* [LARTC] Problem with HTB and IPTABLES
@ 2005-06-22 20:54 leandro
0 siblings, 0 replies; 2+ messages in thread
From: leandro @ 2005-06-22 20:54 UTC (permalink / raw)
To: lartc
[-- Attachment #1.1: Type: text/plain, Size: 4675 bytes --]
Dear All,
I’m working with Fedora Core 3, kernel 2.9.1, MPLS-for-Linux-4.193, and
having some problems when create a HTB queue. ALL packets goes to the
default queue, they don’t care about any mark or ip field I use to enqueue
them. : -/
That’s the deal, all packets that incoming the interface eth2 are classified
and have theirs TOS field changed following some qos policy at the
PREROUTING LEVEL.
Next, all packets are marked following the tos field previous changed, and
them enqueued and labeled following the iptables marks.
I’ve checked using ethereal, and all the packets’ TOS field are been
correctly changed, and the packets are been sent to the right mpls tunnel
with the right label, proving that the iptables are correctly marking the
packets.
Allthrought, the packets doesn’t go to the right class queue… all them goes
to the default htb queue.
Could some one give me some tips?
tc qdisc add dev eth1 root handle 1: htb default 13
tc class add dev eth1 parent 1: classid 1:1 htb rate 1Mbit ceil 1Mbit
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 400kbit ceil 600kbit
prio 0
tc class add dev eth1 parent 1:1 classid 1:11 htb rate 300kbit ceil 800kbit
prio 1
tc class add dev eth1 parent 1:1 classid 1:12 htb rate 200kbit ceil 700kbit
prio 2
tc class add dev eth1 parent 1:1 classid 1:13 htb rate 100kbit ceil 600kbit
prio 2
tc qdisc add dev eth1 parent 1:10 handle 100: sfq perturb 10
tc qdisc add dev eth1 parent 1:11 handle 110: sfq perturb 10
tc qdisc add dev eth1 parent 1:12 handle 120: sfq perturb 10
tc qdisc add dev eth1 parent 1:13 handle 130: sfq perturb 10
tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 1 fw classid
1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 2 handle 2 fw classid
1:11
tc filter add dev eth1 parent 1:0 protocol ip prio 3 handle 3 fw classid
1:12
tc filter add dev eth1 parent 1:0 protocol ip prio 4 handle 4 fw classid
1:13
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Delay -j MARK
--set-mark 0x1
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Delay -j
RETURN
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Throughput -j
MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Throughput -j
RETURN
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Cost -j MARK
--set-mark 0x3
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Minimize-Cost -j
RETURN
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Reliability
-j MARK --set-mark 0x4
iptables -t mangle -A PREROUTING -i eth2 -m tos --tos Maximize-Reliability
-j RETURN
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 4321 -j TOS
--set-tos Minimize-Delay
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 4321 -j RETURN
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 25 -j TOS --set-tos
Minimize-Cost
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 25 -j RETURN
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -j TOS --set-tos
Maximize-Throughput
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -j RETURN
iptables -t mangle -A PREROUTING -i eth2 -p icmp -j TOS --set-tos
Maximize-Reliability
tc -s class show dev eth1
class htb 1:1 root rate 1Mbit ceil 1Mbit burst 100kb cburst 2264b
Sent 74465 bytes 142 pkts (dropped 0, overlimits 0)
rate 712bps 5pps
lended: 4 borrowed: 0 giants: 0
tokens: 34107 ctokens: 34107
class htb 1:10 parent 1:1 leaf 100: prio 0 rate 400Kbit ceil 600Kbit burst
1803b cburst 1957b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 0 ctokens: 0
class htb 1:11 parent 1:1 leaf 110: prio 1 rate 300Kbit ceil 800Kbit burst
1650b cburst 1701b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 0 ctokens: 0
class htb 1:12 parent 1:1 leaf 120: prio 2 rate 200Kbit ceil 700Kbit burst
1680b cburst 1711b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
lended: 0 borrowed: 0 giants: 0
tokens: 0 ctokens: 0
class htb 1:13 parent 1:1 leaf 130: prio 2 rate 100Kbit ceil 600Kbit burst
1680b cburst 1701b
Sent 58744 bytes 152 pkts (dropped 0, overlimits 0)
rate 3Kbit 1pps
lended: 148 borrowed: 4 giants: 0
tokens: 202125 ctokens: 163799
Leandro Ramalho Fróio
Analista de Redes
RHOX - Redes Corporativas
Tel: (61) 361-1466 ext: 253
<mailto:leandro@rhox.com.br> leandro@rhox.com.br
[-- Attachment #1.2: Type: text/html, Size: 19420 bytes --]
[-- Attachment #2: Type: text/plain, Size: 143 bytes --]
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] Problem with HTB and IPTABLES
@ 2005-07-10 20:23 Andy Furniss
0 siblings, 0 replies; 2+ messages in thread
From: Andy Furniss @ 2005-07-10 20:23 UTC (permalink / raw)
To: lartc
leandro wrote:
>
> I’ve checked using ethereal, and all the packets’ TOS field are been
> correctly changed, and the packets are been sent to the right mpls tunnel
> with the right label, proving that the iptables are correctly marking the
> packets.
Total guess but try using protocol all rather than protocol ip in the
filter rules.
Andy.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-07-10 20:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-10 20:23 [LARTC] Problem with HTB and IPTABLES Andy Furniss
-- strict thread matches above, loose matches on Subject: below --
2005-06-22 20:54 leandro
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.