Hello community,
This is problem related to Debian 9, bridge, VLAN interface and HTB tc filters for traffic shaping... For years I`m using Debian with bridged ethernet interfaces as a L2 transparent traffic shaper. Shaper is based on HTB with tc hash filters. In the bridge there is also one VLAN interface where VLAN TAGeed traffic from customers is terminated. I`ve tried to google, change some bridge parameters, but no success. Bridge setup: brctl show bridge1 bridge name bridge id STP enabled interfaces bridge1 8000.0002a525xxyy no eth0 eth1 eth1.500 - eth1 (and of course eth1.500) is towards customers. Customers are sending some traffic TAGed with 500 and some traffic without VLAN TAG - eth0 is uplink towards public internet The problem and question: This setup worked smoothly for years until I upgraded Debian 8 do Debian 9 (which I didn`t like to do but I had to, lets say). And now, in Debian 9 only customer traffic which is not TAGged can reach tc filters and than is properly send to appropriate tc class and shaped. BUT traffic with TAG 500 bypasses tc filters which means it goes just to tc default class (which is not good) - yes TAGget traffic is not terminated, just is not passing tc filters I guess I have to turn on some 0/1"switch" somewhere in the Debian 9... But please, do you know which switch? If you would like to have more specific infos, please let me know, I`ll send it ASAP. Thank you in advance. At least for that you read it all :) Pep.
