Martin Zaharinov <micron10@xxxxxxxxx> wrote:
> Hi Florian
>
> Look good this config but not work after set user not limit by speed.
Works for me. Before:
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 5.09 GBytes 4.37 Gbits/sec 0 sender
[ 5] 0.00-10.00 sec 5.08 GBytes 4.36 Gbits/sec receiver
After:
[ 5] 0.00-10.00 sec 62.9 MBytes 52.7 Mbits/sec 0 sender
[ 5] 0.00-10.00 sec 59.8 MBytes 50.1 Mbits/sec receiver
> table inet nft-qos-static {
> set limit_ul {
> typeof ip saddr
> flags dynamic
> elements = { 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes, 10.0.0.254 limit rate over 12 mbytes/second burst 6000 kbytes }
> }
> set limit_dl {
> typeof ip saddr
> flags dynamic
> elements = { 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes, 10.0.0.254 limit rate over 12 mbytes/second burst 6000 kbytes }
> }
>
> chain upload {
> type filter hook postrouting priority filter; policy accept;
> ip saddr @limit_ul drop
> }
> chain download {
> type filter hook prerouting priority filter; policy accept;
> ip saddr @limit_dl drop
> }
daddr?
> With this config user with ip 10.0.0.1 not limited to 5 mbytes ,
> When back to this config :
>
> table inet nft-qos-static {
> chain upload {
> type filter hook postrouting priority filter; policy accept;
> ip saddr 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes drop
> }
>
> chain download {
> type filter hook prerouting priority filter; policy accept;
> ip daddr 10.0.0.1 limit rate over 5 mbytes/second burst 6000 kbytes drop
~~~~~
