* [LARTC] htb and iptables marked packets question
@ 2004-12-27 15:27 Felipe Ceglia
2004-12-28 19:31 ` Stef Coene
2004-12-28 22:28 ` Francisco Pereira
0 siblings, 2 replies; 3+ messages in thread
From: Felipe Ceglia @ 2004-12-27 15:27 UTC (permalink / raw)
To: lartc
Hi folks,
I have a strange situation. When I add branches to the tree, everything
goes to the default class.
The error might be obvious, but I cannot find it. I would really appreciate
your help.
this works, nothing goes to "1:9999":
#############################################################################
/sbin/iptables -F -t mangle
/sbin/tc qdisc del dev eth1 root > /dev/null 2>&1
/sbin/tc qdisc add dev eth1 root handle 1: htb default 9999
/sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 100Mbit ceil 100Mbit
/sbin/tc class add dev eth1 parent 1:1 classid 1:9999 htb rate 128kbit
/sbin/tc class add dev eth1 parent 1:1 classid 1:4 htb rate 100Mbit
/sbin/tc class add dev eth1 parent 1:4 classid 1:28 htb rate 510kbit
#
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.0.0/16 -j MARK
--set-mark 4
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 4 fw
flowid 1:4
#
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.200.0/24 -j MARK
--set-mark 28
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 28 fw
flowid 1:28
#############################################################################
when I add subclasses to "1:28", traffic goes to "1:34" and "1:35", but
exceeding traffic goes to "1:9999" instead of being placed at "1:28":
#############################################################################
/sbin/iptables -F -t mangle
/sbin/tc qdisc del dev eth1 root > /dev/null 2>&1
/sbin/tc qdisc add dev eth1 root handle 1: htb default 9999
/sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 100Mbit ceil 100Mbit
/sbin/tc class add dev eth1 parent 1:1 classid 1:9999 htb rate 128kbit
/sbin/tc class add dev eth1 parent 1:1 classid 1:4 htb rate 100Mbit
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.0.0/16 -j MARK
--set-mark 4
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 4 fw
flowid 1:4
#
/sbin/tc class add dev eth1 parent 1:4 classid 1:28 htb rate 510kbit
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.200.0/24 -j MARK
--set-mark 28
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 28 fw
flowid 1:28
#
/sbin/tc class add dev eth1 parent 1:28 classid 1:34 htb rate 64kbit
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.200.8/32 -j MARK
--set-mark 34
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 34 fw
flowid 1:34
#
/sbin/tc class add dev eth1 parent 1:28 classid 1:35 htb rate 64kbit
/sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.200.14/32 -j
MARK --set-mark 35
/sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 35 fw
flowid 1:35
#############################################################################
iptables says:
iptables -L -n -v -t mangle
Chain PREROUTING (policy ACCEPT 184K packets, 105M bytes)
pkts bytes target prot opt
in out source destination
Chain INPUT (policy ACCEPT 115K packets, 63M bytes)
pkts bytes target prot opt
in out source destination
Chain FORWARD (policy ACCEPT 68617 packets, 42M bytes)
pkts bytes target prot opt
in out source destination
Chain OUTPUT (policy ACCEPT 123K packets, 63M bytes)
pkts bytes target prot opt
in out source destination
Chain POSTROUTING (policy ACCEPT 191K packets, 105M bytes)
pkts bytes target prot opt
in out source destination
1827 1990K
MARK all -- * eth1 0.0.0.0/0 192.168.0.0/16
MARK set 0x4
1827 1990K
MARK all -- * eth1 0.0.0.0/0 192.168.200.0/24
MARK set 0x1c
174 245K
MARK all -- * eth1 0.0.0.0/0 192.168.200.8
MARK set 0x22
30 10519
MARK all -- * eth1 0.0.0.0/0 192.168.200.14
MARK set 0x23
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] htb and iptables marked packets question
2004-12-27 15:27 [LARTC] htb and iptables marked packets question Felipe Ceglia
@ 2004-12-28 19:31 ` Stef Coene
2004-12-28 22:28 ` Francisco Pereira
1 sibling, 0 replies; 3+ messages in thread
From: Stef Coene @ 2004-12-28 19:31 UTC (permalink / raw)
To: lartc
On Monday 27 December 2004 16:27, Felipe Ceglia wrote:
> Hi folks,
>
> I have a strange situation. When I add branches to the tree, everything
> goes to the default class.
> The error might be obvious, but I cannot find it. I would really appreciate
> your help.
<snip>
> MARK set 0x1c
This is in hex. Put 0x before the mark in the iptables and the match in the
tc command to make sure they are all in hex.
Stef
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] htb and iptables marked packets question
2004-12-27 15:27 [LARTC] htb and iptables marked packets question Felipe Ceglia
2004-12-28 19:31 ` Stef Coene
@ 2004-12-28 22:28 ` Francisco Pereira
1 sibling, 0 replies; 3+ messages in thread
From: Francisco Pereira @ 2004-12-28 22:28 UTC (permalink / raw)
To: lartc
Hi.
Felipe Ceglia wrote:
> Hi folks,
>
> I have a strange situation. When I add branches to the tree, everything
> goes to the default class.
> The error might be obvious, but I cannot find it. I would really
> appreciate your help.
I think it's the expected behaviour.
>
> this works, nothing goes to "1:9999":
perhaps all the traffic you generate to test was marked by the iptables
rules and then classified by that.
btw in this order the rule for 192.168.200.0/24 never matches, because
the rule for 192.168.0.0/16 matches always first.
> #############################################################################
> /sbin/iptables -F -t mangle
> /sbin/tc qdisc del dev eth1 root > /dev/null 2>&1
> /sbin/tc qdisc add dev eth1 root handle 1: htb default 9999
That's whats the default parameter is for ^^^^
Traffic not classified goes to the default.
> /sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 100Mbit ceil 100Mbit
> /sbin/tc class add dev eth1 parent 1:1 classid 1:9999 htb rate 128kbit
> /sbin/tc class add dev eth1 parent 1:1 classid 1:4 htb rate 100Mbit
> /sbin/tc class add dev eth1 parent 1:4 classid 1:28 htb rate 510kbit
> #
> /sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.0.0/16 -j MARK --set-mark 4
> /sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 4 fw flowid 1:4
> #
> /sbin/iptables -A POSTROUTING -o eth1 -t mangle -d 192.168.200.0/24 -j MARK --set-mark 28
> /sbin/tc filter add dev eth1 protocol ip parent 1:0 prio 3 handle 28 fw flowid 1:28
> #############################################################################
>
>
>
>
> when I add subclasses to "1:28", traffic goes to "1:34" and "1:35", but
> exceeding traffic goes to "1:9999" instead of being placed at "1:28":
> #############################################################################
>
> /sbin/tc qdisc add dev eth1 root handle 1: htb default 9999
That's whats the default parameter is for ^^^^
Regards,
Francisco.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-12-28 22:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-12-27 15:27 [LARTC] htb and iptables marked packets question Felipe Ceglia
2004-12-28 19:31 ` Stef Coene
2004-12-28 22:28 ` Francisco Pereira
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.