Re: bug report and future request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Florian

yes now work perfect
i will test with 1-4k ips to see performance vs qdisc or iptables.

for second offload question:

is it possible to make limiter work in offload mode and ia it posible to add dynamic interface like ppp* or vlan* or other type.



P.S.

thanks for fast reply for first part!

P.S.2 

resend mail to netfilter group

Martin

> On 22 Mar 2022, at 12:32, Florian Westphal <fw@xxxxxxxxx> wrote:
> 
> Martin Zaharinov <micron10@xxxxxxxxx> wrote:
>> Hi Florian
>> 
>> Look good this config but not work after set user not limit by speed.
> 
> Works for me.  Before:
> [ ID] Interval           Transfer     Bitrate         Retr
> [  5]   0.00-10.00  sec  5.09 GBytes  4.37 Gbits/sec    0 sender
> [  5]   0.00-10.00  sec  5.08 GBytes  4.36 Gbits/sec receiver
> 
> After:
> [  5]   0.00-10.00  sec  62.9 MBytes  52.7 Mbits/sec    0 sender
> [  5]   0.00-10.00  sec  59.8 MBytes  50.1 Mbits/sec receiver
> 
>> table inet nft-qos-static {
>>        set limit_ul {
>>                typeof ip saddr
>>                flags dynamic
>>                elements = { 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes, 10.0.0.254 limit rate over 12 mbytes/second burst 6000 kbytes }
>>        }
>> 		set limit_dl {
>>                typeof ip saddr
>>                flags dynamic
>>                elements = { 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes, 10.0.0.254 limit rate over 12 mbytes/second burst 6000 kbytes }
>>       }
>> 
>>        chain upload {
>> 			type filter hook postrouting priority filter; policy accept;
>> 			ip saddr @limit_ul drop
>>        }
>> 		chain download {
>> 			type filter hook prerouting priority filter; policy accept;
>> 			ip saddr @limit_dl drop
>> 		}
> 
> daddr?
> 
>> With this config user with ip 10.0.0.1 not limited to 5 mbytes , 
> 
>> When back to this config :
>> 
>> table inet nft-qos-static {
>> 	chain upload {
>> 		type filter hook postrouting priority filter; policy accept;
>> 		ip saddr 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes drop
>> 	}
>> 
>> 	chain download {
>> 		type filter hook prerouting priority filter; policy accept;
>> 		ip daddr 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes drop
> 	           ~~~~~





[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux