[LARTC] tc filter information
Hello list, I guess I am jumping in here at the deep end... I have had a look at the lartc web pages, found the wondershaper script, read through as much of the HOWTO as possible without my brain exploding, and I feel that I get the concepts kinda OK. The thing that I am having trouble with are the tc filtertype specific parameters. I've read a great message on the archives of this mailing list with some examples (Andrea Rossato did a lot to help me understand the syntax better with a posting from 2002 for example) but I just can't find anything that outlines how the filters work in tc. Am I not looking in the right spots or is it not out there? I'd really appreciate some pointers to some good resources, or failing that some good archived messages that explain how this tc filter magic works. ... the crux of my inquiry is that I am hoping to prioritise all ipsec packets and only allow web and email traffic with the remaining bandwidth. The wondershaper goes a long way to helping me with this but doesn't go the whole distance. ;-) Thanks, Ian Hogben Network/Systems Administrator Department of Sport and Recreation 246 Vincent Street, Leederville, WA 6007 PO Box 329 Leederville WA 6903 Tel: (08) 9492 9860 Fax: (08) 9492 9711 Mob: 0419 909 171 Web: www.dsr.wa.gov.au ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] qdisc prio problem
Hi to all! I'm studying qdisc prio but I have some problems. I want to create 3 queue (3 bands prio), each one associated to a workstation. I mark (with iptables) packets using workstation mac address and then send all packets in a particular queue. qdisc prio with handle 10: (default priomap) WS1 - queue 10:1 WS2 - queue 10:2 WS3 - queue 10:3 I set it correctly (with no problem), but if WS1, WS2 and WS3 generate the same traffic (same protocol) at the same time, bandwidth is equally divided (priority is not applied). If WS1 generate traffic with scp tool and WS2 generate traffic with ssh (interactive), priority is correctly applied. is there a way to configure qdisc prio so that all traffic generated by a ws has a fixed priority (not depending on tos, protocol used,...) ? Very thanks, Fabio ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Load-banancing. two ip's from one isp - solution
hi for those who was fallowing this topic I can say that IP_ROUTE_MULTIPATH_CACHED must be disabled! After few tests I'm quite sure that this was cousing my problems. Now I'm using 2.5.15 kernel without patch of Julian Anastasov and load-balancing is working. lartc split-access how to and http://www.ssi.bg/~ja/nano.txt now both are working fine Now I will try to use fwmark based routing and propably I will write with next problem soon :P Pozdrawiam Szymon Mroofka ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Load-banancing. two ip's from one isp - solution
On Wed, 2006-03-29 at 19:12 +0200, sAwAr wrote: hi for those who was fallowing this topic I can say that IP_ROUTE_MULTIPATH_CACHED must be disabled! After few tests I'm quite sure that this was cousing my problems. Now I'm using 2.5.15 kernel without patch of Julian Anastasov and load-balancing is working. FYI those patches do allot of things. Like static routes, unplug an interface or shut it down and watch all your routes and tables go away. Much less all the stuff the alt routes patch addresses. As for no nat? Interesting. lartc split-access how to and http://www.ssi.bg/~ja/nano.txt now both are working fine Yeah over all you are cool if the rules are correct, but if you have a line go down or etc. You will want the prohibit line so a icmp message is sent. Now I will try to use fwmark based routing and propably I will write with next problem soon :P Cool, that's one I have not done myself. Not found a need so far, been able to do all I have need via other means. -- Sincerely, William L. Thomson Jr. Obsidian-Studios, Inc. http://www.obsidian-studios.com ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Load-banancing. two ip's from one isp - solution
Dnia środa, 29 marca 2006 20:18, William L. Thomson Jr. napisał: On Wed, 2006-03-29 at 19:12 +0200, sAwAr wrote: hi for those who was fallowing this topic I can say that IP_ROUTE_MULTIPATH_CACHED must be disabled! After few tests I'm quite sure that this was cousing my problems. Now I'm using 2.5.15 kernel without patch of Julian Anastasov and load-balancing is working. FYI those patches do allot of things. Like static routes, unplug an interface or shut it down and watch all your routes and tables go away. Much less all the stuff the alt routes patch addresses. I'll patch when I'll upgrading kernel or if there will be such need maby very soon. For now I'm tired of compiling and instaling new kernel it takes too long on my old and slow box ;). As for no nat? Interesting. lucy ~ # iptables -L -nv -t nat Chain PREROUTING (policy ACCEPT 47557 packets, 5508K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 1484 packets, 116K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 1404 packets, 99243 bytes) pkts bytes target prot opt in out source destination Yes... no nat needed. lartc split-access how to and http://www.ssi.bg/~ja/nano.txt now both are working fine Yeah over all you are cool if the rules are correct, but if you have a line go down or etc. You will want the prohibit line so a icmp message is sent. My box is only used as a desktop so I don't need to care about any errors, this will not couse any problem like in big networks or companys where people need to have access to the internet all the time. I thing I've done it by in my script: ip route append prohibit default table wew metric 1 proto static ip route append prohibit default table zew metric 1 proto static in my new routing tables. Now I will try to use fwmark based routing and propably I will write with next problem soon :P Cool, that's one I have not done myself. Not found a need so far, been able to do all I have need via other means. I'm using iptables to mark packets for htb so it should be easy to add few new rules and use it in routing... I hope it will be but I'm afraid that becouse of I can't use PRERUTING chain (only local packets OUTPUT chain) there may be some problems with it I'll check it soon. Pozdrawiam -- Seksualna edukacja... http://link.interia.pl/f191b ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] How to define class type hierarchy of speeds?
Hi I'm very very new to tc iproute etc and have read the LARTC howto. What I want to do is create some master classes of bandwidth limit and below that per ip address which inherits from this master class. Example: one queue for 128Kbps other queue for 256Kbps What I want now is that for example in class 128Kbps the ip 10.0.0.5, 10.0.0.8 etc. goes BUT every ip adress will have 128Kbps. The same for 256Kbps. 128Kbps |_ 10.0.0.5 |_ 10.0.0.8 256Kbpss |_ 10.0.0.6 |_ 10.0.0.7 Is there now way to do that without create for any ip address its own master class? Do I have to do it like in example 15.1 (Cookbook) in the howto i.e. if I have 1000 ip addresses they are all flat there in? It would be nice to add such an example to ilustrate that. What I have noticed there are a lot of example but always with 2 different speeds but no one with customers of the same speed, same queueing disiplines but should not share the bandwidth but have each one the full speficied bandwidth. Or do I have overlooked or missinterpreted this examples? Thanks for any information! Beat -- Echte DSL-Flatrate dauerhaft für 0,- Euro*! Feel free mit GMX DSL! http://www.gmx.net/de/go/dsl ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] linux bridging vlans?
re can somebody tell me what am I doing wrong (at this late night hour), because vlan are not getting bridged at all. ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 ifconfig br0 up vconfig add br0 X vconfig add br0 Y X = vlan-ID (example: 222) Y = vlan ID (example: 223) # brctl show bridge name bridge id STP enabled interfaces br0 8000.1a1a4c74 no eth0 eth1 # cat /proc/net/vlan/config VLAN Dev name| VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD br0.X | X | br0 br0.Y | Y | br0 dmesg shows that: br0: port 2(eth1) entering learning state br0: port 1(eth0) entering learning state br0: topology change detected, propagating br0: port 2(eth1) entering forwarding state br0: topology change detected, propagating br0: port 1(eth0) entering forwarding state but still no data is forwarded from one interface to another? Is there any sysctl stuff, that I need to set up like 'ip_forwarding' when doing routing? Is there something bridging parameter for forwarding or am I misconfigured things above? thanks and regards, Andraz signature.asc Description: This is a digitally signed message part smime.p7s Description: S/MIME cryptographic signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] How to define class type hierarchy of speeds?
On Thu, Mar 30, 2006 at 01:17:00AM +0200, Beat Meier wrote: What I want now is that for example in class 128Kbps the ip 10.0.0.5, 10.0.0.8 etc. goes BUT every ip adress will have 128Kbps. The same for 256Kbps. 128Kbps |_ 10.0.0.5 |_ 10.0.0.8 256Kbpss |_ 10.0.0.6 |_ 10.0.0.7 I don't know if such a scheduler exists. With HTB, you could do it, but you would have to create a separate class per user. Which is not that much different from what this scheduler would do, as it has to keep track of every single IP's bandwidth either way. Do I have to do it like in example 15.1 (Cookbook) in the howto i.e. if I have 1000 ip addresses they are all flat there in? Example 15.1 seems to be based on CBQ. I did not have much luck with this scheduler myself. But as far as I know, it also would require you to create one separate class per user. What I have noticed there are a lot of example but always with 2 different speeds but no one with customers of the same speed, same queueing disiplines but should not share the bandwidth but have each one the full speficied bandwidth. I do not know such a script, since I'm doing traffic shaping for home use only. If you're looking for a script that does not primarily work by prioritizing traffic classes, but which works on a per-user basis, you could have a look at my own script. (http://www.metamorpher.de/fairnat) That is if you're willing to regard my former flatmates as customers and my former linux-based old PC router as high-end internet gateway. The script will by far not be flexible enough for a project of your scale, but at least it's user based and I put some effort into documenting it, so maybe it will be useful as an example to you. Kind regards Andreas Klauer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc