"tc filter add dev bond0 parent 1: protocol ip fw" does not work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello list,

command

"tc filter add dev bond0 parent 1: protocol ip fw"

is AFAIK supposed to filter packets marked with <number> to classid
1:<number>, which would effectively replace thousands of filters in
our case. But it doesnt work on newer kernels as discussed here:

http://forum.soft32.com/linux/tc-filter-fw-26-problem-ftopict469017.html
http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/14843edac6598f84

When I tried to add this filter very strange things happen:

***************************************************************************************************************************
router ~ # tc qdisc add dev bond0 root handle 1:0 htb
router ~ # tc filter add dev bond0 parent 1: protocol ip prio 1 fw
RTNETLINK answers: Invalid argument
We have an error talking to the kernel
router ~ # tc filter ls dev bond0
router ~ # tc filter add dev bond0 parent 1: protocol ip prio 1 handle
1 fw flowid 1:
router ~ # tc filter ls dev bond0
filter parent 1: protocol ip pref 1 fw
           # WHAT IS THIS ?
filter parent 1: protocol ip pref 1 fw handle 0x1 classid 1:
router ~ # tc filter del dev bond0 parent 1: protocol ip prio 1 handle
1 fw flowid 1:
router ~ # tc filter ls dev bond0
filter parent 1: protocol ip pref 1 fw
           # AFTER ADD AND DEL THIS REMAINS
router ~ # tc filter del dev bond0 parent 1: protocol ip prio 1 fw
# YOU CAN DEL BUT NOT ADD ?
router ~ # tc filter ls dev bond0
****************************************************************************************************************************

Does anyone know what is happening here ? Is generic filter as shown
in links abadoned or simply not working ?

My system is Gentoo AMD64 on dual dualcore Opterons 2214, kernel
2.6.30-r4. We shape about 20 000 pps and use bonding and affinity to
load balance ingress and egress between cores. But bonding is not
relevant here because I obtained same results on different machine
with Core 2 Duo and eth0 only.

Thanks, Karel
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux