[LARTC] Network config no longer works with QoS enabled

[LARTC] Network config no longer works with QoS enabled

[Frank Maas]

Hi,

I have a linux box with 2 ethernet interfaces, one (eth1) to my internal
network, the other (eth0) to an ADSL modem. eth0 gets the IP address given
by the ISP via DHCP Spoofing from the modem, eth1 has an internal address
(10.x.x.x). The linux system has only IP tables running with the following
configuration:

# Generated by iptables-save v1.2.3 on Fri Nov 30 03:13:03 2001
*nat
:PREROUTING ACCEPT [4:336]
:POSTROUTING ACCEPT [1:68]
:OUTPUT ACCEPT [6:376]
-A POSTROUTING -o eth0 -j MASQUERADE 
COMMIT
# Completed on Fri Nov 30 03:13:03 2001
# Generated by iptables-save v1.2.3 on Fri Nov 30 03:13:03 2001
*filter
:INPUT ACCEPT [721:140547]
:FORWARD ACCEPT [365:30660]
:OUTPUT ACCEPT [802:82552]
-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -i eth1 -o eth0 -j ACCEPT 
COMMIT
# Completed on Fri Nov 30 03:13:03 2001

While hoping to tune the traffic queues a bit to solve the speed dip when using
both up and download, I turned on QoS in the kernel. From that moment on I can 
no longer visit the Internet via machines on my local net. It seems as if either
the masquerading no longer works, or (more probable) that packets of eth1 are
no longer forwarded to eth0 (or the other way around).

Now I have looked in the archives for a solution, but without much luck. This 
might still be a stupid question though, sorry for that beforehand. If you have
a solution/answer to this problem I (still) like to know.

Kind regards,

Frank
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

[LARTC] Network config no longer works with QoS enabled

[Frank Maas]

Hi,

I have a linux box with 2 ethernet interfaces, one (eth1) to my internal
network, the other (eth0) to an ADSL modem. eth0 gets the IP address given
by the ISP via DHCP Spoofing from the modem, eth1 has an internal address
(10.x.x.x). The linux system has only IP tables running with the following
configuration:

# Generated by iptables-save v1.2.3 on Fri Nov 30 03:13:03 2001
*nat
:PREROUTING ACCEPT [4:336]
:POSTROUTING ACCEPT [1:68]
:OUTPUT ACCEPT [6:376]
-A POSTROUTING -o eth0 -j MASQUERADE 
COMMIT
# Completed on Fri Nov 30 03:13:03 2001
# Generated by iptables-save v1.2.3 on Fri Nov 30 03:13:03 2001
*filter
:INPUT ACCEPT [721:140547]
:FORWARD ACCEPT [365:30660]
:OUTPUT ACCEPT [802:82552]
-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -i eth1 -o eth0 -j ACCEPT 
COMMIT
# Completed on Fri Nov 30 03:13:03 2001

In draft:

           .100     .1              213.x.y.z
Desktop PC -----|----- (eth1) linux (eth0) ------ ADSL router
                |
           (net: 10.2.2.x)

While hoping to tune the traffic queues a bit to solve the speed dip when using
both up and download, I turned on QoS in the kernel. From that moment on I can 
no longer visit the Internet via machines on my local net. It seems as if either
the masquerading no longer works, or (more probable) that packets of eth1 are
no longer forwarded to eth0 (or the other way around).

Now I have looked in the archives for a solution, but without much luck. This 
might still be a stupid question though, sorry for that beforehand. If you have
a solution/answer to this problem I (still) like to know.

Kind regards,

Frank
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/