Re: [LARTC] Resolved: HTB filters' parent
so by saying the issue is resolved, you mean that there was an issue:) i bumped into it myself-not being able to create filters and make them work unless they were attached to the root qdisc. what do i do to get this fixed version(i hope that s what you meant by saying it was resolved)? thank you and merry christmas:) On Fri, 23 Dec 2005, Denis Ovsienko wrote: I have examined user's configuration and found that while child classes had correct filters, the root qdisc hadn't any filter that could direct packets to lower classes. Most examples attach filters to root qdisc for unknown reason. The information on LARTC web-site (which is gone ATM, but nobody cares about that) was incorrect. You don't have to attach all filters to root qdisc, HTB code handles filters as well as CBQ does. The issue is resolved, Martin, thank you for help. -- DO4-UANIC ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Simple routing configuration
Hi, I have a simple question (well, at least I think it's simple!). I have a router, with four Ethernet cards; eth0-eth3. eth0 and eth3 are the 'external' cards, connecting to my ISPs. eth1 and eth2 are connected to my internal networks. What I want to do is basically filter all the traffic from one card to another, in this configuration: eth1 to eth3 eth2 to eth0 The thing is, I'm not sure if this is a routing or a firewall problem, or maybe a bit of both? I've tried setting up the routing using ip route, using the command below, but to no avail. When I used these commands, I did not change any of my existing firewall configuration. Here are the ip route commands: echo "101 ISP_1" >> /etc/iproute2/rt_tables echo "102 ISP_2" >> /etc/iproute2/rt_tables ip route add 192.168.4.0/22 dev eth2 src 192.168.7.253 table ISP_1 ip route add default via 192.168.100.253 table ISP_1 ip route add 192.168.0.0/22 dev eth1 src 192.168.3.253 table ISP_2 ip route add default via 192.168.20.253 table ISP_2 ip rule add from 192.168.7.253 table ISP_1 ip rule add from 192.168.3.253 table ISP_2 I also tried a simple iptables forward command, in the form of: iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT iptables -A FORWARD -i eth1 -o eth3 -j ACCEPT iptables -A FORWARD -i eth3 -o eth1 -j ACCEPT # default policy iptables -P FORWARD DROP In both cases, I have set /proc/sys/net/ipv4/ip_forward to "1". Any help would be greatly appreciated. Many thanks, Paul --- Paul Lewis ([EMAIL PROTECTED]) Part II Student Materials Science University of Oxford ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HTB droping packets
Andy Furniss wrote: Dumitrache Ionut wrote: Hello, I'm using htb3 with kernel 2.6.13 on debian testing release. I have a hierarchy consisting of 10 parents clas each with 2 to 20 childs and every child use sfq. The problem is when the default class become congested, the system start to drop packets for 2 seconds all traffic is blocked, another 3 to 5 minutes all goes all and so on. Anyone have any ideea about this ? Your arp traffic is probably going to default - either don't use htb default or filter ... protocol arp u32 match u32 0 0 ... to a high prio/bandwidth class. "I don't know where you're getting your tc, because the current iproute2 does not have "protocol arp". Could you please explain (to the LARTC list) how you make the above work? -- gypsy" I am a bit behind on kernels but will try the latest of everything soon. In the past I failed to get protocol all to work then I tried again and it did. Whenever I try things with tc and fail I always start again from the beginning with tc qdisc del dev [EMAIL PROTECTED] /home/andy/Qos]# tc -V tc utility, iproute2-ss050330 [EMAIL PROTECTED] /home/andy/Qos]# tc qdisc add dev eth0 root handle 1:0 htb [EMAIL PROTECTED] /home/andy/Qos]# tc filter add dev eth0 parent 1:0 protocol arp u32 match u32 0 0 [EMAIL PROTECTED] /home/andy/Qos]# tc -s filter ls dev eth0 filter parent 1: protocol arp pref 49152 u32 filter parent 1: protocol arp pref 49152 u32 fh 800: ht divisor 1 filter parent 1: protocol arp pref 49152 u32 fh 800::800 order 2048 key ht 800 bkt 0 (rule hit 0 success 0) match / at 0 (success 0 ) [EMAIL PROTECTED] /home/andy/Qos]# ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1): 56 data bytes 64 bytes from 192.168.0.1: icmp_seq=0 ttl=64 time=1.319 ms 64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.295 ms 64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.311 ms --- 192.168.0.1 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.295/0.642/1.319/0.479 ms [EMAIL PROTECTED] /home/andy/Qos]# tc -s filter ls dev eth0 filter parent 1: protocol arp pref 49152 u32 filter parent 1: protocol arp pref 49152 u32 fh 800: ht divisor 1 filter parent 1: protocol arp pref 49152 u32 fh 800::800 order 2048 key ht 800 bkt 0 (rule hit 1 success 0) match / at 0 (success 1 ) [EMAIL PROTECTED] /home/andy/Qos]# tc -V tc utility, iproute2-ss050330 Andy. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc