From: Clemens Resanka <cresanka@gmx.net>
To: lartc@vger.kernel.org
Subject: [LARTC] how does <<isolated>> work??
Date: Fri, 01 Nov 2002 20:15:00 +0000 [thread overview]
Message-ID: <marc-lartc-103618180224037@msgid-missing> (raw)
Hi all,
I am trying to use cbq to limit the traffic of an interface.
I want all traffic from local addresses to pass through unlimted, all
web-traffic limited to 500kbit and the rest limited to 250kbit. The
500kbit and the 250kbit traffic should be allowed to borrow from each
other, but not from the unlimited local addresses.
Here's the setup:
# 1:0 cbq
# / | \
# / | \
# / | \
# 1:1 1:2 1:3
# | | |
# | | |
# 2:0 3:0 4:0 sfq
#
# local Web rest
# unl. LIMIT1 LIMIT2
I made 1:1 isolated but 1:2 and 1:3 still borrow from it. bounded
however works as expected.
Did I miss something or is the isolated option broken?
btw: I tried it with a 2.4.10 and a 2.4.19 kernel.
here are the commands I tried:
----------------------------------------------------------------------
# IP to route through 1:1
LOCALIP\x192.168.0.0/24
# Limit of 1:2
LIMIT1P0kbit
# Limit of 1:3
LIMIT2%0kbit
# Interface to limit
IFACE=eth1
# 1:0 cbq qdisc
tc qdisc add dev $IFACE root handle 1:0 cbq bandwidth 100Mbit \
avpkt 1000
# 1:1 cbq class; unlimited
tc class add dev $IFACE parent 1:0 classid 1:1 cbq \
bandwidth 100Mbit rate 100Mbit maxburst 20 avpkt 1000 isolated
# 1:2 cbq class; limited to $LIMIT1
tc class add dev $IFACE parent 1:0 classid 1:2 cbq \
bandwidth 100Mbit rate $LIMIT1 maxburst 20 avpkt 1000
# 1:3 cbq class; limited to $LIMIT2
tc class add dev $IFACE parent 1:0 classid 1:3 cbq \
bandwidth 100Mbit rate $LIMIT2 maxburst 20 avpkt 1000
# 2:0, 3:0 sfq
tc qdisc add dev $IFACE parent 1:1 handle 2:0 sfq
tc qdisc add dev $IFACE parent 1:2 handle 3:0 sfq
tc qdisc add dev $IFACE parent 1:3 handle 4:0 sfq
# everything from $LOCALIP goes to 1:1
tc filter add dev $IFACE protocol ip parent 1:0 prio 1 u32 \
match ip src $LOCALIP flowid 1:1
# port 80 to 1:2
tc filter add dev $IFACE protocol ip parent 1:0 prio 1 u32 \
match ip sport 80 0xffff flowid 1:2
# port 443 to 1:2
tc filter add dev $IFACE protocol ip parent 1:0 prio 1 u32 \
match ip sport 443 0xffff flowid 1:2
# everything else to 1:3
tc filter add dev $IFACE protocol ip parent 1:0 prio 1 u32 \
match ip src 0.0.0.0/0 flowid 1:3
----------------------------------------------------------------------
So far..
- Clemens -
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next reply other threads:[~2002-11-01 20:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-01 20:15 Clemens Resanka [this message]
2002-11-01 20:57 ` [LARTC] how does <<isolated>> work?? Stef Coene
2002-11-02 2:42 ` S Mohan
2002-11-02 8:24 ` Clemens Resanka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103618180224037@msgid-missing \
--to=cresanka@gmx.net \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.