All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Dmytro Redchuk" <dredchuk@kse.kiev.ua>
To: lartc@vger.kernel.org
Subject: RE: [LARTC] filters order - are they ordered?
Date: Tue, 16 Apr 2002 15:37:44 +0000	[thread overview]
Message-ID: <marc-lartc-101897151604304@msgid-missing> (raw)
In-Reply-To: <marc-lartc-101896618630473@msgid-missing>

 > >   So, in my current scenario it's optimal (as I think now)
 > >   to use both u32 and fw, but I wonder can I line-up my filters
 > >   in any order I wish?
 > The prio parameters the order the filters are checked.

So, I guess, I can set with "prio" and check "prefs" then?

Something is very strange for me ;-) - just take a look, please.

so.. (in more details, very sorry, if there is too much)

===========  MY "HTB INIT" SCRIPT  ===========
#!/bin/bash
#
#

# addresses here, of course:
PARTNER='blah_blah'

BIG_BOSS='foo_foo'
FAT_ADMN='moo_moo'

INTRANET='192.168.100.0/24'
DMZ_NET='bar_bar/29'

tc=/root/tc

tc_cadd="$tc class add dev eth0"

default=20

# add root qdisc:
$tc qdisc add dev eth0 root handle 1: htb default $default

# root class (whole eth0):
$tc_cadd parent 1: classid 1:1 htb rate 100Mbit ceil 100Mbit

# local traffic (almost whole eth0):
$tc_cadd parent 1:1 classid 1:$default htb rate 100Mbit ceil 100Mbit

# ppp bandwidth:
$tc_cadd parent 1:1 classid 1:10 htb rate 128kbit ceil 128kbit burst 12k
prio 0

  # add for BIG_BOSS and FAT_ADMN:
  $tc_cadd parent 1:10 classid 1:100 htb rate 20kbit ceil 128kbit burst
2k prio 0

    # for one of them:
    $tc_cadd parent 1:100 classid 1:210 htb rate 10kbit ceil 128kbit
burst 2k prio 0
    $tc qdisc add dev eth0 parent 1:210 handle 21: sfq perturb 10

    # for second one:
    $tc_cadd parent 1:100 classid 1:220 htb rate 10kbit ceil 128kbit
burst 2k prio 0
    $tc qdisc add dev eth0 parent 1:220 handle 22: sfq perturb 10


  # add for localnet and proxy:
  $tc_cadd parent 1:10 classid 1:300 htb rate 34kbit ceil 120kbit burst
2k prio 8
  $tc qdisc add dev eth0 parent 1:300 handle 30: sfq perturb 10

  # add for traffic to mail & pop:
  $tc_cadd parent 1:10 classid 1:400 htb rate 10kbit ceil 120kbit burst
2k prio 8
  $tc qdisc add dev eth0 parent 1:400 handle 40: sfq perturb 10

  # add for traffic from $PARTNER:
  $tc_cadd parent 1:10 classid 1:500 htb rate 64kbit ceil 128kbit burst
12k prio 0
  $tc qdisc add dev eth0 parent 1:500 handle 50: sfq perturb 10


#############################
## filters:
#############################

tc_fadd="$tc filter add dev eth0 protocol ip"

## from $PARTNER:
#
$tc_fadd parent 1:0 prio 0 u32 \
   match ip src $PARTNER match tcp src 80 0xffff flowid 1:500
$tc_fadd parent 1:0 prio 0 handle 8 fw flowid 1:500

## pass local traffic unshaped:
#
$tc_fadd parent 1:0 prio 1 u32 \
   match ip src $INTRANET match ip dst $INTRANET flowid 1:$default

$tc_fadd parent 1:0 prio 1 u32 \
   match ip src $DMZ_NET match ip dst $INTRANET flowid 1:$default

$tc_fadd parent 1:0 prio 1 u32 \
   match ip src $DMZ_NET match ip dst $DMZ_NET flowid 1:$default

$tc_fadd parent 1:0 prio 1 u32 \
   match ip src $INTRANET match ip dst $DMZ_NET flowid 1:$default

## admins:
#
$tc_fadd parent 1:0 prio 3 u32 \
    match ip dst $BIG_BOSS flowid 1:210

$tc_fadd parent 1:0 prio 3 u32 \
    match ip dst $FAT_ADMN flowid 1:220

## localnet masq'ed:
#

# one subnet:
$tc_fadd parent 1:0 prio 0 handle 4 fw flowid 1:300

# another one:
$tc_fadd parent 1:0 prio 0 handle 5 fw flowid 1:300

## from BAD to proxy server:
#
$tc_fadd parent 1:0 prio 0 handle 1 fw flowid 1:300

## from BAD to http & smtp & pop:
#
$tc_fadd parent 1:0 prio 0 handle 2 fw flowid 1:400
$tc_fadd parent 1:0 prio 0 handle 3 fw flowid 1:400

# END OF SCRIPT

===========  END OF MY "HTB INIT" SCRIPT  ===========

And, please, take a look at my filters.
(I changed addresses there for clarity;)

===========  tc filter show dev eth0  ===========

filter parent 1: protocol ip pref 1 u32 
filter parent 1: protocol ip pref 1 u32 fh 802: ht divisor 1 
filter parent 1: protocol ip pref 1 u32 fh 802::800 order 2048 key ht
802 bkt 0 flowid 1:210 
  match $BIG_BOSS at 16
filter parent 1: protocol ip pref 1 u32 fh 802::801 order 2049 key ht
802 bkt 0 flowid 1:220 
  match $FAT_ADMN at 16
filter parent 1: protocol ip pref 1 u32 fh 801: ht divisor 1 
filter parent 1: protocol ip pref 1 u32 fh 801::800 order 2048 key ht
801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 1 u32 fh 801::801 order 2049 key ht
801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 1 u32 fh 801::802 order 2050 key ht
801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 1 u32 fh 801::803 order 2051 key ht
801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 
filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht
800 bkt 0 flowid 1:500 
  match $PARTNER at 12
  match 00500000/ffff0000 at nexthdr+0
filter parent 1: protocol ip pref 3 u32 
filter parent 1: protocol ip pref 3 u32 fh 802: ht divisor 1 
filter parent 1: protocol ip pref 3 u32 fh 802::800 order 2048 key ht
802 bkt 0 flowid 1:210 
  match $BIG_BOSS at 16
filter parent 1: protocol ip pref 3 u32 fh 802::801 order 2049 key ht
802 bkt 0 flowid 1:220 
  match $FAT_ADMN at 16
filter parent 1: protocol ip pref 3 u32 fh 801: ht divisor 1 
filter parent 1: protocol ip pref 3 u32 fh 801::800 order 2048 key ht
801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 3 u32 fh 801::801 order 2049 key ht
801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 3 u32 fh 801::802 order 2050 key ht
801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 3 u32 fh 801::803 order 2051 key ht
801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 3 u32 fh 800: ht divisor 1 
filter parent 1: protocol ip pref 3 u32 fh 800::800 order 2048 key ht
800 bkt 0 flowid 1:500 
  match 3f4dd600/ffffff00 at 12
  match 00500000/ffff0000 at nexthdr+0
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x3 classid 1:400 
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x2 classid 1:400 
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x1 classid 1:300 
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x5 classid 1:300 
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x4 classid 1:300 
filter parent 1: protocol ip pref 49151 fw 
filter parent 1: protocol ip pref 49151 fw handle 0x8 classid 1:500 
filter parent 1: protocol ip pref 49152 u32 
filter parent 1: protocol ip pref 49152 u32 fh 802: ht divisor 1 
filter parent 1: protocol ip pref 49152 u32 fh 802::800 order 2048 key
ht 802 bkt 0 flowid 1:210 
  match $BIG_BOSS at 16
filter parent 1: protocol ip pref 49152 u32 fh 802::801 order 2049 key
ht 802 bkt 0 flowid 1:220 
  match $FAT_ADMN at 16
filter parent 1: protocol ip pref 49152 u32 fh 801: ht divisor 1 
filter parent 1: protocol ip pref 49152 u32 fh 801::800 order 2048 key
ht 801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 49152 u32 fh 801::801 order 2049 key
ht 801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $INTRANET at 16
filter parent 1: protocol ip pref 49152 u32 fh 801::802 order 2050 key
ht 801 bkt 0 flowid 1:20 
  match $DMZ_NET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 49152 u32 fh 801::803 order 2051 key
ht 801 bkt 0 flowid 1:20 
  match $INTRANET at 12
  match $DMZ_NET at 16
filter parent 1: protocol ip pref 49152 u32 fh 800: ht divisor 1 
filter parent 1: protocol ip pref 49152 u32 fh 800::800 order 2048 key
ht 800 bkt 0 flowid 1:500 
  match $PARTNER at 12
  match 00500000/ffff0000 at nexthdr+0

===========  END OF "tc filter show dev eth0"  ===========

So, I can see here my filters three times!
And their priorities slightly differs from specified.

I'm confused...

It works, except one thing. Filters order is not that I wish I had.

 > 
 > Stef

Thanks a lot.

 > 
 > -- 
 > 
 > stef.coene@docum.org
 >  "Using Linux as bandwidth manager"
 >      http://www.docum.org/
 >      #lartc @ irc.openprojects.net

-- 
 _,-=._              /|_/|       Where curiosity comes into play --
 `-.}   `=._,.-=-._.,  @ @._,         always foxes are there.
    `._ _,-.   )      _,.-'
       `    G.m-"^m`m'        Dmytro O. Redchuk
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

      parent reply	other threads:[~2002-04-16 15:37 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-04-16 14:07 [LARTC] filters order - are they ordered? Dmytro Redchuk
2002-04-16 14:13 ` Stef Coene
2002-04-16 14:19 ` Mihai RUSU
2002-04-16 15:37 ` Dmytro Redchuk [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-101897151604304@msgid-missing \
    --to=dredchuk@kse.kiev.ua \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.