[LARTC] QoS on bridge device

[LARTC] QoS on bridge device

[Abraham van der Merwe]

[-- Attachment #1: Type: text/plain, Size: 952 bytes --]

Hi!

Usually if you have a machine and traffic passes through it:

              +-----+
          eth0| QoS |
 -------------| box |-------------
              |     |eth1
              +-----+

You can shape outgoing traffic on eth0 and eth1 effectively shaping both
incoming/outgoing traffic.

With bridging and above setup you only have a single device br0 - my
question is whether you can shape both incoming/outgoing traffic on this
device (i would presume it is not possible) or do you need to redirect
traffic passing through br0 to imq0 and do shaping on outgoing traffic on
both br0 and imq0?

-- 

Regards
 Abraham

If you're not part of the solution, you're part of the precipitate.

___________________________________________________
 Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
 P.O. Box 3472, Matieland, Stellenbosch, 7602
 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
 Email: abz@frogfoot.net


[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

RE: [LARTC] QoS on bridge device

[S Mohan]

I use this configuration. You still use eth0 and eth1 and not br0. It works
as intended. tc operates at one level below bridging code at the device
queue level as I understand it. Thus whether it is a bridge or router, we
shape on the physical interface level. I guess like imq (virtual device)
some tinkering will need to be done to use br0 as a device on which QoS can
be applied.

HTH
Mohan

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Abraham van der Merwe
Sent: 04 March 2003 14:29
To: Linux Advanced Routing & Traffic Control list
Subject: [LARTC] QoS on bridge device


Hi!

Usually if you have a machine and traffic passes through it:

              +-----+
          eth0| QoS |
 -------------| box |-------------
              |     |eth1
              +-----+

You can shape outgoing traffic on eth0 and eth1 effectively shaping both
incoming/outgoing traffic.

With bridging and above setup you only have a single device br0 - my
question is whether you can shape both incoming/outgoing traffic on this
device (i would presume it is not possible) or do you need to redirect
traffic passing through br0 to imq0 and do shaping on outgoing traffic on
both br0 and imq0?

--

Regards
 Abraham

If you're not part of the solution, you're part of the precipitate.

___________________________________________________
 Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
 P.O. Box 3472, Matieland, Stellenbosch, 7602
 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
 Email: abz@frogfoot.net


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] QoS on bridge device

[Bogdan Coman]

The shaping is done on eth0 and eth1. There is also a patch that allows
you to match packets that are passing the bridge with iptables. Br0 is
used only for trafic that is for the bridge. Eg. a machine has a route
through the ip of br0.

Bogdan Coman

On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote:
> Hi!
> 
> Usually if you have a machine and traffic passes through it:
> 
>               +-----+
>           eth0| QoS |
>  -------------| box |-------------
>               |     |eth1
>               +-----+
> 
> You can shape outgoing traffic on eth0 and eth1 effectively shaping both
> incoming/outgoing traffic.
> 
> With bridging and above setup you only have a single device br0 - my
> question is whether you can shape both incoming/outgoing traffic on this
> device (i would presume it is not possible) or do you need to redirect
> traffic passing through br0 to imq0 and do shaping on outgoing traffic on
> both br0 and imq0?
> 
> -- 
> 
> Regards
>  Abraham
> 
> If you're not part of the solution, you're part of the precipitate.
> 
> ___________________________________________________
>  Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
>  P.O. Box 3472, Matieland, Stellenbosch, 7602
>  Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
>  Email: abz@frogfoot.net
> 


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] QoS on bridge device

[Abraham van der Merwe]

[-- Attachment #1: Type: text/plain, Size: 2049 bytes --]

Hi Bogdan!

Thanks. One more question:

If I match packets for shaping (instead of tc filters), which chain should I
match packets on? Usually I use FORWARD in the mangle table, but if I look
at the following diagram:

http://www.sparkle-cc.co.uk/firewall/firewall.html

it seems that packets won't go through FORWARD anymore (if it goes through
the bridge) so I guess I should match packets on OUTPUT in the mangle table
- is this assumption correct?

> The shaping is done on eth0 and eth1. There is also a patch that allows
> you to match packets that are passing the bridge with iptables. Br0 is
> used only for trafic that is for the bridge. Eg. a machine has a route
> through the ip of br0.
> 
> Bogdan Coman
> 
> On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote:
> > Hi!
> > 
> > Usually if you have a machine and traffic passes through it:
> > 
> >               +-----+
> >           eth0| QoS |
> >  -------------| box |-------------
> >               |     |eth1
> >               +-----+
> > 
> > You can shape outgoing traffic on eth0 and eth1 effectively shaping both
> > incoming/outgoing traffic.
> > 
> > With bridging and above setup you only have a single device br0 - my
> > question is whether you can shape both incoming/outgoing traffic on this
> > device (i would presume it is not possible) or do you need to redirect
> > traffic passing through br0 to imq0 and do shaping on outgoing traffic on
> > both br0 and imq0?

> 
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

-- 

Regards
 Abraham

I'm not sure whether that's actually useful...
             -- Larry Wall in <199710011704.KAA21395@wall.org>

___________________________________________________
 Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
 P.O. Box 3472, Matieland, Stellenbosch, 7602
 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
 Email: abz@frogfoot.net


[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

RE: [LARTC] QoS on bridge device

[S Mohan]

The packet flow diagrams have been well documented here.
http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html

If you are matching packets for shaping, you must use tc. iptables will not
do any shaping. It will only modify headers and take decision on packet
flow. The only place where this would be amenable to any kind of traffic
management is rate limiting. This is not in any place/ application
constitute/construe bandwidth management or traffic shaping.

Mohan

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Abraham van der Merwe
Sent: 04 March 2003 18:36
To: Bogdan Coman
Cc: Linux Advanced Routing & Traffic Control list
Subject: Re: [LARTC] QoS on bridge device


Hi Bogdan!

Thanks. One more question:

If I match packets for shaping (instead of tc filters), which chain should I
match packets on? Usually I use FORWARD in the mangle table, but if I look
at the following diagram:

http://www.sparkle-cc.co.uk/firewall/firewall.html

it seems that packets won't go through FORWARD anymore (if it goes through
the bridge) so I guess I should match packets on OUTPUT in the mangle table
- is this assumption correct?

> The shaping is done on eth0 and eth1. There is also a patch that allows
> you to match packets that are passing the bridge with iptables. Br0 is
> used only for trafic that is for the bridge. Eg. a machine has a route
> through the ip of br0.
>
> Bogdan Coman
>
> On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote:
> > Hi!
> >
> > Usually if you have a machine and traffic passes through it:
> >
> >               +-----+
> >           eth0| QoS |
> >  -------------| box |-------------
> >               |     |eth1
> >               +-----+
> >
> > You can shape outgoing traffic on eth0 and eth1 effectively shaping both
> > incoming/outgoing traffic.
> >
> > With bridging and above setup you only have a single device br0 - my
> > question is whether you can shape both incoming/outgoing traffic on this
> > device (i would presume it is not possible) or do you need to redirect
> > traffic passing through br0 to imq0 and do shaping on outgoing traffic
on
> > both br0 and imq0?

>
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

--

Regards
 Abraham

I'm not sure whether that's actually useful...
             -- Larry Wall in <199710011704.KAA21395@wall.org>

___________________________________________________
 Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
 P.O. Box 3472, Matieland, Stellenbosch, 7602
 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
 Email: abz@frogfoot.net


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] QoS on bridge device

[Abraham van der Merwe]

[-- Attachment #1: Type: text/plain, Size: 1241 bytes --]

Hi S!

> The packet flow diagrams have been well documented here.
> http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html

That assumes you're using ebtables and matching traffic passing through br0.
I want to match traffic passing through eth0 and eth1.

> If you are matching packets for shaping, you must use tc. iptables will not
> do any shaping. It will only modify headers and take decision on packet
> flow. The only place where this would be amenable to any kind of traffic
> management is rate limiting. This is not in any place/ application
> constitute/construe bandwidth management or traffic shaping.

Yes, I know. tc matches traffic according to flags set in skb->priority. I'm
using iptables to match traffic and set those priorities (so like I said I'm
not using tc filters - i'm still using tc qdiscs to do the actual shaping).

-- 

Regards
 Abraham

"I prefer rogues to imbeciles, because they sometimes take a rest."
-- Alexandre Dumas (fils)

___________________________________________________
 Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
 P.O. Box 3472, Matieland, Stellenbosch, 7602
 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
 Email: abz@frogfoot.net


[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]