We are currently running CentOS5.8 with IMQ to do traffic shaping for a site with potentially upward of 2000 users. In trying to switch to IFB, it seems that the ingress qdisc intercepts the traffic too early for inbound NAT, so the addresses we see on the ifb interface are cannot be used to manage ip-based traffic shaping. In my research, it has been suggested several times to use connmark to handle this situation, but I have not found any examples of how this would be achieved. Is this truly the only way to handle this. Using IMQ it is much easier, but IMQ is not integrated into the kernel. For our purposes, being able to use a stock kernel would be better. Can anyone provide a short example as to how using connmarks would work, given that we need to support 2000+ clients (with potentially different tc classes each). Or is there a better way to get set up ifb after inbound NAT? -- Mike SCHMIDT CTO Intello Technologies Inc. mike.schmidt@xxxxxxxxxxx Canada: 1-888-404-6261 x320 USA: 1-888-404-6268 x320 Mobile: 514-409-6898 www.intello.com -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
