Hi Chris,
The way I am using now is to create ifb0 interface on input of the
inside interface( I call it downlink ). So you can shape all upstream
traffic on a single interface. Suppose eth0 is your downlink
interface. Here is a piece of my perl script:
system("$ETC qdisc add dev $dev ingress");
# Filter local traffic( INPUT ) - to distinguish the Global one by IP!
system("$ETC filter add dev $dev parent FFFF: protocol ip prio 1 u32
match ip dst $ip flowid :1");
system("$ETC filter add dev $dev parent FFFF: protocol ip prio 1 u32
match ip dst $bcast flowid :1");
# Redirect FORWARDING traffic( not destined to us ) - to shape by ifb0 rules
system("$ETC filter add dev $dev parent FFFF: protocol ip prio 2 u32
match u8 0 0 flowid :1 action mirred egress redirect dev ifb0
where $dev is eth0, $ETC means tc :), $ip is IP of downlink interface,
$bcast is its broadcast( ip & broadcast rules need only to separate
router destined traffic from forwarding one ).
Then you can use any qdisc you need on ifb0 device.
--
Best regards
Anatoly Muliarski
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
