David Boreham wrote:
I do have one question though. On the egress shaping on eth1 (LAN
interface), when using iptables I should do everything in the
POSTROUTING chain correct? That way it gets routed to the proper LAN
node and still gets shaped, correct? If thats the case, I can have a
setup working in no time (I hope).
Well now it's my turn to be confused ! What's the connection between
iptables and your traffic shaping setup ? Are you marking packets for
shaping, something like that ? If so I have no idea. My routing and
shaping are completely separate and unrelated in any way (I use
tc filter to classify packets).
iptables (I forget what version onward supports this) has the ability to
classify packets that it routes via -j CLASSIFY --set-class X:Y. For all
intents and purposes, this is the same as -j MARK --set-mark X.
Basically, it allows a user to use iptables to do the actual
classification of the packet. For an example, take a look at:
http://lartc.org/howto/lartc.cookbook.fullnat.intro.html,
http://www.stanford.edu/~fenn/linux/ (this is the tutorial I base my
iptables and tc rules on)
I am not familiar enough with tc filter syntax to brave it yet. Hence my
use of iptables to classify packets, which I think is much easier anyways.
I was simply asking whether I would classify the packets in PREROUTING,
OUTPUT, or POSTROUTING. I assume OUTPUT or POSTROUTING will let me
achieve my goals with respect to egress on eth1. Guess it's time to
enter my dark age of tc+iptables. :P
Sorry if I confused you with my question. It's the only way I know how
to traffic shape (so far).
Vadtec
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
