Mike Harris wrote:
I test this using ping but it doesn't seem to work properly, whichever
interface is set as the default route becomes just that. So 'ping -I
eth0 lartc.org' works but 'ping -I eth1 lartc.org' doesn't.
The source selection code of the ping binary is broken. Try
-I
William Xu wrote:
Hi Peter, thanks for looking at this.
Here are the information I got after running tests. The client1 got
7MB/s instead of 40MB/s for SEND,
and 40MB/s for RECV during the test.
Thanks,
william
# ip link show
...
5: eth2: BROADCAST,MULTICAST,UP,LUP mtu 9000 qdisc htb qlen
Ben Scott wrote:
Now, for the sake of knowledge, let us say that a piece of needed
software didn't have an option to bind to a specific interface. Would
it be possible to control the outgoing route/interface anyway, by
using iptables or some other mechanism external to the software? For
William Xu wrote:
Hi,
I have a server and ten clients in a Gigabit network. The server has
125mbps network bandwidth.
I want that the server has 40Mbps bandwidth reserved for client 1 (IP
192.168.5.141), and the
rest bandwidth is for all other clients.
snip
I ran a test in which all 10
William Xu wrote:
So TC works well as long as total bandwidth is below 90MB/s, which is
about 70% of the
wise speed. Is it possible that I can use the full bandwidth (122MB/s)
in my script?
In order to troubleshoot further more info is needed:
1) execute your script with 120MB/s as limit
Ben Scott wrote:
On 10/25/07, Peter Rabbitson [EMAIL PROTECTED] wrote:
Unfortunately not easy without doing local NAT (from the local interface
to another local interface).
I thought that might be the case. I even started to write a rule
about how the NAT might work... but then I ran
anshul makkar wrote:
Hi,
I need to support port ranges in tc filter rules.
I know how to formulate the rule but , I am not able to understand how
to calculate the mask value for a perticular range so as to segregate
the port values that lie within this range .
I got the following sample
tc
Lately I had time to make some progress on the problem stated at the
start of this thread. Now however I am facing a problem with HTB not
working correctly. Since I use the same rules on multiple interfaces, I
use the same impossibly high ceil for all of them (1Gbyte), and rely on
priorities
Michal Soltys wrote:
Peter Rabbitson wrote:
Hello,
I am attempting to match on a single bit of the NF mark value, and
after hours of reading and googling I can not get the syntax right. It
got to be something very simple, yet I can't find it. Any help will be
greatly appreciated.
Hmm
Hello list,
I need to realize a complicated custom shaping setup, and given very
little experience with shaping I just can't wrap my head around it. I am
not seeking a complete script, I just need an idea/a set of pointers on
how to best subdivide traffic accordingly to my needs, and which
Grant Taylor wrote:
I my self and the company that I work for want to offer as much back to
the community as it has offered to us.
My company has invested time and money
I am curious what the community's reaction is to this and ask for and
encourage responses with regards to when is it
);
}
}
alen = sizeof(source);
if (getsockname(probe_fd, (struct sockaddr*)source, alen) == -1) {
perror(getsockname);
exit(2);
}
source.sin_port = 0;
close(probe_fd);
} while (0);
Peter Rabbitson wrote:
Hi,
I have a testing multihome
Hi,
I have a testing multihome setup, with the default gateway being one of
the links and using policy routing to honor requests for a specific
link. Everything works as expected when I request a specific IP to bind
to. But if I request a specific interface things fall apart in ways that
I
Grant Taylor wrote:
On 6/27/2007 12:54 AM, Peter Rabbitson wrote:
I am actually simply jealous that some people apparently get it to
work in-kernel, and I can't seem to.
Ah, so the truth comes out. ;)
Hehe
My requirements are pretty simple:
o As transparrent as possible DGD, that can
Grant Taylor wrote:
Well let me take a moment to be sure we are thinking the same thing. You
want the kernel to be able to realize that one route through a given
default gateway is no good for a given destination and use a different
default gateway even though the kernel can reach other
Grant Taylor wrote:
On 6/27/2007 3:03 AM, Peter Rabbitson wrote:
I want the kernel to be able to realize that a gateway is no good for
any destinations other than the specified netblock.
Would it be fair to say that you are wanting an administratively
configurable ignore addresses that fall
Grant Taylor wrote:
Could you give me a suggestion?
Thanks.
Do not use this method to load balance. Look in to Equal Cost Multi
Path (a.k.a. ECMP) routing and specifying multiple default gateways on
one route command. The kernel should try to load balance across the
multiple default
Grant Taylor wrote:
First and foremost: It did not cover the reason ... route caching will
kill ... to my satisfaction like you indicated.
Can you elaborate on this? My only issue with the kernel route balancing
is that route caching can not be disabled entirely, so traffic to the
same site
Salim S I wrote:
The caching is per destination and source ip. TOS, fwmark and input
interface too, if present.
Interesting... It definitely did not work in my scenario though. I am
going to test this again in the near future, and if you are right I will
rest my case.
Routing with
Grant Taylor wrote:
I need a way for the Linux kernel to try to use a default gateway and
switch to another one if it does not see any traffic.
I don't know about any working in-kernel solutions, but you can do it
trivially with netfilter and a cronjob:
* In netfilter do this:
-t
Grant Taylor wrote:
On 06/21/07 10:35, Peter Rabbitson wrote:
I don't know about any working in-kernel solutions, but you can do it
trivially with netfilter and a cronjob:
snip
If I understand what you are proposing correctly, it looks like you are
jumping to a sub-chain used used only
Grant Taylor wrote:
On 06/21/07 11:00, Peter Rabbitson wrote:
Ah, here is part of the problem.
(eth1) --- (DSL Modem) / DSL Gateway
Server --- (DMZ) --- (Linux Router)
(eth2) --- (Cable Modem / Cable Gateway
Note: Globally routable DMZ
Grant Taylor wrote:
No, again, if you are dealing with modem router combos, I'll grant you
what you say, but not on bridging modems.
*nod* I had several cases when my ISP had problems like the one ou
describe below, so the first 2 hops were pingable but nothing outside.l
This is why I
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it, but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They have
their own routing tables also. But at present, they are all empty.
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it, but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They have
their own routing tables also. But at present, they are all empty.
Salim S I wrote:
NATing is done with MASQUERADE, not SNAT, I use another MARK for it,
but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They
have
their own routing tables also. But at present, they are all
Salim S I wrote:
I solved it, thought a bit ugly.
Sorry I didn't answer earlier. Can you post your iptables rules too, the
routing alone is not sufficient. If your setup is confidential at least
show all statements that set MARKs one way or another. What you did is
strange, but it might
Andrea wrote:
This is the exact way that I used for managing traffic of my lan towards
ISPs. But is this mode still valid if I want to manage services
executed directly in the router?
this rule:
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
capture all (web)
Andrea wrote:
Very very clear. Thanks very much!!! The only still obscure aspect for
me is this:
you can request a specific interface (what you would do with the ping
script)
Check the man page of ping, and look for the '-I' option. Most network
testing utilities have this capability in
Salim S I wrote:
Thanks! I get it now.
But why the src address for the interface is wrong?
In my case eth2 has a.b.c.d and eth3 has p.q.r.s.
DNS queries going through eth2 has p.q.r.s as src address and those
going through eth3 has a.b.c.d. Something wrong with routing?
Possible. Post full
Salim S I wrote:
-Original Message-
From: Luciano Ruete [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 30, 2007 11:46 AM
To: Salim S I
Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter
On Tuesday 29 May 2007 03:16:47 you wrote:
None of the load balancing techniques
Salim S I wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter Rabbitson
Sent: Monday, May 14, 2007 1:57 PM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] Multihome load balancing - kernel vs netfilter
Hi,
I have searched the archives
. This pretty much answers my original question. Thank you for
your time.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter Rabbitson
Sent: Monday, May 14, 2007 3:16 PM
To: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Multihome load balancing - kernel vs
Salim S I wrote:
Francis Brosnan Blazquez wrote:
Hi,
I've been implementing a load balancing solution using CONNMARK, based
on solution described by Luciano Ruete at [1]. Gracias por el post y por
apuntar en la dirección correcta Luciano!
Once implemented, I've found that
Peter Rabbitson wrote:
...
In the case of _local_ traffic - it becomes even trickier. The problem
is that when sockets are created they already have a source IP (the
kernel determines that by looking at the default routing table, your
marks do not exist yet).
This is misleading
Francis Brosnan Blazquez wrote:
Hi,
I've been implementing a load balancing solution using CONNMARK, based
on solution described by Luciano Ruete at [1]. Gracias por el post y por
apuntar en la dirección correcta Luciano!
Once implemented, I've found that due to some reason packets aren't
This is more of a NF question but it is tightly related to LARTC as well. In the
following example:
-t mangle -A PREROUTING -i eth0 -j MARK 0x1
-t mangle -A INPUT -i eth0 -j MARK 0x2
Since MARK is a non-terminatring target, what would be the resulting mark on a packet
comming from the
Hello list. I have been trying to figure this out on my own, but I guess I
somewhat failed :) A linux router with external eth0 and internal eth1 acts
as a gateway for a number of machines utilizing a partial T1 line (512kbps).
Since the T1 is limited by hardware and by its nature to 64kbps per
38 matches
Mail list logo
