* tc and virtual interfaces
@ 2009-07-10 12:01 Fabio Marcone
2009-07-10 13:08 ` Pascal Hambourg
2009-07-10 13:22 ` Jorge Dávila
0 siblings, 2 replies; 7+ messages in thread
From: Fabio Marcone @ 2009-07-10 12:01 UTC (permalink / raw)
To: netfilter
Hi all,
I need to add traffic shaping in a linux router (debian) and I need to
understand tc behaviour with virtual interfaces.
Examples:
I have eth0 and eth0:0, if I set a limit on eth0 datarate, is also
eth0:0 involved?
...or...
If I have a tunnel OpenVPN (tun0) on eth0, how is managed data rate limit?
Thanks in advance,
Fabio (I hope this post is not OT)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 12:01 tc and virtual interfaces Fabio Marcone
@ 2009-07-10 13:08 ` Pascal Hambourg
2009-07-10 13:54 ` Fabio Marcone
2009-07-10 13:22 ` Jorge Dávila
1 sibling, 1 reply; 7+ messages in thread
From: Pascal Hambourg @ 2009-07-10 13:08 UTC (permalink / raw)
Cc: netfilter
Hello,
Fabio Marcone a écrit :
> Hi all,
> I need to add traffic shaping in a linux router (debian) and I need to
> understand tc behaviour with virtual interfaces.
>
> Examples:
> I have eth0 and eth0:0, if I set a limit on eth0 datarate, is also
> eth0:0 involved?
eth0:0 is not an interface, it is an IPv4 alias on eth0. The real and
only interface here is eth0.
> ...or...
> If I have a tunnel OpenVPN (tun0) on eth0, how is managed data rate limit?
tun0 is an interface on its own. However, if encapsulating traffic
happens to go through eth0, it will be affected by traffic shaping just
as any other traffic going through eth0.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 12:01 tc and virtual interfaces Fabio Marcone
2009-07-10 13:08 ` Pascal Hambourg
@ 2009-07-10 13:22 ` Jorge Dávila
1 sibling, 0 replies; 7+ messages in thread
From: Jorge Dávila @ 2009-07-10 13:22 UTC (permalink / raw)
To: Fabio Marcone; +Cc: netfilter
Good morning,
AFAIK iptables does not allow rules applied to eth0:x, the rules must
be applied to the physical interface ( eth0 ).
My suggestion for you is apply traffic shapping to the physical
interface and create rules in table mangle of iptables to identify the
traffic.
By example, create a class with tc to limit the ipsec traffic going
through the ipsec interface and other class for the traffic going
through the tun devices.
Then, using filters created with tc or by rules in the mangle table,
you can identify the traffic, set the class.
The scenary will be a little bit more complicated if you want filter
traffic going through the tunnels both I think that can be acomplished
but this will be added unnecesary complexity to the environment.
Jorge Dávila.
On Fri, Jul 10, 2009 at 6:01 AM, Fabio Marcone<fabio.marcone@duet.it> wrote:
> Hi all,
> I need to add traffic shaping in a linux router (debian) and I need to
> understand tc behaviour with virtual interfaces.
>
> Examples:
> I have eth0 and eth0:0, if I set a limit on eth0 datarate, is also eth0:0
> involved?
> ...or...
> If I have a tunnel OpenVPN (tun0) on eth0, how is managed data rate limit?
>
> Thanks in advance,
> Fabio (I hope this post is not OT)
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
Jorge Isaac Dávila López
+505 8430 5462
jorgedavilalopez@gmail.com
---
Esta tierra es Linux. En las noches calladas puede escucharse a las
máquinas Windows re-iniciándose...
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 13:08 ` Pascal Hambourg
@ 2009-07-10 13:54 ` Fabio Marcone
2009-07-10 13:56 ` Jorge Dávila
0 siblings, 1 reply; 7+ messages in thread
From: Fabio Marcone @ 2009-07-10 13:54 UTC (permalink / raw)
To: netfilter
thanks for your reply,
>
> eth0:0 is not an interface, it is an IPv4 alias on eth0. The real and
> only interface here is eth0.
ok, so I can't set up a queue on it, isn't it?
>
> tun0 is an interface on its own. However, if encapsulating traffic
> happens to go through eth0, it will be affected by traffic shaping
> just as any other traffic going through eth0.
ok, and I can limit datarate on tun0 and on eth0 ? the first is applied
only on vpn packets and the last on all eth0 outgoinig traffic I think...
thanks,
Fabio
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 13:54 ` Fabio Marcone
@ 2009-07-10 13:56 ` Jorge Dávila
2009-07-10 14:00 ` Jorge Bastos
2009-07-10 14:06 ` Karel Rericha
0 siblings, 2 replies; 7+ messages in thread
From: Jorge Dávila @ 2009-07-10 13:56 UTC (permalink / raw)
To: Fabio Marcone; +Cc: netfilter
The traffic shapping must be applied to the physical interface ( eth0
in this case).
Jorge Dávila.
On Fri, Jul 10, 2009 at 7:54 AM, Fabio Marcone<fabio.marcone@duet.it> wrote:
> thanks for your reply,
>>
>> eth0:0 is not an interface, it is an IPv4 alias on eth0. The real and only
>> interface here is eth0.
>
> ok, so I can't set up a queue on it, isn't it?
>
>>
>> tun0 is an interface on its own. However, if encapsulating traffic happens
>> to go through eth0, it will be affected by traffic shaping just as any other
>> traffic going through eth0.
>
> ok, and I can limit datarate on tun0 and on eth0 ? the first is applied only
> on vpn packets and the last on all eth0 outgoinig traffic I think...
>
>
> thanks,
> Fabio
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
Jorge Isaac Dávila López
+505 8430 5462
jorgedavilalopez@gmail.com
---
Esta tierra es Linux. En las noches calladas puede escucharse a las
máquinas Windows re-iniciándose...
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 13:56 ` Jorge Dávila
@ 2009-07-10 14:00 ` Jorge Bastos
2009-07-10 14:06 ` Karel Rericha
1 sibling, 0 replies; 7+ messages in thread
From: Jorge Bastos @ 2009-07-10 14:00 UTC (permalink / raw)
To: Jorge Dávila; +Cc: Fabio Marcone, netfilter
> The traffic shapping must be applied to the physical interface ( eth0
> in this case).
>
> Jorge Dávila.
I have some king of setup with ifaces alias, and do shaping based on IP's
instead of the iface to be able to control that
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: tc and virtual interfaces
2009-07-10 13:56 ` Jorge Dávila
2009-07-10 14:00 ` Jorge Bastos
@ 2009-07-10 14:06 ` Karel Rericha
1 sibling, 0 replies; 7+ messages in thread
From: Karel Rericha @ 2009-07-10 14:06 UTC (permalink / raw)
To: netfilter
2009/7/10 Jorge Dávila <jorgedavilalopez@gmail.com>:
> The traffic shapping must be applied to the physical interface ( eth0
> in this case).
It is not exactly correct. AFAIK you can bind traffic shaping to
bridged interface, imq or ifb. Maybe even more I am not aware of.
But I dont know if it will help in this case.
Karel
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2009-07-10 14:06 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-07-10 12:01 tc and virtual interfaces Fabio Marcone
2009-07-10 13:08 ` Pascal Hambourg
2009-07-10 13:54 ` Fabio Marcone
2009-07-10 13:56 ` Jorge Dávila
2009-07-10 14:00 ` Jorge Bastos
2009-07-10 14:06 ` Karel Rericha
2009-07-10 13:22 ` Jorge Dávila
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.