbit ceil
3456kbit burst 0 prio 1
/sbin/tc class add dev eth1 parent 2: classid 2:1 htb rate 3584kbit ceil
3584kbit burst 0 prio 1
# Create default class (1:1000 2:1000) :
/sbin/tc class add dev eth0 parent 1:1 classid 1:1000 htb rate 3350kbit
ceil 3500kbit burst 0 prio 5
/sbin/tc class add dev eth1 parent 2:1 classid 2:1000 htb rate 3350kbit
ceil 3500kbit burst 0 prio 5
# Create classes (1:44 2:44) :
/sbin/tc class add dev eth0 parent 1:1 classid 1:44 htb rate 64kbit ceil
72kbit burst 8kbit prio 1 quantum 1536
/sbin/tc class add dev eth1 parent 2:1 classid 2:44 htb rate 64kbit ceil
72kbit burst 8kbit prio 1 quantum 1536
# Flushing iptables rules:
/sbin/iptables -F -t mangle
# iptables classify
/sbin/iptables -A POSTROUTING -t mangle -p udp -s 172.16.0.185/32
--sport 10000:10100 -d 172.16.1.0/24 -j CLASSIFY --set-class 2:44
Now the statistics:
bridge:~# iptables -L -t mangle -v
34302 2415K CLASSIFY udp -- any any 172.16.0.185
172.16.1.0/24 udp spts:10000:10100 CLASSIFY set 2:44
bridge:~# tc -s cl sh dev eth1
class htb 2:44 parent 2:1 prio 1 rate 64000bit ceil 72000bit burst 1023b
cburst 1608b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 131070 ctokens: 183067
class htb 2:1 root rate 3584Kbit ceil 3584Kbit burst 2Kb cburst 2Kb
Sent 4686617538 bytes 6922322 pkts (dropped 0, overlimits 0)
rate 1936bit 2pps
lended: 3691 borrowed: 0 giants: 0
tokens: 4461 ctokens: 4461
class htb 2:1000 parent 2:1 prio 5 rate 3350Kbit ceil 3500Kbit burst
2017b cburst 2Kb
Sent 4686617538 bytes 6922322 pkts (dropped 0, overlimits 0)
rate 1936bit 2pps
lended: 6918631 borrowed: 3691 giants: 0
tokens: 4700 ctokens: 4543
As you can see, the packets are mraked by iptables but get queued
through the default class. I'm getting frustated and I will appreciate
all suggestions and comments.
I'm using now -j CLASSIFY but I have used -j MARK and u32 tc filters
with the same results.
Thanks a lot for reading.
Bye.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc