* tc problems
@ 2009-07-14 14:44 Fabio Marcone
2009-07-14 17:22 ` Susan Hinrichs
2009-07-14 17:41 ` Anatoly Muliarski
0 siblings, 2 replies; 3+ messages in thread
From: Fabio Marcone @ 2009-07-14 14:44 UTC (permalink / raw)
To: netfilter
Hi!
I have a problem setting traffic shaping rules for routing packets.
scenario:
I have a linux router and two workstation that generate traffic to web
server in Internet.
I need to limit:
- w1 to 100Kb/s in upload and 1MB/s in download
- w2 to 200 Kb/s in upload and 2 MB/s in download
I know that I have to set upload limit on wan interface and download
limit on lan interface.
The problem is in download: how can I setup tc filter to recognize
response packets to w1 and to w2? only by ip? and if I use dhcp? Does
exist a way to use mac address?
Thanks in advance,
Fabio
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: tc problems
2009-07-14 14:44 tc problems Fabio Marcone
@ 2009-07-14 17:22 ` Susan Hinrichs
2009-07-14 17:41 ` Anatoly Muliarski
1 sibling, 0 replies; 3+ messages in thread
From: Susan Hinrichs @ 2009-07-14 17:22 UTC (permalink / raw)
To: Fabio Marcone; +Cc: netfilter
You can indeed use the MAC addess in a u32 match by using negative
offsets. See the faq article for details.
http://www.docum.org/docum.org/faq/cache/62.html
This will work to enforce your w1/w2 based download limits on the LAN
interface.
However, when your upload packets leave the WAN interface, the original
workstation MACs will be long gone before the TC processing occurs. You
could use the mac source tests in iptables and marks to propagate the
information to the TC phase.
Susan
On Tue, 2009-07-14 at 16:44 +0200, Fabio Marcone wrote:
> Hi!
> I have a problem setting traffic shaping rules for routing packets.
>
> scenario:
> I have a linux router and two workstation that generate traffic to web
> server in Internet.
> I need to limit:
> - w1 to 100Kb/s in upload and 1MB/s in download
> - w2 to 200 Kb/s in upload and 2 MB/s in download
>
> I know that I have to set upload limit on wan interface and download
> limit on lan interface.
> The problem is in download: how can I setup tc filter to recognize
> response packets to w1 and to w2? only by ip? and if I use dhcp? Does
> exist a way to use mac address?
>
> Thanks in advance,
> Fabio
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: tc problems
2009-07-14 14:44 tc problems Fabio Marcone
2009-07-14 17:22 ` Susan Hinrichs
@ 2009-07-14 17:41 ` Anatoly Muliarski
1 sibling, 0 replies; 3+ messages in thread
From: Anatoly Muliarski @ 2009-07-14 17:41 UTC (permalink / raw)
To: netfilter; +Cc: fabio.marcone
Hi Fabio,
Look at http://mailman.ds9a.nl/pipermail/lartc/2005q4/017633.html
--
Best regards
Anatoly Muliarski
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-07-14 17:41 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-14 14:44 tc problems Fabio Marcone
2009-07-14 17:22 ` Susan Hinrichs
2009-07-14 17:41 ` Anatoly Muliarski
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.