iptables -j CLASSIFY vs tc htb

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi everyone,

This is my first post to this list.
I would like to set up the following scenario:

1. One Openwrt-Router (including the multiwan-package) is connected to
   two different DSL-Lines.
2. The DSL-Line shall be used in parallel. Multiwan will mark IP
   Connections and based on this marking a routingtable is selected that
   defines which dsl line is used.
3. Traffic shaping shall be used on each DSL uplink.
  
I am having trouble with (3). Since -j MARK is already used to determine
the correct routingtable the correct traffic class can either be
determined by using tc u32 filters (which does not completely fulfill
the needed rules) or by using the iptables -j CLASSIFY --set-classid
major:minor-way.

However I am experiencing the same symptoms like in this old thread: 
http://mailman.ds9a.nl/pipermail/lartc/2006q2/018965.html

The chain that executes --set-classid is being executed on the traffic
(verified by using -j LOG) but the packets are still only placed in the
default traffic class 1:14.

I am using this script to set up the classes & classify-rules. The
example is shortened.


for ((i=2;i<10;i+=1))
do
  /sbin/tc class add dev $OUTDEV parent 1:1 classid 1:$i htb rate 5kbps ceil 
10kbps burst 20k 
  /sbin/tc qdisc add dev $OUTDEV parent 1:${i} handle ${i} sfq perturb 60
  iptables -X mark_${i} -t mangle
  iptables -N mark_${i} -t mangle
  iptables -t mangle -A mark_$i  -j LOG  --log-level info --log-prefix "packet 
class $i "
  iptables -t mangle -A mark_$i -j CLASSIFY --set-class 1:${i}
done
iptables -t mangle -X markchain
iptables -t mangle -N markchain
iptables -t mangle -A POSTROUTING -o $OUTDEV -j markchain

# match ssh taking into consideration whether the packet is marked as bulk
iptables -t mangle -A markchain -p tcp --dport 22 -j CLASSIFY --set-class 1:13
iptables -t mangle -A markchain -p tcp --sport 22 -j CLASSIFY --set-class 1:13
iptables -t mangle -A markchain -p tcp -m tos --tos Maximize-Throughput -j 
CLASSIFY --set-class 1:17

What can I do to make shaping work in this environment?

Christof
  
-- 
()  ascii ribbon campaign - against html e-mail
/\  against proprietary attachments

Attachment: signature.asc
Description: This is a digitally signed message part.

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux