Haven't looked the config in any detail, just a quick note:
Looks like all the filters point to class ftp_traffic and, hence, action ftpcap.
ftpcap has 'continue' regardless of the rate. I suppose you want 'drop' for
red_action_name (and possibly yellow_action_name)..
-venu
On Mon, 9 Jul 2007, Manish Verma wrote:
> Hi All,
>
> I have set up 2 non-global zones with 2 seperate ip's on a different subnet.
> I have also set up one extra ip of same subnet in global zone for networking
> b/w global and no gloabal zones.
>
> I have a 100MBPS NIC and want to limit bandwidth 1MBPS each for my non global
> zones. I have never used IPQoS before thus I'm trying to limit ftp traffic at
> first.
> I've written following files but my Ftp traffic is not affected.
>
> Can someone help me identify the problem?
>
> Thanks in Advance,
> Manish
>
> My IPQoS config file:-
> ^^^^^^^^^^^^^^^^^^
> fmt_version 1.0
> action {
> module ipgpc
> name ipgpc.classify
> params {
> global_stats TRUE
> }
> class {
> name ftp_traffic
> next_action ftpcap
> enable_stats FALSE
> }
> filter {
> name ftp_out1
> saddr 192.168.0.3
> daddr 192.168.0.1
> sport 20
> direction LOCAL_OUT
> class ftp_traffic
> }
> filter {
> name ftp_in1
> daddr 192.168.0.3
> saddr 192.168.0.2
> sport 20
> direction LOCAL_IN
> class ftp_traffic
> }
> filter {
> name ftp_in2
> daddr 192.168.0.3
> saddr 192.168.0.1
> sport 20
> direction LOCAL_IN
> class ftp_traffic
> }
> filter {
> name ftp_out2
> saddr 192.168.0.3
> daddr 192.168.0.2
> sport 20
> direction LOCAL_OUT
> class ftp_traffic
> }
> }
>
>
> action {
> module tokenmt
> name ftpcap
> params {
> committed_rate 1048
> committed_burst 1048
> peak_burst 1048
> red_action_name continue
> green_action_name continue
> yellow_action_name continue
> global_stats TRUE
> }
> }
>
> Network configuration of my machine:-
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> -bash-3.00# ifconfig -a
> lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
> index 1
> inet 127.0.0.1 netmask ff000000
> lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
> index 1
> zone zone1
> inet 127.0.0.1 netmask ff000000
> lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
> index 1
> zone mzone
> inet 127.0.0.1 netmask ff000000
> bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
> inet 172.16.41.22 netmask ffffff00 broadcast 172.16.41.255
> ether 0:13:d3:40:d1:ba
> bge0:1: flags=4001000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
> zone zone1
> inet 192.168.0.1 netmask ffffff00 broadcast 192.168.0.255
> bge0:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
> zone mzone
> inet 192.168.0.2 netmask ffffff00 broadcast 192.168.0.255
> bge0:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
> inet 192.168.0.3 netmask ffffff00 broadcast 192.168.0.255
> ------------------------------------------------------------------------------------------
>
>
> This message posted from opensolaris.org
> _______________________________________________
> networking-discuss mailing list
> [email protected]
>
_______________________________________________
networking-discuss mailing list
[email protected]
