[LARTC] QoS on bridge device
Hi! Usually if you have a machine and traffic passes through it: +-+ eth0| QoS | -| box |- | |eth1 +-+ You can shape outgoing traffic on eth0 and eth1 effectively shaping both incoming/outgoing traffic. With bridging and above setup you only have a single device br0 - my question is whether you can shape both incoming/outgoing traffic on this device (i would presume it is not possible) or do you need to redirect traffic passing through br0 to imq0 and do shaping on outgoing traffic on both br0 and imq0? -- Regards Abraham If you're not part of the solution, you're part of the precipitate. ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
RE: [LARTC] QoS on bridge device
I use this configuration. You still use eth0 and eth1 and not br0. It works as intended. tc operates at one level below bridging code at the device queue level as I understand it. Thus whether it is a bridge or router, we shape on the physical interface level. I guess like imq (virtual device) some tinkering will need to be done to use br0 as a device on which QoS can be applied. HTH Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Abraham van der Merwe Sent: 04 March 2003 14:29 To: Linux Advanced Routing Traffic Control list Subject: [LARTC] QoS on bridge device Hi! Usually if you have a machine and traffic passes through it: +-+ eth0| QoS | -| box |- | |eth1 +-+ You can shape outgoing traffic on eth0 and eth1 effectively shaping both incoming/outgoing traffic. With bridging and above setup you only have a single device br0 - my question is whether you can shape both incoming/outgoing traffic on this device (i would presume it is not possible) or do you need to redirect traffic passing through br0 to imq0 and do shaping on outgoing traffic on both br0 and imq0? -- Regards Abraham If you're not part of the solution, you're part of the precipitate. ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] QoS on bridge device
The shaping is done on eth0 and eth1. There is also a patch that allows you to match packets that are passing the bridge with iptables. Br0 is used only for trafic that is for the bridge. Eg. a machine has a route through the ip of br0. Bogdan Coman On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote: Hi! Usually if you have a machine and traffic passes through it: +-+ eth0| QoS | -| box |- | |eth1 +-+ You can shape outgoing traffic on eth0 and eth1 effectively shaping both incoming/outgoing traffic. With bridging and above setup you only have a single device br0 - my question is whether you can shape both incoming/outgoing traffic on this device (i would presume it is not possible) or do you need to redirect traffic passing through br0 to imq0 and do shaping on outgoing traffic on both br0 and imq0? -- Regards Abraham If you're not part of the solution, you're part of the precipitate. ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] QoS on bridge device
Hi Bogdan! Thanks. One more question: If I match packets for shaping (instead of tc filters), which chain should I match packets on? Usually I use FORWARD in the mangle table, but if I look at the following diagram: http://www.sparkle-cc.co.uk/firewall/firewall.html it seems that packets won't go through FORWARD anymore (if it goes through the bridge) so I guess I should match packets on OUTPUT in the mangle table - is this assumption correct? The shaping is done on eth0 and eth1. There is also a patch that allows you to match packets that are passing the bridge with iptables. Br0 is used only for trafic that is for the bridge. Eg. a machine has a route through the ip of br0. Bogdan Coman On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote: Hi! Usually if you have a machine and traffic passes through it: +-+ eth0| QoS | -| box |- | |eth1 +-+ You can shape outgoing traffic on eth0 and eth1 effectively shaping both incoming/outgoing traffic. With bridging and above setup you only have a single device br0 - my question is whether you can shape both incoming/outgoing traffic on this device (i would presume it is not possible) or do you need to redirect traffic passing through br0 to imq0 and do shaping on outgoing traffic on both br0 and imq0? ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Regards Abraham I'm not sure whether that's actually useful... -- Larry Wall in [EMAIL PROTECTED] ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
RE: [LARTC] QoS on bridge device
The packet flow diagrams have been well documented here. http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html If you are matching packets for shaping, you must use tc. iptables will not do any shaping. It will only modify headers and take decision on packet flow. The only place where this would be amenable to any kind of traffic management is rate limiting. This is not in any place/ application constitute/construe bandwidth management or traffic shaping. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Abraham van der Merwe Sent: 04 March 2003 18:36 To: Bogdan Coman Cc: Linux Advanced Routing Traffic Control list Subject: Re: [LARTC] QoS on bridge device Hi Bogdan! Thanks. One more question: If I match packets for shaping (instead of tc filters), which chain should I match packets on? Usually I use FORWARD in the mangle table, but if I look at the following diagram: http://www.sparkle-cc.co.uk/firewall/firewall.html it seems that packets won't go through FORWARD anymore (if it goes through the bridge) so I guess I should match packets on OUTPUT in the mangle table - is this assumption correct? The shaping is done on eth0 and eth1. There is also a patch that allows you to match packets that are passing the bridge with iptables. Br0 is used only for trafic that is for the bridge. Eg. a machine has a route through the ip of br0. Bogdan Coman On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote: Hi! Usually if you have a machine and traffic passes through it: +-+ eth0| QoS | -| box |- | |eth1 +-+ You can shape outgoing traffic on eth0 and eth1 effectively shaping both incoming/outgoing traffic. With bridging and above setup you only have a single device br0 - my question is whether you can shape both incoming/outgoing traffic on this device (i would presume it is not possible) or do you need to redirect traffic passing through br0 to imq0 and do shaping on outgoing traffic on both br0 and imq0? ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Regards Abraham I'm not sure whether that's actually useful... -- Larry Wall in [EMAIL PROTECTED] ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] QoS on bridge device
Hi S! The packet flow diagrams have been well documented here. http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html That assumes you're using ebtables and matching traffic passing through br0. I want to match traffic passing through eth0 and eth1. If you are matching packets for shaping, you must use tc. iptables will not do any shaping. It will only modify headers and take decision on packet flow. The only place where this would be amenable to any kind of traffic management is rate limiting. This is not in any place/ application constitute/construe bandwidth management or traffic shaping. Yes, I know. tc matches traffic according to flags set in skb-priority. I'm using iptables to match traffic and set those priorities (so like I said I'm not using tc filters - i'm still using tc qdiscs to do the actual shaping). -- Regards Abraham I prefer rogues to imbeciles, because they sometimes take a rest. -- Alexandre Dumas (fils) ___ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: [EMAIL PROTECTED] pgp0.pgp Description: PGP signature