[LARTC] Range of ports
Hello, How can i set a range of ports on tc, and tc only works with tcp? or work with tcp and udp? Tank You ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] QoS on a bridge+NAT
Asle Festø wrote: I have a setup where I have three NIC in a Debian box. I have eth1 conected to internet and eth0 NAT'ed to 192.168.1.1. eth1 and eth2 are bridged together, given ip 192.168.122.2. What I want to achieve is to perform traffic shaping on the bridge as well as prioritizing the traffic from eth0 very low. (This is from trental flat ...) However it seems that I am unable to perform thhe traffic shaping from these two nets on eth1. Can somebody please help me? I am very new to traffic shaping but determined to learn ... Where should the root qdisc be attached to be able to prioritize between the two NICs eth 0 and eth2? You should be able to do egress internet traffic on eth1 - you've just got to work out a way to classify it as from eth0/2. There are probably several depends what other traffic is about. You could mark -i eth0 -o br0 with iptables etc. For ingress the policer eg. from lartc will not let you do prio. If the shaping box is just forwarding ingress internet traffic then you could use one ifb and redirect inbound internet traffic when it leaves eth0 and eth2. Again you need a way to classify and ingress shaping is not totally possible like on egress, but if you sacrifice enough bandwidth and keep queues short then it's better than doing nothing. I've never used cbq so haven't looked at the script. Andy. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] IFB - Download: 1xWAN (Internet) 2xLAN (local)
Robo R0b0 wrote: hello, i have eth0 (Internet) + eth1,eth2 (local), how to i use IFB in real for shaping Download, how to i redirect traffic from eth0 to ifb0 with "mark". I testing marking with iptables but any mark not working - always use "default" mark... If there is no traffic from the internet to the shaping box then you can redirect from egress on eth1 and 2 to ifb0 and marks will work. You need something classful on eth1/2 so if you are not shaping already put prio as root. Andy. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] IMQ action
Nikolay Nikolaev wrote: Hi. -j IMQ is equal -j ACCEPT...? i mean it after -j IMQ packet don't return in parent chain??? cause -j ACCEPT action accept the packet in the child chain and don't return it to parent... example: ipt="iptables -t mangle" $ipt -N HTTP $ipt -A HTTP -j IMQ // after this packet packets go to -t nat tables? or // it return to parent chain (PREROUTING) in mangle? $ipt -N OTHER $ipt -A OTHER -j IMQ $ipt -A PREROUTING [expression] -j HTTP $ipt -A PREROUTING -j OTHER all this I do for ingress traffic. thx. I don't think -j IMQ is terminating as an iptables rule. Whether it sees packets before / after (de)nat in prerouting depends on the kernel config options and gets logged for 2.6s. For 2.4s there is a patch to make it hook after nat. Andy. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Applying the same class to multiple interfaces
Leigh Sharpe wrote: This works OK, but it isn't quite what I want. I want to limit the traffic to 128K total. ie, 128K in one direction or the other, or 64K in each direction simultaneously, or 100K in one direction and 28K in the other, etc... I can't see anything in the tc docs which indicates that I can apply the same class and filter to multiple interfaces at once. I'd be happy enough with applying the same rate limit to a single interface, but measuring both ingress and egress traffic to come up with the lmit. Ultimately, of course, I'll be using different criteria to mark the packets. If there is no br traffic to be included you can do it by using one ifb redirecting packets from egress on eth0/1. If it's more complicated you may need to redirect from ingress aswell - but I don't think ingress on eths will not have gone through brtables to be marked. Andy. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc