[LARTC] Bonding + Shaping -- Is it Possible?
Hello All,I was curious to know if I can do traffic shaping on abonded Interface?Ex: I have to interfaces eth1 and eth2 which i have bonded together as bond0 , now the question is can I do shaping on eth1 and eth2 ??ThanksKartheeK Here's a new way to find what you're looking for - Yahoo! Answers Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Re: Routing packets over multiple links (NICS) all on the same ISP all with same gateway.
On 16-08-2006 16:18, Jacques Rompen wrote: On 8/16/06, *Jarek Poplawski* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: As far as I know multipath cached should work for routing output of a current box but it's not working for router (if something has not changed lately). Multipath without cached should do simple randomization, but maybe for the begining it would be better to assign fixed paths by source ip and save experimenting with multipaths for later. Jarek P. Hi Jarek, I will try with only multipath. Ive tried the static routes. But still ive had trouble getting this code to work ip ro add default nexthop via x.x.x.x dev eth1 weight 1 nexthop via y.y.y.y dev eth2 ip route add default table provider1 via x.x.x.x dev eth1 ip route add default table provider2 via y.y.y.y dev eth2 because x.x.x.x = y.y.y.y in my case. Somehow it doesnt look at the eth device anymore. Anyway in my opinion it should work. Try something like this: #IP_ROUTE_MULTIPATH = y #(if 2.6.x IP_ROUTE_MULTIPATH_CACHED = n !) #Here with CONNMARK method (so without Anastasov's patch!). #Change 192.168.0.0/24 and eth0 to your local network #address/mask and interface. ip route add default nexthop via x.x.x.x dev eth1 \ nexthop via x.x.x.x dev eth2 ip route add 192.168.0.0/24 dev eth0 table 101 ip route add default via x.x.x.x dev eth1 table 101 ip route add 192.168.0.0/24 dev eth0 table 102 ip route add default via x.x.x.x dev eth2 table 102 ip rule add fwmark 1 table 101 ip rule add fwmark 2 table 102 iptables -t mangle -A POSTROUTING -o eth1 -j MARK --set-mark 1 iptables -t mangle -A POSTROUTING -o eth2 -j MARK --set-mark 2 iptables -t mangle -A POSTROUTING -j CONNMARK --save-mark iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark echo 0 /proc/sys/net/ipv4/conf/all/rp_filter You should also add NAT (MASQERADE) rules. Nexthop devices will be changed randomly per flow (with some caching) so try with destinations from different networks. Jarek P. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] How to bypass traffic control for one IP
why would you want to access the adsl modem at 100Mbps? What is the speed your ISP provides to the adsl modem? -nik - Original Message - From: Yves BLUSSEAU [EMAIL PROTECTED] To: lartc@mailman.ds9a.nl Sent: Wednesday, August 16, 2006 6:16 PM Subject: [LARTC] How to bypass traffic control for one IP Hi all, i have a problem: i have an adsl modem that is connected to internet. I can't manage this modem. Between my PC and the modem i have a linux firewall that make the NAT and the traffic shapping. I have create a script that limit the bandwidth of the external interface of the firewall so i can manage my bandwidth for my internet application. The problem is that i need to access the adsl modem at full bandwith (100mbits) from my PC (through the linux firewall). So i need a configuration where all the internet IP are limited by the traffic control and where the IP of the modem is not slowdown by traffic shapping. Who have an idea for such configuration ? Thanks in advance. Yves ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] TCNG and filter priorities
Hello, A while ago I switched a bandwidth management setup from bash shell script using tc to a MUCH more readable tcng solution (yes, the same one I asked for help with earlier. It worked perfectly, thanks) and it's working very well. However, one of our clients now has a slightly unique situation, in that they're using colocation hosting to host their webserver with us, but keep the database server it connects to on their own connection, which only gets 2 Mbit to the outer world. I need to set up a special rule in the shaping script to specifically cover that connection and that connection only at a speed of 10 Mbit. Now back when I used tc directly I could just add a higher prio value to the tc filter statement, but I can't find the proper syntax to TCNG to make this setup work. What am I missing? -- Rens Houben |opinions are mine Resident linux guru and sysadmin | if my employers have one Systemec Internet Services. |they'll tell you themselves PGP key at http://marduk.systemec.nl/~shadur/shadur.key.asc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Re: Routing packets over multiple links (NICS) all on the same ISP all with same gateway.
On Thursday 17 August 2006 03:54, Jarek Poplawski wrote: On 16-08-2006 16:18, Jacques Rompen wrote: On 8/16/06, *Jarek Poplawski* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: As far as I know multipath cached should work for routing output of a current box but it's not working for router (if something has not changed lately). Multipath without cached should do simple randomization, but maybe for the begining it would be better to assign fixed paths by source ip and save experimenting with multipaths for later. Jarek P. Hi Jarek, I will try with only multipath. Ive tried the static routes. But still ive had trouble getting this code to work ip ro add default nexthop via x.x.x.x dev eth1 weight 1 nexthop via y.y.y.y dev eth2 ip route add default table provider1 via x.x.x.x dev eth1 ip route add default table provider2 via y.y.y.y dev eth2 because x.x.x.x = y.y.y.y in my case. Somehow it doesnt look at the eth device anymore. Anyway in my opinion it should work. Try something like this: #IP_ROUTE_MULTIPATH = y #(if 2.6.x IP_ROUTE_MULTIPATH_CACHED = n !) #Here with CONNMARK method (so without Anastasov's patch!). #Change 192.168.0.0/24 and eth0 to your local network #address/mask and interface. ip route add default nexthop via x.x.x.x dev eth1 \ nexthop via x.x.x.x dev eth2 ip route add 192.168.0.0/24 dev eth0 table 101 ip route add default via x.x.x.x dev eth1 table 101 ip route add 192.168.0.0/24 dev eth0 table 102 ip route add default via x.x.x.x dev eth2 table 102 ip rule add fwmark 1 table 101 ip rule add fwmark 2 table 102 iptables -t mangle -A POSTROUTING -o eth1 -j MARK --set-mark 1 iptables -t mangle -A POSTROUTING -o eth2 -j MARK --set-mark 2 iptables -t mangle -A POSTROUTING -j CONNMARK --save-mark iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark echo 0 /proc/sys/net/ipv4/conf/all/rp_filter if all ethx are on the same switch, you will need: echo 1 /proc/sys/net/ipv4/conf/all/arp_ignore #you can also do it in a per iface basis by default, if you recive an arp request(whohas) on a iface(iface1), asking for an ip that another iface(iface2) has, then the arp request is ansered with the MAC address of the first iface(iface1). If all devices are in the same fisical segment this can lead to a single device answer for all IPs, or to a total caos. This one is very hard to catch and i forgot to mention, now solved :-) -- Luciano ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Re: Routing packets over multiple links (NICS) all on the same ISP all with same gateway.
On Thursday 17 August 2006 14:48, Jacques Rompen wrote: On 8/17/06, Luciano Ruete [EMAIL PROTECTED] wrote: if all ethx are on the same switch, you will need: echo 1 /proc/sys/net/ipv4/conf/all/arp_ignore #you can also do it in a per iface basis by default, if you recive an arp request(whohas) on a iface(iface1), asking for an ip that another iface(iface2) has, then the arp request is ansered with the MAC address of the first iface(iface1). If all devices are in the same fisical segment this can lead to a single device answer for all IPs, or to a total caos. This one is very hard to catch and i forgot to mention, now solved :-) -- Luciano I will try all this tommorow, don't have acces to the box right now. About turning of arp. If you turn them all of, wouldnt the nics (ip's) be unfindable from the outside world? Or does the switch they connect to respond to such an arp request aswell? what you're turning off is that the device answers arp(whohas) requests for ips that are not from that specific device itself. The ips assigned to the device will cotinue answer as normal. But what you are saying is that if i had a box with 2 nics each connected to a different ISP, so each nic with a different gateway and ip. That if nic1 would recieve a arp request for the ip from nic2, it would respond with mac-adres from nic1. exactly! So that could mean that all packets would come in over nic1, even if they have destination ip(nic2)? exactly, and will arrive destiny anyway, but they are incoming for the wrong iface. Seems to me that this is never realy desirable. It is a really cuestionable default, but for shure that there are reasons for this(maybe a thread in lkml archives could answer this cuestion), reasons that i do not know. Especialy if nic2 would have an static ip and i would unplug nic2 on purpose. well thats the other scenario where i face the same problem, first guess is obvious MAC cache, and you tend to think that is fucked up, and no, it is this crossed arp answer. -- Luciano ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Routing packets over multiple links (NICS) all on thesame ISP all with same gateway.
Hi ! Luciano: thanks for your posts on lugmen.org.ar and lartc! I've read all of them, and I've a question: What diferrence bewtween this: - ip ro add default NEXTHOP via x.x.x.x dev eth1 weight 1 \ NEXTHOP via y.y.y.y dev eth2 and this: - ip route add x.x.x.x MPATH RR via y.y.y.y via z.z.z.z I work with 2.4 Kernel Series. Is connvenient upgrade to 2.6 ? Other question about this: iptables -t mangle -A POSTROUTING -o eth0 -j CONNMARK --set-mark 0x1 iptables -t mangle -A POSTROUTING -o eth1 -j CONNMARK --set-mark 0x2 My problem is that I use CONNMARK's marks in order to mark P2P traffic. Can I've a way to have diferents mark with CONNMARK ? Thank you!! Andres. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Bonding + Shaping -- Is it Possible?
Hello All,Has Any body of you worked on such a set up?KartheeKKartheeK [EMAIL PROTECTED] wrote: Date: Thu, 17 Aug 2006 07:31:25 +0100 (BST)From: KartheeK [EMAIL PROTECTED]To: lartc@mailman.ds9a.nlSubject: [LARTC] Bonding + Shaping -- Is it Possible? Hello All,I was curious to know if I can do traffic shaping on abonded Interface?Ex: I have to interfaces eth1 and eth2 which i have bonded together as bond0 , now the question is can I do shaping on eth1 and eth2 ??ThanksKartheeK Here's a new way to find what you're looking for - Yahoo! Answers Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW___LARTC mailing listLARTC@mailman.ds9a.nlhttp://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc Here's a new way to find what you're looking for - Yahoo! Answers Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc