Re: [LARTC] iptables CLASSIFY and MARK not working?

From: Patrick McHardy <kaber@trash.net>
To: "Eliot, Wireless and Server Administrator,
	 Great Lakes Internet" <support8@greatlakes.net>
Cc: lartc@mailman.ds9a.nl,
	Netfilter Development Mailinglist
	<netfilter-devel@lists.netfilter.org>
Subject: Re: [LARTC] iptables CLASSIFY and MARK not working?
Date: Thu, 01 Jun 2006 19:44:12 +0000	[thread overview]
Message-ID: <447F438C.4080606@trash.net> (raw)
In-Reply-To: <0633E0EDB4F25F43A2D7179CA11FAFAB255419@xavier.staff.greatlakes.net>

Eliot, Wireless and Server Administrator, Great Lakes Internet wrote:
> Both devices (br1 and wivl4) are bridged interfaces with spanning tree
> turned on. They also do VLANs. Specifically, vconfig was used to create
> a VLAN (in this case, VLAN 4) on two interfaces: eth2 and eth3. These
> two VLAN interfaces were called e2v4 and e3v4. Then, brctl was used to
> bridge the two VLAN interfaces (e2v4 and e3v4) into a new interface
> called wivl4. Spanning tree was then enabled on wivl4. The MTU size was
> then adjusted -4 bytes to accommodate the VLAN tagging. 

Any chance you got bridge netfilter enabled? If so please disable
it and try again (or set the bridge-nf-call-iptables sysctl to 0).

> Also, did you happen to try my specific rules (under different devices)
> to see if they work? 

No, just tried CLASSIFY with my own HFSC setup, which is pretty
similar.

> If possible, could you try creating a VLAN interface and test on that
> interface? Then try a bridged interface. And finally, a bridged VLAN
> interface. 
> 
> I will try to set this all up on a different machine without the bridged
> VLANs and see if it works there.

I checked the code, neither VLAN nor bridge should matter.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc