Re: Question about -m tos option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> "Pavel V. Chjen" wrote:
> 
> 0x60 is out of valid range in dscp matching (:
> [root@root linux]# iptables -A FORWARD -m dscp --dscp 0x60
> iptables v1.2.9rc1: DSCP `96` out of range

You only have 6 bits of the 8 bits in the ToS to work with
for DSCP,
(http://www.cisco.com/warp/public/105/dscpvalues.html#dscpandassuredforwardingclasses)
and valid values are explicitly 0 through 63 (decimal)
(http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_r/qrfcmd4.htm#1098678).

Your rule used 60(hex),
which is 96(decimal) as the error message reported.


I got these references, and more, to confirm what
I thought I knew about DSCP by asking Google
for DSCP and DSCP+size, if that helps for the future.
(www.google.com)


I hope this helps and that you really do not
need 96 different values for the DSCP.

Bill


-- 
William Chappell,     Software Engineer,     Critical Technologies, Inc.
Suite 400 Technology Center, 4th Floor 1001 Broad Street, Utica, NY
13501
315-793-0248  x148  < bill.chappell@xxxxxxxxxxxx >  www.critical.com


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux