On Wed, Apr 10, 2013 at 01:46:09PM -0700, Stephen Hemminger wrote: > On Wed, 10 Apr 2013 18:54:34 +0200 > Antonio Quartulli <antonio@xxxxxxxxxxxxx> wrote: > > > Hi Jamal, all, > > > > On Tue, Apr 09, 2013 at 08:49:17 -0700, Jamal Hadi Salim wrote: > > > On 13-04-09 09:51 AM, Antonio Quartulli wrote: > > > > > > > > > > > Does this work at the bridge level? A packet entering a port and going out from > > > > another one can be affected by tc/mark? > > > > > > Yes of course. And on any construct that looks like a netdev (tunnels etc). > > > > > > > Thanks for your hints. After having struggled a bit I found out how to do it > > using ebtables and the mark target :) > > > > Thanks a Lot! > > > Come back again, though. The ebtables method offers more flexibility which can > be a good or bad thing... I just realised that :) By installing ebtables (meaning modules + userspace tool) my iperf test result drops from 81Mbps to 66Mbps: former without, latter with ebtables module enabled. I did this test between two devices connected with Fast Ethernet. I thought that most of the code is in netfilter, so shared with iptables, hence I expected a reasonable overhead why this is much worse. Does anybody have a clue about this? I should probably start a new thread on the netfilter mailing list. However this problem makes ebtables unusable at all. Suggestions are welcome :) Cheers, -- Antonio Quartulli ..each of us alone is worth nothing.. Ernesto "Che" Guevara
Attachment:
pgpYCzI8c_2qy.pgp
Description: PGP signature
