[LARTC] unsubscribe
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Multi Routing Problem
hi all, i am trying to do some advance routing for our clients on a multi route platform !.. at present am trying on a test bed.. i followed the example applied julian's patch to kernel 2.4.19 have gone thru the docs at the site... i have defined basically 3 groups for clients-- cache, cisco, balance.. the name specifies the importance.. this is the details of what i did-- [root@Lr1 root]# ip rule ls 0: from all lookup local 10: from EXTnA.124/25 lookup ONE 20: from EXTnB.106/26 lookup TWO 100:from 192.168.1.10 lookup CACHE 101:from 192.168.1.20 lookup CISCO 150:from 192.168.1.30 lookup BALANCE 200:from all lookup ME 32766: from all lookup main 32767: from all lookup 253 [root@Lr1 root]# ip route ls ta ONE default via EXtnA.1 dev eth1 src EXTnA.124 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta TWO default via EXTnB.70 dev eth0 src EXTnB.106 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta CACHE default via EXTnA.1 dev eth1 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta CISCO default via EXTnB.70 dev eth0 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta BALANCE default nexthop via EXTnB.70 dev eth0 weight 1 nexthop via EXTnA.1 dev eth1 weight 1 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta ME default nexthop via EXTnA.1 dev eth1 weight 1 nexthop via EXTnB.70 dev eth0 weight 1 prohibit default proto static metric 1 [root@Lr1 root]# ip addr ls 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:50:bf:4b:f7:84 brd ff:ff:ff:ff:ff:ff inet EXTnB.106/26 brd EXTnB.127 scope global eth0 3: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:b9:69:99 brd ff:ff:ff:ff:ff:ff inet EXTnA.124/25 brd EXTnA.127 scope global eth1 4: eth2: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:b9:69:9a brd ff:ff:ff:ff:ff:ff inet 192.168.0.1/16 brd 192.168.255.255 scope global eth2 [root@Lr1 root]# ip route ls 203.163.146.64/26 dev eth0 scope link 203.163.149.0/25 dev eth1 scope link 192.168.0.0/16 dev eth2 proto kernel scope link src 192.168.0.1 127.0.0.0/8 dev lo scope link here ONE TWO are the two external links.. ME is used for local server DNS deamon.. the other three viz CACHE CISCO BALANCE are the routes the clients ip's must follow.. i have enabled ip_forward .. iptables rules are also specified correct .. i.e according to the ip.. BUT am **NOT** able to surf at all from internal network... not even able to ping eth2 !!!.. default INPUT OUTPUT are set to ACCEPT while FORWARD is DROP.. whats missing there ?.. after trying all day i want guidance now... awaiting a reply very anxiously A.H ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] unsubscribe
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Multi Routing Problem
hi all, i am trying to do some advance routing for our clients on a multi route platform !.. at present am trying on a test bed.. i followed the example applied julian's patch to kernel 2.4.19 have gone thru the docs at the site... i have defined basically 3 groups for clients-- cache, cisco, balance.. the name specifies the importance.. this is the details of what i did-- [root@Lr1 root]# ip rule ls 0: from all lookup local 10: from EXTnA.124/25 lookup ONE 20: from EXTnB.106/26 lookup TWO 100:from 192.168.1.10 lookup CACHE 101:from 192.168.1.20 lookup CISCO 150:from 192.168.1.30 lookup BALANCE 200:from all lookup ME 32766: from all lookup main 32767: from all lookup 253 [root@Lr1 root]# ip route ls ta ONE default via EXtnA.1 dev eth1 src EXTnA.124 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta TWO default via EXTnB.70 dev eth0 src EXTnB.106 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta CACHE default via EXTnA.1 dev eth1 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta CISCO default via EXTnB.70 dev eth0 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta BALANCE default nexthop via EXTnB.70 dev eth0 weight 1 nexthop via EXTnA.1 dev eth1 weight 1 prohibit default proto static metric 1 [root@Lr1 root]# ip route ls ta ME default nexthop via EXTnA.1 dev eth1 weight 1 nexthop via EXTnB.70 dev eth0 weight 1 prohibit default proto static metric 1 [root@Lr1 root]# ip addr ls 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:50:bf:4b:f7:84 brd ff:ff:ff:ff:ff:ff inet EXTnB.106/26 brd EXTnB.127 scope global eth0 3: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:b9:69:99 brd ff:ff:ff:ff:ff:ff inet EXTnA.124/25 brd EXTnA.127 scope global eth1 4: eth2: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:b9:69:9a brd ff:ff:ff:ff:ff:ff inet 192.168.0.1/16 brd 192.168.255.255 scope global eth2 [root@Lr1 root]# ip route ls 203.163.146.64/26 dev eth0 scope link 203.163.149.0/25 dev eth1 scope link 192.168.0.0/16 dev eth2 proto kernel scope link src 192.168.0.1 127.0.0.0/8 dev lo scope link here ONE TWO are the two external links.. ME is used for local server DNS deamon.. the other three viz CACHE CISCO BALANCE are the routes the clients ip's must follow.. i have enabled ip_forward .. iptables rules are also specified correct .. i.e according to the ip.. BUT am **NOT** able to surf at all from internal network... not even able to ping eth2 !!!.. default INPUT OUTPUT are set to ACCEPT while FORWARD is DROP.. whats missing there ?.. after trying all day i want guidance now... awaiting a reply very anxiously A.H ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Multi Routing Problem.
Hello, On Mon, 19 Aug 2002, Arindam Haldar wrote: applied julian's patch to kernel 2.4.19 have gone thru the docs at the site... i have defined basically 3 groups for clients-- cache, cisco, balance.. the name specifies the importance.. this is the details of what i did-- Carefully analyze the docs... [root@Lr1 root]# ip rule ls 0: from all lookup local # direct communications are first priority ip rule add prio 5 table main 10: from EXTnA.124/25 lookup ONE 20: from EXTnB.106/26 lookup TWO 100:from 192.168.1.10 lookup CACHE 101:from 192.168.1.20 lookup CISCO 150:from 192.168.1.30 lookup BALANCE 200:from all lookup ME 32766: from all lookup main 32767: from all lookup 253 BUT am **NOT** able to surf at all from internal network... not even able to ping eth2 !!!.. default INPUT OUTPUT are set to ACCEPT while FORWARD is DROP.. First try with all ACCEPT. whats missing there ?.. after trying all day i want guidance now... awaiting a reply very anxiously Your setup is a bit strange: internal hosts use some gateways, the external addresses use different gateways. The problem is that if you are using NAT and for example 192.168.1.10 is SNAT-ed the packet will leave with new saddr (the masquerade address). Looking in your rules there is different gateway for the masquerade address. This can't work. The current framework requires that: - if one internal IP is masqueraded to a specific address, you need the 2 routes to be similar, i.e.: from INT_IP to TARGET and from MASQ_IP to TARGET to use same gateway and device. This is even mandatory for the patches. Currently, the first packet for one connection is routed via the route from INT_IP to TARGET, the SNAT rules assign masquerade address at postrouting and then all next packets are routed via the 2nd route - 1 route per forwarded packet. It is a bit strange these two routes to use different gateways. Do you have a good reason for this? Also note that rules in the form from 0/0 to ANY_TARGET where ANY_TARGET can be any subnet including 0/0 are used for source address autoselection - the resulting preferred source IP is used as saddr. It is not used only as default rule. So, playing tricks with different gateways is not possible. The setup is ambiguous if NAT is involved. A.H Regards -- Julian Anastasov [EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] uplink with multiple lines
Hello, On Tue, 20 Aug 2002, Calvin Dodge wrote: Two of the modems _do_ have private IP addresses (192.168.x.1) - could that be confusing the kernel? If so, do I need to get public IP addresses for those modems? AFAIK, there is not flag public for the IP addresses in Linux, at least, not in IPv4. The kernel does not know anything about private/reserved IP ranges. Do I HAVE to create a patched kernel (ala Anastasov)? May be not. But you can try to understand the settings provided in the docs. The essential thing to understand is how the ip rules and routes are ordered, how the NAT uses the routing, why the NAT in plain kernels sometimes breaks with multipath routes, what kind of nexthops the kernel can live with, can you live without dead gateway detection, if not, how it works (in kernel? help from user space?), etc. May I post the script I used to try this out? Or if possible to provide reference to it after the 5th reading of all docs :) Thanks, folks! Calvin Dodge Certified Linux Bigot (tm) http://www.caldodge.fpcc.net Regards -- Julian Anastasov [EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: LARTC digest, Vol 1 #728 - 11 msgs
Text Item Description: Binary data I will be out of the office from 8/19 until 8/23. I will be returning on Monday afternoon, 8/26, and will reply then. Thank you, Michael Pellegrino Softerware, Inc. ___ Subject: LARTC digest, Vol 1 #728 - 11 msgs From: [EMAIL PROTECTED] Date: 08/20/02 18:25:03 This item was automatically created and contains MIME Information.
Re: [LARTC] HTB equivalent for 'bounded' and 'isolated' in CBQ
On Fri, 16 Aug 2002, Stef Coene wrote: The 'ceil' parameter allows us to implement a part of the 'isolated' definition above. By setting it equal to 'rate', the class does not borrow bandwidth, but what will stop other classes from borrowing its unused bandwidth? Providing no ceil parameter means rate = ceil. But this can not be used to implement isolated like in cbq. Rate = ceil means the class can not use more bandwidth then it's rate. Isolated in cbq means other classes can not borrow bandwidth from the class and that's not the same. There is no way you can implement isolated with htb. But with htb you can do something like this : Total : 100 class1 rate 20 ceil 20 class2 rate 40 ceil 80 class3 rate 40 ceil 80 class 1 is isolated like in cbq. It can not use more then it's rate/ceil and class2 and class3 will never use bandwidth from class1, only from each other. Just like the definition of isolated :) What happens when there is no traffic in class 1? Will class 2 and 3 share class 1's bandwidth then? The reason I am asking these questions is because I am trying to see if HTB can be used in place of CBQ in Diffserv. Has anybody tried something like this? Regards, Amit -- I'm an angel!!! Honest! The horns are just there to hold the halo up straight. ^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^ Amit Kucheria EECS Grad. Research Assistant University of Kansas @ Lawrence (R): +1-785-830-8521 ||| (C): +1-785-760-2871 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] HTB and bridge...
does anyone know about HTB shaping in a bridging machine? I currently run my shaper box as bridge and something is going strange, such as a class cannot send at rate it supposed to. I mean if anyone know something about bridging and its htb shaping behavior. thanks in advance. __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/