* [LARTC] fw mark torouble
@ 2002-11-01 9:50 Alexey Sheshka
2002-11-01 10:54 ` Stef Coene
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Alexey Sheshka @ 2002-11-01 9:50 UTC (permalink / raw)
To: lartc
Hi!
I have been setup next configuration :
$TC qdisc add dev $DEVB root handle 1: htb default 30
$TC class add dev $DEVB parent 1: classid 1:1 htb rate 100mbit ceil 100mbit burst 15k
$TC class add dev $DEVB parent 1:1 classid 1:10 htb rate 1mbit ceil 1mbit burst 15k
$TC class add dev $DEVB parent 1:1 classid 1:30 htb rate 2mbit ceil 100mbit burst 15k
$TC qdisc add dev $DEVB parent 1:10 sfq perturb 10
$TC qdisc add dev $DEVB parent 1:30 sfq perturb 10
$iptables -A OUTPUT -t mangle -p tcp -d 192.168.15.129 -j MARK --set-mark 10
$tc filter add dev $DEVB protocol ip parent 1:0 prio 1 handle 10 fw classid 1:10
and all works fine, only 1 mbit goes to 192.168.15.129, but if I do
$iptables -A OUTPUT -t mangle -p tcp -s 0/0 --sport 80 -d 192.168.15.129 -j MARK --set-mark 10
$tc filter add dev $DEVB protocol ip parent 1:0 prio 1 handle 10 fw classid 1:10
HTTP to 192.168.15.129 goes full 100 Mbit .
Kernel 2.4.19 ; htb patch, tc binnary from HTB homepage
Where my mistake ?
Thanks.
--
Sheshka Aleksey
Senior Security Administrator
PGP key : http://pgp.dtype.org:11371/pks/lookup?op=get&search=0x0BE90515
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [LARTC] fw mark torouble
2002-11-01 9:50 [LARTC] fw mark torouble Alexey Sheshka
@ 2002-11-01 10:54 ` Stef Coene
2002-11-01 11:23 ` Alexey Sheshka
2002-11-01 11:46 ` Ethy H. Brito
2 siblings, 0 replies; 4+ messages in thread
From: Stef Coene @ 2002-11-01 10:54 UTC (permalink / raw)
To: lartc
On Friday 01 November 2002 10:50, Alexey Sheshka wrote:
> Hi!
>
> I have been setup next configuration :
>
> $TC qdisc add dev $DEVB root handle 1: htb default 30
>
> $TC class add dev $DEVB parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
> burst 15k $TC class add dev $DEVB parent 1:1 classid 1:10 htb rate 1mbit
> ceil 1mbit burst 15k $TC class add dev $DEVB parent 1:1 classid 1:30 htb
> rate 2mbit ceil 100mbit burst 15k
>
> $TC qdisc add dev $DEVB parent 1:10 sfq perturb 10
> $TC qdisc add dev $DEVB parent 1:30 sfq perturb 10
>
> $iptables -A OUTPUT -t mangle -p tcp -d 192.168.15.129 -j MARK --set-mark
> 10
> $tc filter add dev $DEVB protocol ip parent 1:0 prio 1 handle 10 fw
> classid 1:10
>
> and all works fine, only 1 mbit goes to 192.168.15.129, but if I do
>
> $iptables -A OUTPUT -t mangle -p tcp -s 0/0 --sport 80 -d 192.168.15.129
> -j MARK --set-mark 10
> $tc filter add dev $DEVB protocol ip parent 1:0 prio
> 1 handle 10 fw classid 1:10
>
> HTTP to 192.168.15.129 goes full 100 Mbit .
Can you check the iptables counters so you are sure that the packets get
marked? Maybe a tcpdump can give you more information.
Stef
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [LARTC] fw mark torouble
2002-11-01 9:50 [LARTC] fw mark torouble Alexey Sheshka
2002-11-01 10:54 ` Stef Coene
@ 2002-11-01 11:23 ` Alexey Sheshka
2002-11-01 11:46 ` Ethy H. Brito
2 siblings, 0 replies; 4+ messages in thread
From: Alexey Sheshka @ 2002-11-01 11:23 UTC (permalink / raw)
To: lartc
On Fri, 1 Nov 2002 11:54:08 +0100
Stef Coene <stef.coene@docum.org> wrote:
> On Friday 01 November 2002 10:50, Alexey Sheshka wrote:
> > Hi!
> >
> > I have been setup next configuration
> >
> > $TC qdisc add dev $DEVB root handle 1: htb default 30
> >
> > $TC class add dev $DEVB parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
> > burst 15k $TC class add dev $DEVB parent 1:1 classid 1:10 htb rate 1mbit
> > ceil 1mbit burst 15k $TC class add dev $DEVB parent 1:1 classid 1:30 htb
> > rate 2mbit ceil 100mbit burst 15k
> >
> > $TC qdisc add dev $DEVB parent 1:10 sfq perturb 10
> > $TC qdisc add dev $DEVB parent 1:30 sfq perturb 10
> >
> > $iptables -A OUTPUT -t mangle -p tcp -d 192.168.15.129 -j MARK --set-mark
> > 10
> > $tc filter add dev $DEVB protocol ip parent 1:0 prio 1 handle 10 fw
> > classid 1:10
> >
> > and all works fine, only 1 mbit goes to 192.168.15.129, but if I do
> >
> > $iptables -A OUTPUT -t mangle -p tcp -s 0/0 --sport 80 -d 192.168.15.129
> > -j MARK --set-mark 10
> > $tc filter add dev $DEVB protocol ip parent 1:0 prio
> > 1 handle 10 fw classid 1:10
> >
> > HTTP to 192.168.15.129 goes full 100 Mbit .
> Can you check the iptables counters so you are sure that the packets get
> marked? Maybe a tcpdump can give you more information.
Thanks . Problem solved. Popular mp3 server use pot 8001 and users bypass my rules.
>
> Stef
>
> --
>
> stef.coene@docum.org
> "Using Linux as bandwidth manager"
> http://www.docum.org/
> #lartc @ irc.oftc.net
--
PGP key : http://pgp.dtype.org:11371/pks/lookup?op=get&search=0x0BE90515
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] fw mark torouble
2002-11-01 9:50 [LARTC] fw mark torouble Alexey Sheshka
2002-11-01 10:54 ` Stef Coene
2002-11-01 11:23 ` Alexey Sheshka
@ 2002-11-01 11:46 ` Ethy H. Brito
2 siblings, 0 replies; 4+ messages in thread
From: Ethy H. Brito @ 2002-11-01 11:46 UTC (permalink / raw)
To: lartc
On Fri, 1 Nov 2002, Alexey Sheshka wrote:
> Hi!
>
>
> $iptables -A OUTPUT -t mangle -p tcp -s 0/0 --sport 80 -d 192.168.15.129 -j MARK --set-mark 10
This will only mark packets from your HTTP server (*localhost*) going to
192.168.15.129 (the client) . Is that what you mean?
Ethy H. Brito /"\
InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
(012) 341-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
Sao Jose dos Campos / \
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-11-01 11:46 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-11-01 9:50 [LARTC] fw mark torouble Alexey Sheshka
2002-11-01 10:54 ` Stef Coene
2002-11-01 11:23 ` Alexey Sheshka
2002-11-01 11:46 ` Ethy H. Brito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.