[LARTC] match ip dst works, match ip dport doens't.

[LARTC] match ip dst works, match ip dport doens't.

[Q-ha Park]

Hi, 

I'm trying to limit the maximum outbound bandwidth for each destination
port using "match ip dport $port 0xffff" u32 classifier. But it seems
that it's not filtered by this classifier. I'm using kernel 2.4.24 with
almost all filter-related options configured, and tc patched to support
HTB.

Below is all commands I used to configure the outbound rate.
-------------------------------
$TC qdisc del dev eth0 root > /dev/null 2>&1
$TC qdisc add dev eth0 root handle 1: htb
$TC class add dev eth0 parent 1: classid 1:1 htb rate $RATEmbit ceil
$RATEmbit
$TC filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip dport
$PORT 0xffff flowid 1:1
-------------------------------

Please let me know what i'm probably doing wrong or missing. 

Thanks in advance.

::::::::::::::::::::::::::::::::::::::::::::::::::::::
Q-ha Park

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] match ip dst works, match ip dport doens't.

[Roy]

> Hi,
>
> I'm trying to limit the maximum outbound bandwidth for each destination
> port using '"'match ip dport $port 0xffff'"' u32 classifier. But it seems
> that it's not filtered by this classifier. I'm using kernel 2.4.24 with
> almost all filter-related options configured, and tc patched to support
> HTB.
>
> Below is all commands I used to configure the outbound rate.
> -------------------------------
> $TC qdisc del dev eth0 root > /dev/null 2>&1
> $TC qdisc add dev eth0 root handle 1: htb
> $TC class add dev eth0 parent 1: classid 1:1 htb rate $RATEmbit ceil
> $RATEmbit
> $TC filter add dev eth0 parent 1: protocol ip prio 1 u32 match ip dport
> $PORT 0xffff flowid 1:1
> -------------------------------

Is it ALL script? since filter priorities means alot
and are you sure you want to limit destination(client) ports not
source(sever)?

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

RE: [LARTC] match ip dst works, match ip dport doens't.

[Q-ha Park]

> [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Roy

> Is it ALL script?
Yes, it was just a test script to see if the port filtering works okay.
What I found right after posting to the mailing list, it did work with
TCP port. I added "match ip protocol 17 0xff" (UDP) to just see if it
changes anything. I don't understand why it only filters TCP, it should
behave the same unless I use "match ip protocol 17 0xff". It did filter
"match ip dst" for both TCP and UDP.

Does anyone have idea?

> filter priorities means alot
Hmm, I didn't know it means a lot, but does this have anything to do
with port filtering? If so, what changes should I make?

> and are you sure you want to limit destination(client) ports 
> not source(sever)?
Yes, I want to limit the destination port, since the server wants to be
fed at certain bitrate. (spoiled rotten)

Thanks!

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/