* [LARTC] Marks are ignored by classes
@ 2002-01-17 23:19 Scott Kaplan
2002-01-21 5:53 ` Arindam Haldar
0 siblings, 1 reply; 2+ messages in thread
From: Scott Kaplan @ 2002-01-17 23:19 UTC (permalink / raw)
To: lartc
Here is how I'm setting up my PRIO:
# iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 22 -j
MARK --set-mark 1
# iptables -A PREROUTING -i eth0 -t mangle -p tcp --sport 22 -j
MARK --set-mark 1
# iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --dport 22
-j MARK --set-mark 2
# iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --sport 22
-j MARK --set-mark 2
# tc qdisc del dev eth0 root handle 1:
# tc qdisc add dev eth0 root handle 1: prio bands 4 priomap 0 1
2 3 3 3 3 3 3 3 3 3 3 3 3 3
# tc qdisc add dev eth0 parent 1:1 handle 10: sfq
# tc qdisc add dev eth0 parent 1:2 handle 20: sfq
# tc qdisc add dev eth0 parent 1:3 handle 30: sfq
# tc qdisc add dev eth0 parent 1:4 handle 40: sfq
# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 4
fw classid 1:4
# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3
fw classid 1:3
# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 2
fw classid 1:2
# tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1
fw classid 1:1
Then I send a few SSH packets. The packets are marked in PREROUTING.
But why is everything winding up in 1:4? Also, if anyone knows why I am
marking 4 packets, but only 3 packets wind up in the qdisc, that would
be appreciated:
[root@boss root]# ./qos status
LAN Queues:
qdisc sfq 40: quantum 1514b
Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
qdisc sfq 30: quantum 1514b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 20: quantum 1514b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc sfq 10: quantum 1514b
Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
qdisc prio 1: bands 4 priomap 0 1 2 3 3 3 3 3 3 3 3 3 3 3 3 3
Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
IPTables:
Chain PREROUTING (policy ACCEPT 1050K packets, 257M bytes)
pkts bytes target prot opt in out source
destination
0 0 MARK tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 MARK set 0x1
2 216 MARK tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp spt:22 MARK set 0x1
2 216 MARK tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:!22 MARK set 0x2
0 0 MARK tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp spt:!22 MARK set 0x2
Chain OUTPUT (policy ACCEPT 50963 packets, 9269K bytes)
pkts bytes target prot opt in out source
destination
Scott Kaplan
Libritas
Suite 1300
180 Grand Avenue
Oakland, CA 94612
(510) 740-7701
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: [LARTC] Marks are ignored by classes
2002-01-17 23:19 [LARTC] Marks are ignored by classes Scott Kaplan
@ 2002-01-21 5:53 ` Arindam Haldar
0 siblings, 0 replies; 2+ messages in thread
From: Arindam Haldar @ 2002-01-21 5:53 UTC (permalink / raw)
To: lartc
hi
> Date: Thu, 17 Jan 2002 15:19:50 -0800
> From: "Scott Kaplan" <scott@libritas.com>
> To: <lartc@mailman.ds9a.nl>
> Subject: [LARTC] Marks are ignored by classes
>
> Here is how I'm setting up my PRIO:
>
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 22 -j
> MARK --set-mark 1
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp --sport 22 -j
> MARK --set-mark 1
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --dport 22
> -j MARK --set-mark 2
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp '!' --sport 22
> -j MARK --set-mark 2
> # tc qdisc del dev eth0 root handle 1:
> # tc qdisc add dev eth0 root handle 1: prio bands 4 priomap 0 1
> 2 3 3 3 3 3 3 3 3 3 3 3 3 3
im not sure what this is inted to as have never tried this... iahve have
tried marking & it does shapes--pls c at bottom ...
> # tc qdisc add dev eth0 parent 1:1 handle 10: sfq
> # tc qdisc add dev eth0 parent 1:2 handle 20: sfq
> # tc qdisc add dev eth0 parent 1:3 handle 30: sfq
> # tc qdisc add dev eth0 parent 1:4 handle 40: sfq
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 4
> fw classid 1:4
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3
> fw classid 1:3
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 2
> fw classid 1:2
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1
> fw classid 1:1
>
> Then I send a few SSH packets. The packets are marked in PREROUTING.
> But why is everything winding up in 1:4? Also, if anyone knows why I am
> marking 4 packets, but only 3 packets wind up in the qdisc, that would
> be appreciated:
>
> [root@boss root]# ./qos status
> LAN Queues:
> qdisc sfq 40: quantum 1514b
> Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 30: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 20: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 10: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc prio 1: bands 4 priomap 0 1 2 3 3 3 3 3 3 3 3 3 3 3 3 3
> Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
>
> IPTables:
> Chain PREROUTING (policy ACCEPT 1050K packets, 257M bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp dpt:22 MARK set 0x1
> 2 216 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp spt:22 MARK set 0x1
> 2 216 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp dpt:!22 MARK set 0x2
> 0 0 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp spt:!22 MARK set 0x2
>
> Chain OUTPUT (policy ACCEPT 50963 packets, 9269K bytes)
> pkts bytes target prot opt in out source
> destination
>
> Scott Kaplan
> Libritas
> Suite 1300
> 180 Grand Avenue
> Oakland, CA 94612
> (510) 740-7701
tc qdisc add dev eth1 root handle 2: cbq bandwidth 1000Kbit svpkt 1000
tc class add dev eth1 parent 2:0 classid 2:1 cbq bandwidth 1000Kbit rate
512Kbit allot 1514 weight 10Kbit prio 5 maxbrust 20 avpkt 1500 bounded
tc qdisc add dev eth1 parent 2:1 classid 2:105 est 2sec 10sec cbq
bandwidth 512Kbit rate 64Kbit allot 1514 weight 6 Kbit prio 5 maxbrust
10 avpkt 1500 bounded
tc qdisc add dev eth1 parent 2:105 sfq quantum 1514b perturb 10
tc filter add dev eth1 parent 2:0 protocol ip prio 1 handlw 91 fw
classid 2:105
.
.
similar for eth0
then..
iptables -t mangle -A PREROUTING -i eth1 -s <clients ips> -d < my lan>
-j MARK --set-mark 90
iptables -t mangle -A PREROUTING -i eth0 -s <mylan> -d <clientsips> -j
MARK --set-mark 91
& it works...
hope that will be some information for u !!
arindam
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-01-21 5:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-01-17 23:19 [LARTC] Marks are ignored by classes Scott Kaplan
2002-01-21 5:53 ` Arindam Haldar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.