Re: [LARTC] Problem with marking packets...

[Konrad <kcem@tlen.pl>]

[-- Attachment #1: Type: text/plain, Size: 454 bytes --]

Andy wrote:
> Konrad wrote:
> 
>>  > So I assume the routing is working OK.
>> Yes... routing is working well.
> 
> 
> OK - I am still confused about what interfaces you have your script uses 
> 1 2 and 3.

> That rule will send all packets going through postrouting to imq1 
> whether they are going inside or outside ...

OK. You right... never mind.

I will try to explain You:P

I attached file... with code, and comments and explanation of problem.

[-- Attachment #2: inc_file.txt --]
[-- Type: text/plain, Size: 4959 bytes --]

isp=0; v=1
for device in $dev_isp #one time for one link...
do

# Calculations - in array ext_upl i have speed of interfaces.
tmp=$(echo "scale=3; ${ext_upl[$isp]}%$ile" | bc) #the rest from division. All users have guaranted speed.
min=$(echo "scale=3; ${ext_upl[$isp]}/$ile" | bc) #I divide by number of IP the maximum speed.
pri_min=$(echo "scale=3; $min/2+$min%2" | bc) #Divide by 2... to create two classes - prio 1 & prio 2.
sec_min=$(echo "scale=3; $min/2" | bc)
max=${ext_upl[$isp]} #Maximum speed...

(...)

qu0=`printf "%x\n" $v`#Hexadecimal numeration queues. - qu0 is the number of link queue.
$TC class add dev imq1 parent 2:0 classid 2:$qu0 htb rate ${ext_upl[$isp]}kbit ceil ${ext_upl[$isp]}kbit #link queue...
let "v=v+1" #counter:P
for usr in $zew
        do #Hexadecimal numeration classes.
        qu1=`printf "%x\n" $v` #qu1 is the number of user class.
        qu2=`printf "%x\n" $((v+1))` #qu2 is the number of high priority traffic class.
        qu3=`printf "%x\n" $((v+2))` #qu3 is the number of low priority traffic class.

        $TC class add dev imq1 parent 2:$qu0 classid 2:$qu1 htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum #users queues with user guaranted traffic rate and max link speed ceil.
        $TC class add dev imq1 parent 2:$qu1 classid 2:$qu2 htb rate ${pri_min}kbit ceil ${max}kbit prio 1 quantum $u_quantum #high priority traffic...
        (...)
        $TC class add dev imq1 parent 2:$qu1 classid 2:$qu3 htb rate ${sec_min}kbit ceil ${max}kbit prio 2 quantum $u_quantum #low priority...
        (...)
        $TC qdisc add dev imq1 parent 2:$qu2 sfq
        $TC qdisc add dev imq1 parent 2:$qu3 sfq
#This is the problem! Packets are being thrown to users class. I classify them using packets source IP.
#The problem doesn't exist if I do it for one link. But if I want second link - this rule match all traffic to first and second link:/
        $TC filter add dev imq1 protocol ip parent 2:0 pref 5 u32 match ip src $usr flowid 2:$qu1

#That I tried to solve this problem that...
        $TC filter add dev eth0 protocol ip parent 2:0 handle $((isp+1)) fw flowid 2:$qu0 #this match packets which going to interface, but unfortunately this doesn't working for POSTROUTING:/
        $TC filter add dev imq1 protocol ip parent 2:qu0 pref 5 u32 match ip src $usr flowid 2:$qu1
#CUT here :P
        (...) users filters...
        $TC filter add dev imq1 protocol ip parent 2:0 pref 1 u32 match ip src $usr match ip dport $p_squid 0xffff flowid 2:$qu2 #If squid miss, traffic will go to user queue.
        (...)
#Here I have LAN traffic queues.
(...)
if [ $sqd_spd -ne 0 ] && [ $p_squid != "" ]; then #Independent from LAN queue speed class for HIT Squid (I've patch... TOS). $p_squid = squid port...
        qu1=`printf "%x\n" $v`

        $TC class add dev imq1 parent 2:0 classid 2:$qu1 htb rate ${sqd_spd}Mbit ceil ${sqd_spd}Mbit quantum $u_quantum #sqd_spd - speed fo HIT traffic
        $TC qdisc add dev imq1 parent 2:$qu1 sfq
	for ipek in $lan_int ${zew/$srv_ext/}
        do
                $TC filter add dev imq1 protocol ip parent 2:0 pref 2 u32 match ip dst $ipek match ip sport $p_squid 0xffff flowid 2:$qu1 #this catch all traffic from source port Squid...
	done
	let "v=v+1"
fi
i=0
for ntr in $lan_int #LAN queues - $lan_int: 192.168.0.0/24 (eth2); 192.168.1.0/24 (eth3)... etc.
        do
        qu1=`printf "%x\n" $v` #Hexadecimal number of class..

        $TC class add dev imq1 parent 2:0 classid 2:$qu1 htb rate ${int_dwl[$i]}Mbit ceil ${int_dwl[$i]}Mbit quantum $u_quantum
        $TC qdisc add dev imq1 parent 2:$qu1 sfq
        for pri in ${ext[$i]}
                do
                for sec in ${zew/${ext[$i]}/} #External IP adresses.
                        do
                        $TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $sec match ip dst $pri flowid 2:$qu1
                        done
                done
        for sec in $dev_ext
                do
                $TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $sec match ip dst $ntr flowid 2:$qu1
                done
        for ipek in $lan_int ${zew/$srv_ext/} #Traffic between subnets and external IP
                do
                $TC filter add dev imq1 protocol ip parent 2:0 pref 4 u32 match ip src $ipek match ip dst $ntr flowid 2:$qu1
                done
        let "v=v+1"
        let "i=i+1"
        done

#All traffic is going to classes, but only users upload traffic, server download and traffic between subnets is queued
$IPTABLES -t mangle -A POSTROUTING -j IMQ --todev 1
$IP link set imq1 up

Everything is working for one link.
I do not know how can I put traffic to suitable link queues.
All filters that I wrote in this script uses IP adresses, subnets range of IP, source ports, destination ports, and TOS.

Never checked on which interface packet goes.
I wonder how to solve this for my route table and for load balancing... :/

[-- Attachment #3: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc