From: nix4me <nix4me@cfl.rr.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] my shaping rules wont work on nat box
Date: Sat, 04 Mar 2006 15:42:48 +0000 [thread overview]
Message-ID: <4409B578.1030702@cfl.rr.com> (raw)
In-Reply-To: <4408D880.4060100@cfl.rr.com>
Markus Schulz wrote:
>you must mark your traffic in FORWARD or POSTROUTING chain. OUTPUT is
>only for locally generated traffic.
>
>
>
I have a 1 mbit upstream cable service (approx 120kbytes/sec)
Ok, here is my plan:
+---------+
| root 1: |
+---------+
|
+---------------------------------------+
| class 1:1 (1 mbit send speed total) |
+---------------------------------------+
| |
+-------------------+ +--------------------------+
|1:2 Default 1 mbit | |1:3 Capped outbound 105 Kb|
+-------------------+ +--------------------------+
| |
1:31 1:32
50k ceil 105K 50K ceil 105k
prio 2 prio 1
FTP traffic Email, ACK
This allows me to set a cap on 1:3 and then divide that cap into 2
classes. 1:31 for lower prio FTP traffic and 1:32 for higher prio email
and ACK traffic. This allows the FTP to consume all 105K until i send
an email or download a huge file, then the email or ACK from the
download can borrow from the ftp due to its higher priority.
All other traffic will be lumped into the default 1:2 (I think)
I will use these rules:
iptables -t mangle -I POSTROUTING -o eth1 -j BW-OUT
iptables -t mangle -A BW-OUT -m mark --mark 0 -j MARK --set-mark 20
iptables -t mangle -A BW-OUT -p tcp --sport 59999 -j MARK --set-mark 26
iptables -t mangle -A BW-OUT -p tcp --sport 50000:51000 -j MARK
--set-mark 26
iptables -t mangle -A BW-OUT -p tcp -m length --length :64 -j MARK
--set-mark 30
iptables -t mangle -A BW-OUT -m tcp -p tcp --dport 25 -j MARK --set-mark 35
tc qdisc add dev eth1 root handle 1: htb default 20
tc class add dev eth1 parent 1: classid 1:1 htb rate 1mbit
tc class add dev eth1 parent 1:1 classid 1:2 htb rate 1mbit
tc class add dev eth1 parent 1:1 classid 1:3 htb rate 105kbps
tc class add dev eth1 parent 1:3 classid 1:31 htb rate 50kbps ceil
105kbps prio 2
tc class add dev eth1 parent 1:3 classid 1:32 htb rate 50kbps ceil
105kbps prio 1
tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 20 fw
flowid 1:2
tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 26 fw
flowid 1:31
tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 30 fw
flowid 1:32
tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 35 fw
flowid 1:32
This should work on my linux router on eth1 which is the interface
facing the internet.
I am assuming that the POSTROUTING chain is the correct way to do this.
Any issues here?
nix4me
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
prev parent reply other threads:[~2006-03-04 15:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-04 0:00 [LARTC] my shaping rules wont work on nat box nix4me
2006-03-04 1:21 ` nix4me
2006-03-04 12:08 ` Markus Schulz
2006-03-04 15:42 ` nix4me [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4409B578.1030702@cfl.rr.com \
--to=nix4me@cfl.rr.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.