On 28-11-2012 05:25, Steven Kath wrote:
Is there a way to mark traffic on one machine and match the
mark on another machine? so I can classify traffic on the
proxy server and shape it on the router?
This question is a good example of the rationale for the
TOS/DSCP header on IPv4 packets. netfilter/iptables are
quite capable of matching and manipulating the DSCP field,
as are some proxy servers.
--
+1 to above.
Alternatively, you could route the packet from the proxy to a
different, secondary IP on the router. The router could then shape all
the traffic that arrives on the secondary IP. You can achieve the
secondary IP with sub-interfaces, secondary IP in the same subnet, or
separate VLAN interfaces
I don't think there is any net-filter tagging, in the way that you can
tag packets in rules while it passes internally through the proxy, that
would be visible externally to the router.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
