From: Michael Renzmann <lartc@nospam.otaku42.de>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] shaping domain names(www.xyz.com)
Date: Mon, 10 May 2004 05:19:02 +0000 [thread overview]
Message-ID: <409F10C6.4090301@otaku42.de> (raw)
In-Reply-To: <1083934416.409b86d04f7df@smwp01.maa.sify.net>
Hi.
Stef Coene wrote:
>>But tc sees the fwmark value that iptables has attached to a packet,
>>right? Hence the idea to accomplish the "destination host distinction"
>>with iptables-rules, setting fwmark accordingly and let tc decide on the
>>different fwmark values.
> But when do you see the hostname? In the dns request and maybe in the http
> request. For all other packets only the ip address is known.
The http requests surely will contain the hostname, at least in those
scenarios where a http-server is contacted that serves more than one
(sub)domain (*).
So, at least the first packet of an established http connection will
contain a "Host:"-line, which allows to mark that packet accordingly.
Every following packet that belongs to the same connection can be
handled with connection tracking, I think.
(*) There is a rare chance that no "Host: "-line is in the http-request,
but most probably these requests won't be a problem regarding the
necessity of controling their used bandwidth, since the client won't be
able to make use of all services of the server. So, if the solution
doesn't match these rare situations, it won't hurt, I suppose.
Well, I have to admit that I'm no iptables/tc-pro, so the idea I
described could be wrong. Also:
> Rereading the original post, I think he has an other problem.
Possibly. But maybe still another one than you described: he could be
the admin of the subnet the described users sit in, or the admin of the
mentioned server(s). Depending on this "point of view" different
solutions could apply. It would be good if the original poster could
clarify this aspect :)
Bye, Mike
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2004-05-10 5:19 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-07 12:23 [LARTC] shaping domain names(www.xyz.com) jayesh rathod
2004-05-07 13:37 ` Michael Renzmann
2004-05-07 18:14 ` Stef Coene
2004-05-08 7:08 ` Michael Renzmann
2004-05-08 18:45 ` Stef Coene
2004-05-10 5:19 ` Michael Renzmann [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=409F10C6.4090301@otaku42.de \
--to=lartc@nospam.otaku42.de \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.