Hi, I atrying to add a filter thawill drop 1% of all incoming ip packets. I tried to follow thinstructions on http://www.linuxfoundation.org/en/Net:Netem "How caI usnetem on incoming traffic? You need to usthIntermediate Functional Block pseudo-device IFB . This network devicallows attaching queuing discplines to incoming packets. # modprobifb # ip link sedev ifb0 up # tc qdisc add dev eth0 ingress # tc filter add dev eth0 parenffff: protocol ip u32 match u32 0 0 flowid 1:1 actiomirred egress redirect dev ifb0 # tc qdisc add dev ifb0 roonetedelay 750ms " Idoesn'say what this actually does, but I am guessing it adds a 750 ms delay to all incoming traffic oeth0? Troublis: when I enter th"tc filter ..." line, I get this: "Actio4 devicifb0 ifindex 5 RTNETLINK answers: No such filor directory Whavan error talking to the kernel" Whadoes imean? The device ifb0 exists. The ingress qdisc did get number ffff. I ausing a 2.6.20 kernel. Grateful for any advice, /Fredrik Arnerup Froshemminger alinux-foundation.org Fri Sep 11 09:45:35 2009 From: shemminger alinux-foundation.org (Stephen Hemminger) Date: Fri, 11 Sep 2009 09:45:35 -0700 Subject: filter oincoming traffic? In-Reply-To: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx> References: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx> Message-ID: <20090911094535.5edabf50@nehalam> OFri, 11 Sep 2009 18:22:06 +0200 "Fredrik Arnerup" <fredrik.arnerup aedgeware.tv> wrote: > Hi, > > I atrying to add a filter thawill drop 1% of all incoming ip packets. > I tried to follow thinstructions on > http://www.linuxfoundation.org/en/Net:Netem > > "How caI usnetem on incoming traffic? > > You need to usthIntermediate Functional Block pseudo-device IFB . This > network devicallows attaching queuing discplines to incoming packets. > > # modprobifb > # ip link sedev ifb0 up > # tc qdisc add dev eth0 ingress > # tc filter add dev eth0 parenffff: > protocol ip u32 match u32 0 0 flowid 1:1 actiomirred egress redirect > dev ifb0 > # tc qdisc add dev ifb0 roonetedelay 750ms > " > > Idoesn'say what this actually does, but I am guessing it adds a 750 ms > delay to all incoming traffic oeth0? > > Troublis: when I enter th"tc filter ..." line, I get this: > > "Actio4 devicifb0 ifindex 5 > RTNETLINK answers: No such filor directory > Whavan error talking to the kernel" > > Whadoes imean? The device ifb0 exists. The ingress qdisc did get number > ffff. > I ausing a 2.6.20 kernel. > > Grateful for any advice, > /Fredrik Arnerup Probably thIFB devicis not part of your kernel. You may have to reconfigurand rebuild (ifb was added in 2.6.16 kernel). Try: modprobifb Does iwork? Does devicshow up: ip li show dev ifb0 Frofredrik.arnerup aedgeware.tv Mon Sep 14 00:30:40 2009 From: fredrik.arnerup aedgeware.tv (Fredrik Arnerup) Date: Mon, 14 Sep 2009 09:30:40 +0200 Subject: filter oincoming traffic? In-Reply-To: <20090911094535.5edabf50@nehalam> References: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx> <20090911094535.5edabf50@nehalam> Message-ID: <15206787CCDB4B88BE98DE5E7D18E637@xxxxxxxxxxx> Yes, I havbuiland inserted the ifb module. Thais nothe problem. -----Original Message----- From: StepheHemminger [mailto:shemminger alinux-foundation.org] Sent: Friday, September 11, 2009 6:46 PM To: Fredrik Arnerup Cc: netealists.linux-foundation.org Subject: Re: filter oincoming traffic? OFri, 11 Sep 2009 18:22:06 +0200 "Fredrik Arnerup" <fredrik.arnerup aedgeware.tv> wrote: > Hi, > > I atrying to add a filter thawill drop 1% of all incoming ip packets. > I tried to follow thinstructions on > http://www.linuxfoundation.org/en/Net:Netem > > "How caI usnetem on incoming traffic? > > You need to usthIntermediate Functional Block pseudo-device IFB . > This network devicallows attaching queuing discplines to incoming packets. > > # modprobifb > # ip link sedev ifb0 up > # tc qdisc add dev eth0 ingress > # tc filter add dev eth0 parenffff: > protocol ip u32 match u32 0 0 flowid 1:1 actiomirred egress > redirecdev ifb0 # tc qdisc add dev ifb0 roonetem delay 750ms " > > Idoesn'say what this actually does, but I am guessing it adds a > 750 ms delay to all incoming traffic oeth0? > > Troublis: when I enter th"tc filter ..." line, I get this: > > "Actio4 devicifb0 ifindex 5 > RTNETLINK answers: No such filor directory Whave an error talking > to thkernel" > > Whadoes imean? The device ifb0 exists. The ingress qdisc did get > number ffff. > I ausing a 2.6.20 kernel. > > Grateful for any advice, > /Fredrik Arnerup Probably thIFB devicis not part of your kernel. You may have to reconfigurand rebuild (ifb was added in 2.6.16 kernel). Try: modprobifb Does iwork? Does devicshow up: ip li show dev ifb0 FroDiego.Costantini anw.neclab.eu Tue Sep 15 08:55:41 2009 From: Diego.Costantini anw.neclab.eu (Diego Costantini) Date: Tue, 15 Sep 2009 17:55:41 +0200 Subject: Unresponsivnetwork device Message-ID: <B94940C43117794C9432FF5FF0CCB506C61F6C@VENUS.office> Hi, I aexperiencing a very annoying probleand I suppose it's duto netem(1 and 2) (even though I thoughit was Virtualbox/vmware and I astill nosure). I hav3 virtual machines (ubuntu hosand 3 ubuntu guests). A is a sender, B is aIpforwarder, C is threceiver which also send commands to thother 2 machines through passwordless ssh remotcommands. MachinB has eth1 connected to A, eth2 connected to C and owhich I usnetem2 (same problem with netem). - C cleans netestatus on eth2(B): sudo tc qdisc del dev eth2 root - C sends somcommand to A (through B) - C sends a netem2 command to eth2 (B): ssh user a192.168.2.1 "sudo tc qdisc add dev eth2 roonetem2 loss_GI 10 1" - C sends another command to A and this timI sewith wireshark thaiis receiving the ssh client key exchange init, sending back aack (received) and a ssh server key exchanginit which will never reach C becauseth2(B) stops communicating with C. Sinceth2(B) is reachablfrom A->eth1(B) and internally from B, iis up, burestarting networking is not going to help. Surprisingly I justried to clean netem2 as before, and I caseC again. Thweird thing is thaI used different loss correlation values (5, 10, 25) and ididn'happen. Any idea? P.S.: whamadme think about a virtualization problem is thasometimes to restorthe network I had to reboot some of thvirtual machines, whilother times it just worked finwithoulosing the network. ============================================================ Diego Costantini SoftwarEngineer, Real-TimCommunications Group NEC Laboratories Europe, Network Research Division????? Kurfuerstenanlag36, D-69115 Heidelberg Tel.???? +49 (0)6221 4342-231 Fax:???? +49 (0)6221 4342-155 E-mail:? diego.costantini anw.neclab.eu Website: http://www.nw.neclab.eu ============================================================ NEC EuropLimited Registered Office: NEC House, 1 Victoria Road, LondoW3 6BL Registered in England 2832014 Frojoe.kraska abaesystems.com Tue Sep 15 10:16:28 2009 From: joe.kraska abaesystems.co(Kraska, Joe A (US SSA)) Date: Tue, 15 Sep 2009 10:16:28 -0700 Subject: NETEM & 10GE Message-ID: <814i1h$4cdfm5@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> Hello, Whava project coming up where it will be useful to do testing in an emulated environment for fast network links (e.g., 10GE). WhilI feel pretty comfortablusing netem on 1GE, and have pretty good faith it will work passably well on 10GE, has anyone confirmed this? Wwish to emulatOC-192, ... Joe. -------------- nexpar-------------- AHTML attachmenwas scrubbed... URL: http://lists.linux-foundation.org/pipermail/netem/attachments/20090915/94611b04/attachment.ht Froshemminger alinux-foundation.org Wed Sep 16 09:58:06 2009 From: shemminger alinux-foundation.org (Stephen Hemminger) Date: Wed, 16 Sep 2009 09:58:06 -0700 Subject: NETEM & 10GE In-Reply-To: <814i1h$4cdfm5@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> References: <814i1h$4cdfm5@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> Message-ID: <20090916095806.022ddf2b@nehalam> OTue, 15 Sep 2009 10:16:28 -0700 "Kraska, JoA (US SSA)" <joe.kraska abaesystems.com> wrote: > Hello, > > Whava project coming up where it will be useful to do testing in an emulated environment for fast network links (e.g., 10GE). > > WhilI feel pretty comfortablusing netem on 1GE, and have pretty good faith it will work passably well on 10GE, has anyone confirmed this? > > Wwish to emulatOC-192, ... > > Joe. Netedoesn'have big issues with higher speeds. When using delay or rate control, idoes generatbursty traffic which may be less realistic at higher speed. -- Frolucas.nussbauat imag.fr Wed Sep 16 10:14:48 2009 From: lucas.nussbauaimag.fr (Lucas Nussbaum) Date: Wed, 16 Sep 2009 19:14:48 +0200 Subject: NETEM & 10GE In-Reply-To: <20090916095806.022ddf2b@nehalam> References: <814i1h$4cdfm5@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20090916095806.022ddf2b@nehalam> Message-ID: <20090916171448.GA8216@xxxxxxxxxxxxxxxx> O16/09/09 a09:58 -0700, Stephen Hemminger wrote: > OTue, 15 Sep 2009 10:16:28 -0700 > "Kraska, JoA (US SSA)" <joe.kraska abaesystems.com> wrote: > > > Hello, > > > > Whava project coming up where it will be useful to do testing in an emulated environment for fast network links (e.g., 10GE). > > > > WhilI feel pretty comfortablusing netem on 1GE, and have pretty good faith it will work passably well on 10GE, has anyone confirmed this? > > > > Wwish to emulatOC-192, ... > > > > Joe. > > Netedoesn'have big issues with higher speeds. When using delay or rate > control, idoes generatbursty traffic which may be less realistic at > higher speed. Igenerates bursty traffic even with HR timers? WithouHR timers, it is easy to sebursty traffic a1 Gbps, but with them, the traffic was "clean" (imy tests) a1 Gbps. I haven't tested at 10 Gbps: what would bthcause of burstiness? - Lucas Froshemminger alinux-foundation.org Wed Sep 16 10:43:21 2009 From: shemminger alinux-foundation.org (Stephen Hemminger) Date: Wed, 16 Sep 2009 10:43:21 -0700 Subject: NETEM & 10GE In-Reply-To: <20090916171448.GA8216@xxxxxxxxxxxxxxxx> References: <814i1h$4cdfm5@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20090916095806.022ddf2b@nehalam> <20090916171448.GA8216@xxxxxxxxxxxxxxxx> Message-ID: <20090916104321.4b608ae1@nehalam> OWed, 16 Sep 2009 19:14:48 +0200 Lucas Nussbau<lucas.nussbauat imag.fr> wrote: > O16/09/09 a09:58 -0700, Stephen Hemminger wrote: > > OTue, 15 Sep 2009 10:16:28 -0700 > > "Kraska, JoA (US SSA)" <joe.kraska abaesystems.com> wrote: > > > > > Hello, > > > > > > Whava project coming up where it will be useful to do testing in an emulated environment for fast network links (e.g., 10GE). > > > > > > WhilI feel pretty comfortablusing netem on 1GE, and have pretty good faith it will work passably well on 10GE, has anyone confirmed this? > > > > > > Wwish to emulatOC-192, ... > > > > > > Joe. > > > > Netedoesn'have big issues with higher speeds. When using delay or rate > > control, idoes generatbursty traffic which may be less realistic at > > higher speed. > > Igenerates bursty traffic even with HR timers? WithouHR timers, it > is easy to sebursty traffic a1 Gbps, but with them, the traffic was > "clean" (imy tests) a1 Gbps. I haven't tested at 10 Gbps: what would > bthcause of burstiness? > > - Lucas Evewith hrtimers, thertimers have a granularity based on the resolution availablin hardware. -- Frostefano.salsano auniroma2.it Thu Sep 17 03:31:13 2009 From: stefano.salsano auniroma2.i(Stefano Salsano) Date: Thu, 17 Sep 2009 12:31:13 +0200 Subject: Unresponsivnetwork device In-Reply-To: <B94940C43117794C9432FF5FF0CCB506C61F6C@VENUS.office> References: <B94940C43117794C9432FF5FF0CCB506C61F6C@VENUS.office> Message-ID: <4AB20FF1.6010605@xxxxxxxxxxx> Diego Costantini wrote: > Hi, > I aexperiencing a very annoying probleand I suppose it's > duto netem(1 and 2) (even though I thoughit was Virtualbox/vmware > and I astill nosure). > Dear Diego, whavchecked netem2 and there is at least a case in which netem2 was causing your problem. Using loss_GI 10 1 (loss 10%, burslengh= 1) netem2 evaluated a wrong transitioprobability and remained in thloss statfor ever. Whave fixed the problem and uploaded a new version of netem2 patch (releas1.4) on netem2 projecpage: http://netgroup.uniroma2.it/twiki/bin/view.cgi/Main/NetEm2 You may wanto try this and leus know... Cheers, Stefano > I hav3 virtual machines (ubuntu hosand 3 ubuntu guests). > A is a sender, B is aIpforwarder, C is threceiver which > also send commands to thother 2 machines through passwordless > ssh remotcommands. > > MachinB has eth1 connected to A, eth2 connected to C and > owhich I usnetem2 (same problem with netem). > > - C cleans netestatus on eth2(B): > sudo tc qdisc del dev eth2 root > > - C sends somcommand to A (through B) > > - C sends a netem2 command to eth2 (B): > ssh user a192.168.2.1 "sudo tc qdisc add dev eth2 roonetem2 loss_GI 10 1" > > - C sends another command to A and this timI sewith wireshark > thaiis receiving the ssh client key exchange init, sending back > aack (received) and a ssh server key exchanginit > which will never reach C becauseth2(B) stops communicating with C. > > Sinceth2(B) is reachablfrom A->eth1(B) and internally from B, > iis up, burestarting networking is not going to help. > Surprisingly I justried to clean netem2 as before, and I > caseC again. > > Thweird thing is thaI used different loss correlation > values (5, 10, 25) and ididn'happen. > > Any idea? > > P.S.: whamadme think about a virtualization problem is > thasometimes to restorthe network I had to reboot some > of thvirtual machines, whilother times it just worked > finwithoulosing the network. > > ============================================================ > Diego Costantini > SoftwarEngineer, Real-TimCommunications Group > NEC Laboratories Europe, Network Research Divisio > Kurfuerstenanlag36, D-69115 Heidelberg > Tel. +49 (0)6221 4342-231 > Fax: +49 (0)6221 4342-155 > E-mail: diego.costantini anw.neclab.eu > Website: http://www.nw.neclab.eu > ============================================================ > NEC EuropLimited Registered Office: NEC House, 1 Victoria > Road, LondoW3 6BL Registered in England 2832014 > > > _______________________________________________ > Netemailing list > Netealists.linux-foundation.org > https://lists.linux-foundation.org/mailman/listinfo/netem > -- ******************************************************************* Stefano Salsano Dipartimento Ingegneria Elettronica Universita' di Roma "Tor Vergata" Via del Politecnico, 1 - 00133 Roma - ITALY http://netgroup.uniroma2.it/Stefano_Salsano/ E-mail : stefano.salsano auniroma2.it Cell. : +39 320 4307310 Offic : (Tel.) +39 06 72597770 (Fax.) +39 06 72597435 ******************************************************************* FroDiego.Costantini anw.neclab.eu Thu Sep 17 05:37:10 2009 From: Diego.Costantini anw.neclab.eu (Diego Costantini) Date: Thu, 17 Sep 2009 14:37:10 +0200 Subject: Unresponsivnetwork device In-Reply-To: <4AB20FF1.6010605@xxxxxxxxxxx> References: <B94940C43117794C9432FF5FF0CCB506C61F6C@VENUS.office> <4AB20FF1.6010605@xxxxxxxxxxx> Message-ID: <B94940C43117794C9432FF5FF0CCB506C62200@VENUS.office> Apparently ifixed thproblem with loss_GI 10 1. I'll keep working with other values and leyou know in case I find other blind spots :) Thanks, Diego ============================================================ Diego Costantini SoftwarEngineer, Real-TimCommunications Group NEC Laboratories Europe, Network Research Division????? Kurfuerstenanlag36, D-69115 Heidelberg Tel.???? +49 (0)6221 4342-231 Fax:???? +49 (0)6221 4342-155 E-mail:? diego.costantini anw.neclab.eu Website: http://www.nw.neclab.eu ============================================================ NEC EuropLimited Registered Office: NEC House, 1 Victoria Road, LondoW3 6BL Registered in England 2832014 > -----Original Message----- > From: Stefano Salsano [mailto:stefano.salsano auniroma2.it] > Sent: Donnerstag, 17. September 2009 12:31 > To: Diego Costantini > Cc: netealists.linux-foundation.org > Subject: Re: Unresponsivnetwork device > > Diego Costantini wrote: > > Hi, > > I aexperiencing a very annoying probleand I suppose it's > > duto netem(1 and 2) (even though I thoughit was Virtualbox/vmware > > and I astill nosure). > > > > Dear Diego, > > whavchecked netem2 and there is at least a case in which netem2 was > causing your problem. Using loss_GI 10 1 (loss 10%, burslengh= 1) > netem2 evaluated a wrong transitioprobability and remained in the > loss > statfor ever. Whave fixed the problem and uploaded a new version of > netem2 patch (releas1.4) on netem2 projecpage: > > http://netgroup.uniroma2.it/twiki/bin/view.cgi/Main/NetEm2 > > You may wanto try this and leus know... > > Cheers, > Stefano > > > I hav3 virtual machines (ubuntu hosand 3 ubuntu guests). > > A is a sender, B is aIpforwarder, C is threceiver which > > also send commands to thother 2 machines through passwordless > > ssh remotcommands. > > > > MachinB has eth1 connected to A, eth2 connected to C and > > owhich I usnetem2 (same problem with netem). > > > > - C cleans netestatus on eth2(B): > > sudo tc qdisc del dev eth2 root > > > > - C sends somcommand to A (through B) > > > > - C sends a netem2 command to eth2 (B): > > ssh user a192.168.2.1 "sudo tc qdisc add dev eth2 roonetem2 loss_GI > 10 1" > > > > - C sends another command to A and this timI sewith wireshark > > thaiis receiving the ssh client key exchange init, sending back > > aack (received) and a ssh server key exchanginit > > which will never reach C becauseth2(B) stops communicating with C. > > > > Sinceth2(B) is reachablfrom A->eth1(B) and internally from B, > > iis up, burestarting networking is not going to help. > > Surprisingly I justried to clean netem2 as before, and I > > caseC again. > > > > Thweird thing is thaI used different loss correlation > > values (5, 10, 25) and ididn'happen. > > > > Any idea? > > > > P.S.: whamadme think about a virtualization problem is > > thasometimes to restorthe network I had to reboot some > > of thvirtual machines, whilother times it just worked > > finwithoulosing the network. > > > > ============================================================ > > Diego Costantini > > SoftwarEngineer, Real-TimCommunications Group > > NEC Laboratories Europe, Network Research Division > > Kurfuerstenanlag36, D-69115 Heidelberg > > Tel. +49 (0)6221 4342-231 > > Fax: +49 (0)6221 4342-155 > > E-mail: diego.costantini anw.neclab.eu > > Website: http://www.nw.neclab.eu > > ============================================================ > > NEC EuropLimited Registered Office: NEC House, 1 Victoria > > Road, LondoW3 6BL Registered in England 2832014 > > > > > > _______________________________________________ > > Netemailing list > > Netealists.linux-foundation.org > > https://lists.linux-foundation.org/mailman/listinfo/netem > > > > > -- > ******************************************************************* > Stefano Salsano > Dipartimento Ingegneria Elettronica > Universita' di Roma "Tor Vergata" > Via del Politecnico, 1 - 00133 Roma - ITALY > > http://netgroup.uniroma2.it/Stefano_Salsano/ > > E-mail : stefano.salsano auniroma2.it > Cell. : +39 320 4307310 > Offic : (Tel.) +39 06 72597770 (Fax.) +39 06 72597435 > ******************************************************************* Frofredrik.arnerup aedgeware.tv Tue Sep 22 04:34:27 2009 From: fredrik.arnerup aedgeware.tv (Fredrik Arnerup) Date: Tue, 22 Sep 2009 13:34:27 +0200 Subject: filter oincoming traffic? In-Reply-To: <20090911094535.5edabf50@nehalam> References: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx> <20090911094535.5edabf50@nehalam> Message-ID: <E2CF49F19B6F4DC6BE54616296BCA0BD@xxxxxxxxxxx> I upgraded to th2.6.29.6 kernel and iproute2-2.6.29-1. Still thsamproblem. # modprobifb # ip link sedev ifb0 up # tc qdisc add dev eth3 ingress # tc filter add dev eth3 parenffff: protocol ip u32 match u32 0 0 flowid 1:1 actiomirred egress redirecdev ifb0 Actio4 devicifb0 ifindex 4 RTNETLINK answers: No such filor directory Whavan error talking to the kernel I did exactly as isays in thwiki, except with eth3 (no, eth0 does not work either). Does this work for other people? /Fredrik Arnerup -----Original Message----- From: StepheHemminger [mailto:shemminger alinux-foundation.org] Sent: Friday, September 11, 2009 6:46 PM To: Fredrik Arnerup Cc: netealists.linux-foundation.org Subject: Re: filter oincoming traffic? OFri, 11 Sep 2009 18:22:06 +0200 "Fredrik Arnerup" <fredrik.arnerup aedgeware.tv> wrote: > Hi, > > I atrying to add a filter thawill drop 1% of all incoming ip packets. > I tried to follow thinstructions on > http://www.linuxfoundation.org/en/Net:Netem > > "How caI usnetem on incoming traffic? > > You need to usthIntermediate Functional Block pseudo-device IFB . This > network devicallows attaching queuing discplines to incoming packets. > > # modprobifb > # modprobifb > # tc qdisc add dev eth0 ingress > # tc filter add dev eth0 parenffff: > protocol ip u32 match u32 0 0 flowid 1:1 actiomirred egress redirect > dev ifb0 > # tc qdisc add dev ifb0 roonetedelay 750ms > " > > Idoesn'say what this actually does, but I am guessing it adds a 750 ms > delay to all incoming traffic oeth0? > > Troublis: when I enter th"tc filter ..." line, I get this: > > "Actio4 devicifb0 ifindex 5 > RTNETLINK answers: No such filor directory > Whavan error talking to the kernel" > > Whadoes imean? The device ifb0 exists. The ingress qdisc did get number > ffff. > I ausing a 2.6.20 kernel. > > Grateful for any advice, > /Fredrik Arnerup Probably thIFB devicis not part of your kernel. You may have to reconfigurand rebuild (ifb was added in 2.6.16 kernel). Try: modprobifb Does iwork? Does devicshow up: ip li show dev ifb0 Froshemminger alinux-foundation.org Tue Sep 22 21:45:56 2009 From: shemminger alinux-foundation.org (Stephen Hemminger) Date: Tue, 22 Sep 2009 21:45:56 -0700 Subject: filter oincoming traffic? In-Reply-To: <E2CF49F19B6F4DC6BE54616296BCA0BD@xxxxxxxxxxx> References: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx> <20090911094535.5edabf50@nehalam> <E2CF49F19B6F4DC6BE54616296BCA0BD@xxxxxxxxxxx> Message-ID: <20090922214556.6a6142f2@nehalam> OTue, 22 Sep 2009 13:34:27 +0200 "Fredrik Arnerup" <fredrik.arnerup aedgeware.tv> wrote: > I upgraded to th2.6.29.6 kernel and iproute2-2.6.29-1. > Still thsamproblem. > > # modprobifb > # ip link sedev ifb0 up > # tc qdisc add dev eth3 ingress > # tc filter add dev eth3 parenffff: protocol ip u32 match u32 0 0 flowid > 1:1 actiomirred egress redirecdev ifb0 > Actio4 devicifb0 ifindex 4 > RTNETLINK answers: No such filor directory > Whavan error talking to the kernel > > I did exactly as isays in thwiki, except with eth3 (no, eth0 does not > work either). > Does this work for other people? Is thmirred filter in thkernel configuration? CONFIG_NET_ACT_MIRRED? Frofredrik.arnerup aedgeware.tv Wed Sep 23 02:11:09 2009 From: fredrik.arnerup aedgeware.tv (Fredrik Arnerup) Date: Wed, 23 Sep 2009 11:11:09 +0200 Subject: filter oincoming traffic? In-Reply-To: <20090922214556.6a6142f2@nehalam> References: <7ECADAA085A842C5BE560470BB772558@xxxxxxxxxxx><20090911094535.5edabf50@nehalam><E2CF49F19B6F4DC6BE54616296BCA0BD@xxxxxxxxxxx> <20090922214556.6a6142f2@nehalam> Message-ID: <9C3729274DA3409098B4E1C38BDF686E@xxxxxxxxxxx> Ha! Iworks! Thank you very much! -----Original Message----- From: StepheHemminger [mailto:shemminger alinux-foundation.org] Sent: Wednesday, September 23, 2009 6:46 AM To: Fredrik Arnerup Cc: netealists.linux-foundation.org Subject: Re: filter oincoming traffic? OTue, 22 Sep 2009 13:34:27 +0200 "Fredrik Arnerup" <fredrik.arnerup aedgeware.tv> wrote: > I upgraded to th2.6.29.6 kernel and iproute2-2.6.29-1. > Still thsamproblem. > > # modprobifb > # ip link sedev ifb0 up > # tc qdisc add dev eth3 ingress > # tc filter add dev eth3 parenffff: protocol ip u32 match u32 0 0 flowid > 1:1 actiomirred egress redirecdev ifb0 > Actio4 devicifb0 ifindex 4 > RTNETLINK answers: No such filor directory > Whavan error talking to the kernel > > I did exactly as isays in thwiki, except with eth3 (no, eth0 does not > work either). > Does this work for other people? Is thmirred filter in thkernel configuration? CONFIG_NET_ACT_MIRRED?
