I do not know about TOS, but it can be mapped well with filters.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Archana Rajagopal
Sent: Friday, December 07, 2007 2:56 AM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] prio qdisc not wokring
Hi,
I am
: Archana Rajagopal [mailto:[EMAIL PROTECTED]
Sent: Friday, December 07, 2007 10:36 AM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] prio qdisc not wokring
Thank you for the reply!
Is prio per flow based or per connection based.I mean if I have two
clients(two different systems)each
:[EMAIL PROTECTED] On Behalf Of Mohan Sundaram
Sent: Friday, October 19, 2007 12:09 PM
To: 'LARTC'
Subject: Re: [LARTC] exporting service on multiple wan
Salim S I wrote:
How about conn-marking the (NEW state)packets in POSTROUTING?
Would probably need to use conntrack ESTABLISHED,DNAT and ROUTE
How about conn-marking the (NEW state)packets in POSTROUTING?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mohan Sundaram
Sent: Friday, October 19, 2007 10:19 AM
To: LARTC
Subject: Re: [LARTC] exporting service on multiple wan
Fabio Marcone wrote:
Hi
SIP is pretty easy. Normally it uses 5060 port. But prioritizing this
port traffic won't enhance the overall voice quality.
RTP ports are decided dynamically during SIP handshake. To filter RTP
protocol from packet pattern will delay the traffic. So using port
number is easier way, BUT, you need
A different approach is to use iptables counters in FORWARD chain (-s
$CLIENT_IP -i eth0 -o ! eth0). That would require a rule for each user.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ming-Ching Tiew
Sent: Wednesday, September 05, 2007 11:09 AM
Older versions of ping does not support interface with I option. It
won't give error, but it simply won't work. I had such an issue and was
solved with the latest ping tool.
Have you tried using tcpdump to capture packets from interfaces?
-Original Message-
From: [EMAIL PROTECTED]
ip route add default via ppp0 table T1
via is not for device name.
After ppp0 is up, type ifconfig and see the gateway,and use that
gateway.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Indunil Jayasooriya
Sent: Tuesday, August 21, 2007 7:12 PM
Why don't you use DNAT ?
The via address is supposed to be the address of nexthop router.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Pranav Desai
Sent: Saturday, August 18, 2007 6:53 AM
To: lartc
Subject: [LARTC] Policy base forwarding issues
Is it because the TOS and DSCP values are different?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ming-Ching Tiew
Sent: Thursday, August 16, 2007 5:21 PM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] Unable to match/classify non-icmp traffic with TOS
Sorry, I hadn't seen 0x68 match.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salim S I
Sent: Friday, August 17, 2007 10:47 AM
To: 'Ming-Ching Tiew'; lartc@mailman.ds9a.nl
Subject: RE: [LARTC] Unable to match/classify non-icmp traffic
Did you try to capture the packets with tcpdump or something and check
the TOS field? Was it correct?
I had a similar set up before, though not bridge, and it worked.
-Original Message-
From: Salim S I [mailto:[EMAIL PROTECTED]
Sent: Friday, August 17, 2007 10:59 AM
To: 'Salim S I
Refer to the archives.
Use connmark.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Saulo Silva
Sent: Thursday, July 05, 2007 9:01 AM
To: LARTC@mailman.ds9a.nl
Subject: [LARTC] Load Balancing , MSN and SSL
HI All ,
I am running a FC6 box with two
http://mailman.ds9a.nl/pipermail/lartc/2007q2/020779.html
http://mailman.ds9a.nl/pipermail/lartc/2006q2/018964.html
Two different approaches.
-Original Message-
From: Saulo Silva [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 05, 2007 11:58 AM
To: Salim S I
Subject: Re: [LARTC
This is true for locally generated traffic only. Any
incomming/forwarded
traffic can be controlled in the PREROUTING, thus the cache is never
consulted.
The cache will still be consulted, in ip_route_input. That is for input
and forwarded traffic. Only if there is no matching entry, routing
The caching is per destination and source ip. TOS, fwmark and input
interface too, if present.
Routing with netfilter does not solve cache problems anyway, cache will
still be present, and it will be consulted before routing tables are
hit.
In my opinion, routing in netfilter gives more
Taylor
Sent: Wednesday, June 27, 2007 10:39 AM
To: Mail List - Linux Advanced Routing and Traffic Control
Subject: Re: [LARTC] Load Balance and SNAT problem.
On 6/26/2007 9:22 PM, Salim S I wrote:
The caching is per destination and source ip. TOS, fwmark and input
interface too, if present
I had the same problem. Had to disable ipsec interfaces to make things
work. Though the routing rules were in correct order, packets went to
ipsec interface.
Finally, I removed the patch.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Seba Tiponut
Use a ping script, which pings some IP every minute or so. Ping can bind
to a specific interface.
Ping -c 1 -w 1 -I eth1 $SOME_IP
Ping -c 1 -w 1 -I eth2 $SOME_IP
Check for return values for those pings.
Change your default routes based on the ping results.
This is the basic idea. You can add
NATing is done with MASQUERADE, not SNAT, I use another MARK for it,
but
in essence it is
-o eth2 -j MASQUEARDE
-o eth3 -j MASQUEARDE
In addition, there are several other MARKs for policy routing. They
have
their own routing tables also. But at present, they are all empty.
Slightly offtopic... Has anyone really experienced starving of low
priority traffic with PRIO qdisc?
In my setup, I never achieved that, though I also wanted exactly that
situation. I gave both the classes same amount of traffic at the same
time. High prio got more bandwidth, but no starvation,
at 15:46 +0800, Salim S I wrote:
Slightly offtopic... Has anyone really experienced starving of low
priority traffic with PRIO qdisc?
In my setup, I never achieved that, though I also wanted exactly
that
situation. I gave both the classes same amount of traffic at the
same
time. High prio
14, 2007 3:27 PM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
Salim S I wrote:
I solved it, thought a bit ugly.
Sorry I didn't answer earlier. Can you post your iptables rules too, the
routing alone is not sufficient
] Re: multiple routing tables for internal router
programs
On Thu, Jun 14, 2007 at 11:50:30AM +0800, Salim S I wrote:
I solved it, thought a bit ugly.
Have two more rules now in ip ru
32150: from all lookup main
32201: from all fwmark 0x200/0x200 lookup wan1_route
32202: from all fwmark
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salim S I
Sent: Wednesday, June 13, 2007 12:08 PM
To: 'Peter Rabbitson'
Cc: lartc@mailman.ds9a.nl
Subject: RE: [LARTC] Re: multiple routing tables for internal router
programs
My configuration
[EMAIL PROTECTED]:~# ip ru
0
You have to capture the local packets in OUTPUT chain, not in
PREROUTING.
Well, I have a problem with the ping scripts used for dead gateway
detection, I will post it in another thread.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Andrea
Sent:
Here is my issue with ping.
When I use -I with ping, the DNS queries for that domain is still sent
out with wrong source address through the interface, and hence, no
reply. This happens in both WAN interfaces.
When I add rules in OUTPUT chain to reroute packets with the unmatching
source address
]
Sent: Tuesday, June 12, 2007 7:24 PM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Re: multiple routing tables for internal router
programs
Salim S I wrote:
Thanks! I get it now.
But why the src address for the interface is wrong?
In my case eth2 has a.b.c.d and eth3 has p.q.r.s
-Original Message-
From: Luciano Ruete [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 02, 2007 11:28 AM
To: Salim S I
Cc: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter
Is not about ego, sorry if you take this personal, it is not my
intention
.
-Original Message-
From: Luciano Ruete [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 31, 2007 12:26 PM
To: Salim S I
Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter
On Wednesday 30 May 2007 00:58:18 you wrote:
First of all, learn about basic[1] mailing list rules, mainly
None of the load balancing techniques I have come across seems to cover
'IP-Persistence'. For example, a session with several connections (for
which no conntrack-helper modules exist), will have problems, as its
connections will be routed through different WAN interfaces. Some
servers are very
), but it seems to have
been fixed at the server level.
Could you please point out if I had missed any open discussion in the
list which covers these things?
-Original Message-
From: Luciano Ruete [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 30, 2007 11:46 AM
To: Salim S I
Subject: Re
I have thought about this approach, but, I think, this approach does not
handle failover/dead-gateway-detection well. Because you need to alter
all your netfilter routing rules if you find a link down. And then
reconfigure again when the link comes up. I am interested to know how
you handle that.
.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter Rabbitson
Sent: Monday, May 14, 2007 3:16 PM
To: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter
Salim S I wrote:
-Original Message-
From: [EMAIL
have misunderstood the concept?
-Original Message-
From: Manish Kathuria [mailto:[EMAIL PROTECTED]
Sent: Monday, May 14, 2007 1:36 PM
To: Salim S I
Cc: lartc@mailman.ds9a.nl; [EMAIL PROTECTED]
Subject: Re: [LARTC] DGD patch not detecting dead gateway
On 5/11/07, Salim S I [EMAIL PROTECTED
HTBs priority and PRIO qdisc are very different.
PRIO qdisc will definitely give better latency for your high priority
traffic, since the qdisc is designed for the purpose of priority. In
theory it will even starve the low priority traffic, if high prio
traffic is waiting to go out.
HTBs
To: 'Salim S I'; lartc@mailman.ds9a.nl
Subject: RE: [LARTC] PRIO and TBF is much better than HTB??
Hi,
Thanks for your answer.
You are right concerning the PRIO QDisc, but which I did not understand
is that the combination (PRIO+TBF) made a Shaping nearly exactly the
same as with HTB only with better
Francis Brosnan Blazquez wrote:
Hi,
I've been implementing a load balancing solution using CONNMARK, based
on solution described by Luciano Ruete at [1]. Gracias por el post y
por
apuntar en la dirección correcta Luciano!
Once implemented, I've found that due to some reason packets aren't
of one,though.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salim S I
Sent: Thursday, May 10, 2007 2:15 PM
To: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Load balancing using connmark
Francis Brosnan Blazquez wrote:
Hi,
I've been implementing
-Original Message-
From: Salim S I [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 10, 2007 5:22 PM
To: 'Francis Brosnan Blazquez'
Subject: RE: [LARTC] Load balancing using connmark
I think the main advantage of shorewall solution is that it applies
connmark to incoming packets from
: [LARTC] Load balancing using connmark
Salim S I wrote:
Francis Brosnan Blazquez wrote:
Hi,
I've been implementing a load balancing solution using CONNMARK,
based
on solution described by Luciano Ruete at [1]. Gracias por el post y
por
apuntar en la dirección correcta Luciano
I have a doubt. If you use such a script monitoring the link status with
ping and then reconfiguring, why do you need the DGD patch? You need to
do some reconfiguration (change multipath to a single default route)
anyway if you use the script, right?
Also, the DGD patch uses src to lookup the
42 matches
Mail list logo