As you probably red there is no good way to shape incoming traffic. Shaping of incoming traffic is not recommended. This is no problem with this because you can (this is recomended) shape outgoing traffice on multiple interfaces. For example if you have a client on eth0 and Internet on eth1, and you want to shape client's traffic both direction: - to shape client's incoming traffic you shape its outgoing traffic on eth0 - to shape client's outgoing traffic you shape its outgoing traffic on eth1 Also, for your needs you can MARK packets with iptables on br0 interface. ebtables are more suitable for implementation of "smart switch". В Пнд, 28/08/2006 в 14:09 +1000, Leigh Sharpe пишет: > Hi All, > I'm trying to do some traffic shaping on an ethernet bridge. > Currently, I have the following setup working: > > ifconfig eth0 down > brctl addbr br0 > brctl addif br0 eth0 > brctl addif br0 eth1 > brctl stp br0 off > ifconfig eth0 0.0.0.0 up > ifconfig eth1 0.0.0.0 up > ifconfig br0 up > > This creates a bridge consisting of eth0 and eth1. So far so good. > > I now want to use tc to shape traffic through this bridge. By applying > the following, I am able to limit the given MAC address to 128K in > each direction: > > tc qdisc add dev eth0 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 > mpu 64 > tc qdisc add dev eth1 root handle 1:0 cbq bandwidth 100Mbit avpkt 1000 > mpu 64 > tc class add dev eth0 parent 1:0 classid 1:1 cbq rate 128Kbit allot > 1514 prio 1 avpkt 1000 bounded > tc class add dev eth1 parent 1:0 classid 1:1 cbq rate 128Kbit allot > 1514 prio 1 avpkt 1000 bounded > tc filter add dev eth0 parent 1:0 protocol ip handle 1 fw flowid 1:1 > tc filter add dev eth1 parent 1:0 protocol ip handle 1 fw flowid 1:1 > ebtables -A FORWARD -s 00:10:A4:EC:65:E8 -j mark --set-mark 1 > --mark-target ACCEPT > ebtables -A FORWARD -d 00:10:A4:EC:65:E8 -j mark --set-mark 1 > --mark-target ACCEPT > > This works OK, but it isn't quite what I want. I want to limit the > traffic to 128K total. ie, 128K in one direction or the other, or 64K > in each direction simultaneously, or 100K in one direction and 28K in > the other, etc... > I can't see anything in the tc docs which indicates that I can apply > the same class and filter to multiple interfaces at once. > I'd be happy enough with applying the same rate limit to a single > interface, but measuring both ingress and egress traffic to come up > with the lmit. > > Ultimately, of course, I'll be using different criteria to mark the > packets. > > > Regards, > Leigh > > Leigh Sharpe > Network Systems Engineer > Pacific Wireless > Ph +61 3 9584 8966 > Mob 0408 009 502 > email lsharpe@xxxxxxxxxxxxxxxxxxxxxx > web www.pacificwireless.com.au > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -- Покотиленко Костик <casper@xxxxxxxxxxxx> _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
