From: Radu Oprisan <radu@securesystems.ro>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] TC using vlan interface
Date: Thu, 22 Jun 2006 22:17:48 +0000 [thread overview]
Message-ID: <449B170C.8010704@securesystems.ro> (raw)
In-Reply-To: <00e801c69608$127b67e0$0900fe0a@LucianoNotebook>
Torsten Luettgert wrote:
> On Thu, 2006-06-22 at 11:28 -0300, Luciano wrote:
>
>> Hi all,
>>
>> Is it possible to use TC (HTB) in vlan interfaces ?
>> Where can I find more documentation ?
>>
>
> Yes, that is possible. VLAN interfaces are really
> different from the physical interface they reside
> on, kernel-wise.
>
> For example, if you put a 1 MBit HTB on eth0,
> but no qdisc on VLAN device eth0.1, traffic through
> eth0.1 won't be throttled at all. I suspect the same
> goes for iptables rules (but didn't try that yet).
>
>
Let me explain...
Due to the fact that vlan id's add some 4 bytes to the header of the
packet, tc filter does not work properly unless you feed it with an
offset and a hex match. I use 801.q and TC with iptables and tc filter
rules based on iptables mark with great success. I admit it is more
complicated this way, but it works...
iptables -A FORWARD -t mangle -d xxx.xxx.xxx.xxx -j MARK --set-mark 12
iptables -A FORWARD -t mangle -d xxx.xxx.xxx.xxx -j RETURN
tc class add dev eth0 parent 10:1 classid 10:112 htb rate 20Mbit ceil
20Mbit ..............
tc filter add dev eth0 parent 10:0 protocol 802.1q prio 90 handle 12 fw
flowid 10:112
tc qdisc add dev eth0 parent 10:112 handle 10112 sfq perturb 10
class htb 10:112 parent 10:1 leaf 112: prio 0 rate 20000Kbit ceil
20000Kbit burst 2Kb cburst 11597b
Sent 9638423935 bytes 12057262 pkt (dropped 0, overlimits 0 requeues 0)
rate 268048bit 37pps backlog 0b 0p requeues 0
lended: 11929727 borrowed: 127535 giants: 0
tokens: 806 ctokens: 4719
> For documentation, see the LARTC howto and the docs
> on the HTB home page. There are also some ready-made
> shaping scripts which can help you understanding how
> all this works.
>
> Regards,
> Torsten
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2006-06-22 22:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-22 14:28 [LARTC] TC using vlan interface Luciano
2006-06-22 16:47 ` Torsten Luettgert
2006-06-22 22:17 ` Radu Oprisan [this message]
2006-06-22 23:44 ` Torsten Luettgert
2006-06-22 23:54 ` Gafton Claudiu
2006-06-23 0:11 ` Radu Oprisan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=449B170C.8010704@securesystems.ro \
--to=radu@securesystems.ro \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.