Thank you for your help.
this setup is creating an additionnal qdisc (dsmark). For performance
reasons, I would prefer using filters directly attached to htb qdisc. I
think it is possible, at least it seems to be possible with tc (not
tcng).
It seems to me that tcc is doing something wrong with htb and indexes,
do I miss something ?
Thank you.
Le mer 05/05/2004 à 09:59, [EMAIL PROTECTED] a écrit :
> salut clemment
>
> try adapting the following to your needs ... it's been working for me.
> roughly similar to wondershaper excepting that it is in tcng:
>
> i have a ppp interface on an analog modem so in my firewall i mark
> packets coming in from this device as following:
>
> iptables --append PREROUTING --table mangle --in-interface ppp0 \
> --jump MARK --set-mark 0x7
>
>
> cheers
>
> charles
>
>
> /*
> * tc next generation script by
> * charles shick
> */
>
> #define LAN "eth0"
> #define LAN_INGRESS 700000
> #define LAN_EGRESS 700000
>
> dev LAN {
>
> # ingress {
> # $policer = SLB( cir LAN_INGRESS kbps );
> # class ( <> ) if SLB_ok( $policer );
> # drop if 1;
> # }
>
> egress {
> class ( <$ppp> ) if meta_nfmark == 0x7;
>
> class ( <$high> ) if ip_proto == IPPROTO_ICMP ||
> ip_tos == 0x10 ||
> tcp_sport == 80 ||
> tcp_sport == 110 ||
> udp_sport == 53 ||
> tcp_ack;
>
> class ( <$medium> ) if tcp_dport == 25;
>
> class ( <$low> ) if 1;
>
> htb () { class ( rate LAN_EGRESS kbps ) {
>
> $ppp = class ( prio 1, rate 56 kbps )
> { sfq ( perturb 10 sec ); };
>
> $high = class ( prio 1, rate ( 0.5 * LAN_EGRESS )kbps )
> { sfq ( perturb 10 sec ); };
>
> $medium = class (prio 2, rate ( 0.3 * LAN_EGRESS )kbps )
> { sfq ( perturb 10 sec ); };
>
> $low = class (prio 3, rate ( 0.2 * LAN_EGRESS )kbps )
> { sfq ( perturb 10 sec ); };
>
> }
> }
> }
> }
>
>
> On Wed, 2004-05-05 at 08:46, Clement MOREAU wrote:
> > Hello all,
> >
> > I am trying to set up a simple htb based system, where packets with
> > source ip 10.0.0.1 should have their own class.
> > I plan to use tcng to set it up easier.
> >
> > Is there something wrong in my tcng file ?
> >
> > ~/tcng$ cat htb
> > /*
> > */
> >
> > #include "fields.tc"
> > #include "ports.tc"
> >
> > dev eth0 {
> > htb ( ) {
> > class ( rate 600kbps, ceil 600kbps )
> > {
> > class () if ip_src == 10.0.0.1 ;
> > class (default) ;
> > }
> > }
> > }
> >
> >
> > When I compile it, I get :
> >
> > ~/tcng$ tcc htb
> >
> > # ================================ Device eth0
> >
> > tc qdisc add dev eth0 handle 1:0 root htb default 3
> > tc class add dev eth0 parent 1:0 classid 1:1 htb rate 75000bps ceil
> > 75000bps
> > tc class add dev eth0 parent 1:1 classid 1:2 htb rate 75000bps ceil
> > 75000bps
> > tc class add dev eth0 parent 1:1 classid 1:3 htb rate 75000bps ceil
> > 75000bps
> > tc filter add dev eth0 parent 1:1 protocol all prio 1 u32 match u32
> > 0xa000001 0xffffffff at 12 classid 1:2
> >
> >
> > which is not working as expected.
> > Packets never get matched. From what I understand of tc (not too much),
> > the filter should have been :
> > tc filter add dev eth0 parent 1:0 protocol all prio 1 u32 match u32
> > 0xa000001 0xffffffff at 12 classid 1:2
> >
> > (I replaced parent 1:1 by parent 1:0).
> >
> > I tried this setup and it works as expected (at least : packets from the
> > server gets matched, other don't. I have used tc -s class show dev eth0
> > to see it).
> >
> > Do I miss something ?
> >
> > Thank you.
>
> _______________________________________________
> LARTC mailing list / [EMAIL PROTECTED]
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
--
Clement MOREAU <[EMAIL PROTECTED]>
Inventel -- http://www.inventel.fr
****************************************************************************
Ce message et ses pieces jointes contiennent des informations
confidentielles.
Il est etabli a l'intention exclusive de ses destinataires.
Si vous n'en etes pas destinataire, merci de le detruire et d'en avertir
immediatement l'expediteur.
L'integrite de ce message ne pouvant etre garantie sur Internet,
Inventel
ne peut etre tenue responsable de son contenu.
This e-mail and its attachments are confidential and intended solely for
the
addressees.
If you are not the intended recipient of this message, then please
delete it
and notify the sender.
Since the integrity of this message cannot be guaranteed on the
Internet, Inventel cannot therefore be considered responsible for
its content.
****************************************************************************
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
