* [LARTC] tc and iptables trouble
@ 2004-11-24 14:15 Lluís Gili
2004-11-24 14:59 ` Claudiu Gafton
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Lluís Gili @ 2004-11-24 14:15 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: text/plain, Size: 2114 bytes --]
Hi all
I have a trouble configuring the qdiscs, when I indicate the "perturb 10" option to tc, i gives me this error:
tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
RTNETLINK answers: Invalid argument
if I don't put the "perturb 10" option, it works.
another question is about iptables, when I indicate the " --set-mark" option:
iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
iptables: Invalid argument
which will be the problem?
I'm using Debian testing, with kernel 2.6.9 compiled with netfilter patches, iptables 1.2.11, iproute2 2.6.9-1, and I have these modules loaded:
Module Size Used by
ebt_mark_m 1096 -
ebt_mark 1096 -
ebtables 17768 -
ipt_mark 1128 -
sch_wrr 11176 -
sch_teql 4168 -
sch_dsmark 5224 -
cls_route 4936 -
ipt_tcpmss 1640 -
cls_tcindex 5256 -
cls_u32 5772 -
sch_ingress 2604 -
ipt_TCPMSS 3208 -
iptable_filter 1864 -
ipt_MARK 1512 -
cls_fw 3208 -
iptable_mangle 1832 -
ppp_async 7816 -
crc_ccitt 1512 -
ip_gre 8672 -
sch_esfq 4936 -
sch_netem 4808 -
ipt_connlimit 2248 -
ipt_connmark 1160 -
sch_gred 5704 -
sch_red 3368 -
sch_hfsc 16360 -
sch_cbq 13864 -
sch_prio 3528 -
sch_tbf 4168 -
iptable_nat 20264 -
ip_conntrack 37076 -
ip_tables 13440 -
ppp_mppe_mppc 13384 -
ppp_generic 17788 -
slhc 6312 -
sch_sfq 4168 -
sch_htb 20488 -
rtc 8640 -
8139too 16936 -
mii 3464 -
crc32 3688 -
Thank you for your time, and sorry my BAD english !!!
[-- Attachment #2: Type: text/html, Size: 6681 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] tc and iptables trouble
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
@ 2004-11-24 14:59 ` Claudiu Gafton
2004-11-24 15:21 ` Claudiu Gafton
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Claudiu Gafton @ 2004-11-24 14:59 UTC (permalink / raw)
To: lartc
On Wed, 2004-11-24 at 15:15 +0100, LluÃs Gili wrote:
> Hi all
> I have a trouble configuring the qdiscs, when I indicate the "perturb
> 10" option to tc, i gives me this error:
>
> tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
> RTNETLINK answers: Invalid argument
>
> if I don't put the "perturb 10" option, it works.
perturb 10 it's used by default!!!
nice parent class 5:1323 :o
> another question is about iptables, when I indicate the " --set-mark"
> option:
>
> iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
> iptables: Invalid argument
When you "--set-mark 1323", iptables try to transform it in HEX... give
it a lower value, like 132! 1323 in HEX = 52B and I think that it
doesn't know how to use 52B as a mark...
> which will be the problem?
> I'm using Debian testing, with kernel 2.6.9 compiled with netfilter
> patches, iptables 1.2.11, iproute2 2.6.9-1, and I have these modules
> loaded:
>
> Module Size Used by
> ebt_mark_m 1096 -
> ebt_mark 1096 -
> ebtables 17768 -
> ipt_mark 1128 -
> sch_wrr 11176 -
> sch_teql 4168 -
> sch_dsmark 5224 -
> cls_route 4936 -
> ipt_tcpmss 1640 -
> cls_tcindex 5256 -
> cls_u32 5772 -
> sch_ingress 2604 -
> ipt_TCPMSS 3208 -
> iptable_filter 1864 -
> ipt_MARK 1512 -
> cls_fw 3208 -
> iptable_mangle 1832 -
> ppp_async 7816 -
> crc_ccitt 1512 -
> ip_gre 8672 -
> sch_esfq 4936 -
> sch_netem 4808 -
> ipt_connlimit 2248 -
> ipt_connmark 1160 -
> sch_gred 5704 -
> sch_red 3368 -
> sch_hfsc 16360 -
> sch_cbq 13864 -
> sch_prio 3528 -
> sch_tbf 4168 -
> iptable_nat 20264 -
> ip_conntrack 37076 -
> ip_tables 13440 -
> ppp_mppe_mppc 13384 -
> ppp_generic 17788 -
> slhc 6312 -
> sch_sfq 4168 -
> sch_htb 20488 -
> rtc 8640 -
> 8139too 16936 -
> mii 3464 -
> crc32 3688 -
>
> Thank you for your time, and sorry my BAD english !!!
--
Claudiu Gafton <lartc@go.ro>
Alvatec Data SRL
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] tc and iptables trouble
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
2004-11-24 14:59 ` Claudiu Gafton
@ 2004-11-24 15:21 ` Claudiu Gafton
2004-11-24 15:41 ` Lopsch
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Claudiu Gafton @ 2004-11-24 15:21 UTC (permalink / raw)
To: lartc
On Wed, 2004-11-24 at 16:59 +0200, Claudiu Gafton wrote:
> On Wed, 2004-11-24 at 15:15 +0100, LluÃs Gili wrote:
> > Hi all
> > I have a trouble configuring the qdiscs, when I indicate the "perturb
> > 10" option to tc, i gives me this error:
> >
> > tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
> > RTNETLINK answers: Invalid argument
> >
> > if I don't put the "perturb 10" option, it works.
>
> perturb 10 it's used by default!!!
> nice parent class 5:1323 :o
>
> > another question is about iptables, when I indicate the " --set-mark"
> > option:
> >
> > iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
> > iptables: Invalid argument
>
> When you "--set-mark 1323", iptables try to transform it in HEX... give
> it a lower value, like 132! 1323 in HEX = 52B and I think that it
> doesn't know how to use 52B as a mark...
Oh.... sorry, it works ! I put in PREROUTING a MARK 1323 and it was
transformed OK into 0x52b !
I think that the problem it's the egress append! Please be more
specific!
>
> > which will be the problem?
> > I'm using Debian testing, with kernel 2.6.9 compiled with netfilter
> > patches, iptables 1.2.11, iproute2 2.6.9-1, and I have these modules
> > loaded:
> >
> > Module Size Used by
> > ebt_mark_m 1096 -
> > ebt_mark 1096 -
> > ebtables 17768 -
> > ipt_mark 1128 -
> > sch_wrr 11176 -
> > sch_teql 4168 -
> > sch_dsmark 5224 -
> > cls_route 4936 -
> > ipt_tcpmss 1640 -
> > cls_tcindex 5256 -
> > cls_u32 5772 -
> > sch_ingress 2604 -
> > ipt_TCPMSS 3208 -
> > iptable_filter 1864 -
> > ipt_MARK 1512 -
> > cls_fw 3208 -
> > iptable_mangle 1832 -
> > ppp_async 7816 -
> > crc_ccitt 1512 -
> > ip_gre 8672 -
> > sch_esfq 4936 -
> > sch_netem 4808 -
> > ipt_connlimit 2248 -
> > ipt_connmark 1160 -
> > sch_gred 5704 -
> > sch_red 3368 -
> > sch_hfsc 16360 -
> > sch_cbq 13864 -
> > sch_prio 3528 -
> > sch_tbf 4168 -
> > iptable_nat 20264 -
> > ip_conntrack 37076 -
> > ip_tables 13440 -
> > ppp_mppe_mppc 13384 -
> > ppp_generic 17788 -
> > slhc 6312 -
> > sch_sfq 4168 -
> > sch_htb 20488 -
> > rtc 8640 -
> > 8139too 16936 -
> > mii 3464 -
> > crc32 3688 -
> >
> > Thank you for your time, and sorry my BAD english !!!
--
Claudiu Gafton <lartc@go.ro>
Alvatec Data SRL
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] tc and iptables trouble
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
2004-11-24 14:59 ` Claudiu Gafton
2004-11-24 15:21 ` Claudiu Gafton
@ 2004-11-24 15:41 ` Lopsch
2004-11-25 11:27 ` Lluís Gili
2004-11-27 3:33 ` Lluis
4 siblings, 0 replies; 6+ messages in thread
From: Lopsch @ 2004-11-24 15:41 UTC (permalink / raw)
To: lartc
Lluís Gili schrieb:
> Hi all
> I have a trouble configuring the qdiscs, when I indicate the "perturb 10" option to tc, i gives me this error:
>
> tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
> RTNETLINK answers: Invalid argument
>
> if I don't put the "perturb 10" option, it works.
>
> another question is about iptables, when I indicate the " --set-mark" option:
>
> iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
> iptables: Invalid argument
>
Egress is a Chain, in this case a user defined chain. It doesn´t stand
for the egress used with qdiscs. If you didn´t use a command like this
iptables -N egress, there isn´t a chain like egress.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] tc and iptables trouble
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
` (2 preceding siblings ...)
2004-11-24 15:41 ` Lopsch
@ 2004-11-25 11:27 ` Lluís Gili
2004-11-27 3:33 ` Lluis
4 siblings, 0 replies; 6+ messages in thread
From: Lluís Gili @ 2004-11-25 11:27 UTC (permalink / raw)
To: lartc
> Lluís Gili schrieb:
> > Hi all
> > I have a trouble configuring the qdiscs, when I indicate the "perturb
10" option to tc, i gives me this error:
> >
> > tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
> > RTNETLINK answers: Invalid argument
> >
> > if I don't put the "perturb 10" option, it works.
>
> perturb 10 it's used by default!!!
> nice parent class 5:1323 :o
>
I think that "perturb 0" is used by default (see
http://lartc.org/howto/lartc.qdisc.classless.html#LARTC.SFQ)
anyway, I put any other valor and it don't works :(
> >
> > another question is about iptables, when I indicate the " --set-mark"
option:
> >
> > iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
> > iptables: Invalid argument
> >
> Egress is a Chain, in this case a user defined chain. It doesn´t stand
> for the egress used with qdiscs. If you didn´t use a command like this
> iptables -N egress, there isn´t a chain like egress.
>
>
>> When you "--set-mark 1323", iptables try to transform it in HEX... give
>> it a lower value, like 132! 1323 in HEX = 52B and I think that it
>> doesn't know how to use 52B as a mark...
>Oh.... sorry, it works ! I put in PREROUTING a MARK 1323 and it was
>transformed OK into 0x52b !
>I think that the problem it's the egress append! Please be more
>specific!
I have this Chain created, I think it is not the problem.
I see this message in syslog:
Nov 25 09:49:04 epia -- MARK --
Nov 25 10:00:05 epia kernel: MARK: targinfosize 4 != 8
I'm installing QOS in a embeded Debian on a Compact Flash, using the
http://gate-bunker.p6.msu.ru/~berk/router.html script. I had to patch and
compile kernel 2.6.9, iptables and iproute in another PC and I used debmake
and debuild for build .deb packets, using the "Multi-binary" option in
"deb-make". Debuild created the .deb files and I can install it tho the
embeded... When I do "dpkg -l" the iproute2 and iptables packets appear like
this:
ii iproute2 2.6.9-1 Missing
ii iptables 1.2.11-1 Missing
Here is all I do:
route add -net 10.0.0.0 netmask 255.255.255.0 gw 172.16.0.1
iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/8 -j SNAT --to
172.16.0.45
tc qdisc add dev eth1 root handle 5: htb default 20
tc class add dev eth1 parent 5: classid 5:1 htb rate 1300kbit burst 15k
iptables -t mangle -N ingress
iptables -t mangle -A POSTROUTING -o eth1 -j ingress
tc qdisc add dev eth0 root handle 5: htb default 20
tc class add dev eth0 parent 5: classid 5:1 htb rate 500kbit burst 15k
iptables -t mangle -N egress
iptables -t mangle -A POSTROUTING -o eth0 -j egress
tc class add dev eth0 parent 5:1 classid 5:1323 htb rate 128kbit ceil
128kbit burst 6k prio 5
tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10 #FAILS!
tc filter add dev eth0 parent 5: protocol ip handle 1323 pref 1323 fw
classid 5:1323
tc class add dev eth1 parent 5:1 classid 5:1323 htb rate 256kbit ceil
256kbit burst 6k prio 5
tc qdisc add dev eth1 parent 5:1323 handle 1323 sfq perturb 10 #FAILS!
tc filter add dev eth1 parent 5: protocol ip handle 1323 pref 1323 fw
classid 5:1323
iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323 #FAILS!
iptables -t mangle -A ingress -d 10.0.0.124 -j MARK --set-mark 1323 #FAILS!
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [LARTC] tc and iptables trouble
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
` (3 preceding siblings ...)
2004-11-25 11:27 ` Lluís Gili
@ 2004-11-27 3:33 ` Lluis
4 siblings, 0 replies; 6+ messages in thread
From: Lluis @ 2004-11-27 3:33 UTC (permalink / raw)
To: lartc
el Dijous 25 Novembre 2004 12:27, Lluís Gili va escriure:
> > Lluís Gili schrieb:
> > > Hi all
> > > I have a trouble configuring the qdiscs, when I indicate the "perturb
>
> 10" option to tc, i gives me this error:
> > > tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10
> > > RTNETLINK answers: Invalid argument
> > >
> > > if I don't put the "perturb 10" option, it works.
It still doesn't works
> > > another question is about iptables, when I indicate the " --set-mark"
>
> option:
> > > iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323
> > > iptables: Invalid argument
> >
I reapplied the patches of iptables and recompiled it and now it works (I
didn't applied the patches correctly :P )
> I see this message in syslog:
>
> Nov 25 09:49:04 epia -- MARK --
> Nov 25 10:00:05 epia kernel: MARK: targinfosize 4 != 8
>
> I'm installing QOS in a embeded Debian on a Compact Flash, using the
> http://gate-bunker.p6.msu.ru/~berk/router.html script. I had to patch and
> compile kernel 2.6.9, iptables and iproute in another PC and I used debmake
> and debuild for build .deb packets, using the "Multi-binary" option in
> "deb-make". Debuild created the .deb files and I can install it tho the
> embeded... When I do "dpkg -l" the iproute2 and iptables packets appear
> like this:
> ii iproute2 2.6.9-1 Missing
> ii iptables 1.2.11-1 Missing
>
> Here is all I do:
>
> route add -net 10.0.0.0 netmask 255.255.255.0 gw 172.16.0.1
> iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/8 -j SNAT --to
> 172.16.0.45
>
> tc qdisc add dev eth1 root handle 5: htb default 20
> tc class add dev eth1 parent 5: classid 5:1 htb rate 1300kbit burst 15k
> iptables -t mangle -N ingress
> iptables -t mangle -A POSTROUTING -o eth1 -j ingress
>
> tc qdisc add dev eth0 root handle 5: htb default 20
> tc class add dev eth0 parent 5: classid 5:1 htb rate 500kbit burst 15k
> iptables -t mangle -N egress
> iptables -t mangle -A POSTROUTING -o eth0 -j egress
>
> tc class add dev eth0 parent 5:1 classid 5:1323 htb rate 128kbit ceil
> 128kbit burst 6k prio 5
> tc qdisc add dev eth0 parent 5:1323 handle 1323 sfq perturb 10 #FAILS!
> tc filter add dev eth0 parent 5: protocol ip handle 1323 pref 1323 fw
> classid 5:1323
>
> tc class add dev eth1 parent 5:1 classid 5:1323 htb rate 256kbit ceil
> 256kbit burst 6k prio 5
> tc qdisc add dev eth1 parent 5:1323 handle 1323 sfq perturb 10 #FAILS!
> tc filter add dev eth1 parent 5: protocol ip handle 1323 pref 1323 fw
> classid 5:1323
>
> iptables -t mangle -A egress -s 10.0.0.124 -j MARK --set-mark 1323 #FAILS!
> iptables -t mangle -A ingress -d 10.0.0.124 -j MARK --set-mark 1323 #FAILS!
>
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
--
ID 0x834D5708
wget http://www.awacat.com/clausGPG/publica_tictac.asc
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-11-27 3:33 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-24 14:15 [LARTC] tc and iptables trouble Lluís Gili
2004-11-24 14:59 ` Claudiu Gafton
2004-11-24 15:21 ` Claudiu Gafton
2004-11-24 15:41 ` Lopsch
2004-11-25 11:27 ` Lluís Gili
2004-11-27 3:33 ` Lluis
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.