* [LARTC] Where have my all my TC filters gone??
@ 2003-12-04 21:51 Robert Walker
2003-12-05 3:25 ` Martin A. Brown
0 siblings, 1 reply; 2+ messages in thread
From: Robert Walker @ 2003-12-04 21:51 UTC (permalink / raw)
To: lartc
I have snipped out part of a script to load balance and bandwidth shape upload traffic to a NIC
(eth0/ETH_WAN) on a 2mbit/256kbit ADSL line. The balancing will be carried out for 3 users with 1+
PCs connected on another NIC. There are iptables instructions (not shown in the script) to mark
packets based on PORT and TOS. These are snipped as the marking appears to work its just the TC
FILTERs that just disappear :-(
Stef (or anyone else :-) can you please explain why:
# tc filter show dev eth0
#
shows no filters are in place on eth0 after running the script below???
Is this a problem with having a 2-level deep HTB class tree?? When my HTB tree is only 1 level
deep the TC filters get fed back properely with the above command!!
BTW I don't get any errors when running the script from a CLI.
Thanks
Robert
============================#Downlink speed limits (2048kbit/s max)
DOWNLINK\x1500
ROB_DOWNLINKP0
DAVE_DOWNLINKP0
MIKE_DOWNLINKP0
#Uplink speed limits (256kbit/s max)
UPLINK\x180
ROB_UPLINK`
DAVE_UPLINK`
MIKE_UPLINK`
#Interfaces to be shaped
ETH_WAN=eth0
#Define IP addresses/address blocks
WAN_IP\x192.168.1.2
LAN_IP\x192.168.0.0/24
ROB_IP\x192.168.0.8/29
DAVE_IP\x192.168.0.16/29
MIKE_IP\x192.168.0.24/29
DC_LAN_IP\x192.168.0.8
tc qdisc add dev $ETH_WAN root handle 1: htb default 160
tc class add dev $ETH_WAN parent 1: classid 1:1 htb rate ${UPLINK}kbit ceil ${UPLINK}kbit
tc class add dev $ETH_WAN parent 1:1 classid 1:10 htb rate ${ROB_UPLINK}kbit ceil ${UPLINK}kbit
prio 0
tc class add dev $ETH_WAN parent 1:1 classid 1:20 htb rate ${DAVE_UPLINK}kbit ceil ${UPLINK}kbit
prio 0
tc class add dev $ETH_WAN parent 1:1 classid 1:30 htb rate ${MIKE_UPLINK}kbit ceil ${UPLINK}kbit
prio 0
####### Sort packets to the correct user according to the source IP address
tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${ROB_IP} flowid 1:10
tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${DAVE_IP} flowid 1:20
tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${MIKE_IP} flowid 1:30
####### Sort packets to Rob's LAN addresses ########
tc class add dev $ETH_WAN parent 1:10 classid 1:11 htb rate ${ROB_UPLINK}kbit ceil ${UPLINK}kbit
prio 0 quantum 15000
tc class add dev $ETH_WAN parent 1:10 classid 1:12 htb rate ${ROB_UPLINK}kbit ceil ${UPLINK}kbit
prio 1 quantum 15000
tc class add dev $ETH_WAN parent 1:10 classid 1:13 htb rate 20kbit ceil ${UPLINK}kbit prio 2
quantum 3000
tc class add dev $ETH_WAN parent 1:10 classid 1:14 htb rate 20kbit ceil ${UPLINK}kbit prio 2
quantum 3000
tc class add dev $ETH_WAN parent 1:10 classid 1:15 htb rate 10kbit ceil ${UPLINK}kbit prio 3
quantum 1500
tc class add dev $ETH_WAN parent 1:10 classid 1:16 htb rate 30kbit ceil ${UPLINK}kbit prio 3
quantum 3000
tc qdisc add dev $ETH_WAN parent 1:13 handle 130: sfq perturb 10
tc qdisc add dev $ETH_WAN parent 1:14 handle 140: sfq perturb 10
tc qdisc add dev $ETH_WAN parent 1:15 handle 150: sfq perturb 10
tc qdisc add dev $ETH_WAN parent 1:16 handle 160: sfq perturb 10
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 1 handle 1 fw classid 1:11
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 2 handle 2 fw classid 1:12
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 3 handle 3 fw classid 1:13
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 4 handle 4 fw classid 1:14
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 5 handle 5 fw classid 1:15
tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 6 handle 6 fw classid 1:16
####### Sort packets to Dave's LAN addresses ########
======================
<snip>
======================
####### Sort packets to Mike's LAN addresses ########
======================
<snip>
======================
< OTHER STUFF SNIPPED: packet mangle marking according to PORT and TOS (to give handles 1-6 used
in above TC filters) >
======================
________________________________________________________________________
Download Yahoo! Messenger now for a chance to win Live At Knebworth DVDs
http://www.yahoo.co.uk/robbiewilliams
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] Where have my all my TC filters gone??
2003-12-04 21:51 [LARTC] Where have my all my TC filters gone?? Robert Walker
@ 2003-12-05 3:25 ` Martin A. Brown
0 siblings, 0 replies; 2+ messages in thread
From: Martin A. Brown @ 2003-12-05 3:25 UTC (permalink / raw)
To: lartc
Hi there Robert,
: I have snipped out part of a script to load balance and bandwidth shape
: upload traffic to a NIC (eth0/ETH_WAN) on a 2mbit/256kbit ADSL line.
: The balancing will be carried out for 3 users with 1+ PCs connected on
: another NIC. There are iptables instructions (not shown in the script)
: to mark packets based on PORT and TOS. These are snipped as the marking
: appears to work its just the TC FILTERs that just disappear :-(
They should be there.....the command you posted just doesn't ask the
kernel the question which would show your filters!
: Stef (or anyone else :-) can you please explain why:
:
: # tc filter show dev eth0
: #
Try "tc filter show dev eth0 parent 1:1" and "tc filter show dev eth0
parent 1:10". This should present you with your filters.
: shows no filters are in place on eth0 after running the script below???
If no handle in particular is specified in the "tc filter show dev $DEV"
command, then the default (root) handle "1:0" is displayed.
: Is this a problem with having a 2-level deep HTB class tree?? When my
: HTB tree is only 1 level deep the TC filters get fed back properely
: with the above command!!
:
: BTW I don't get any errors when running the script from a CLI.
[ snipped stuff ]
: tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${ROB_IP} flowid 1:10
: tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${DAVE_IP} flowid 1:20
: tc filter add dev $ETH_WAN parent 1:1 protocol ip prio 1 u32 match ip src ${MIKE_IP} flowid 1:30
Here you'll see that your script is attaching these filters to handle 1:1,
and below
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 1 handle 1 fw classid 1:11
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 2 handle 2 fw classid 1:12
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 3 handle 3 fw classid 1:13
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 4 handle 4 fw classid 1:14
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 5 handle 5 fw classid 1:15
: tc filter add dev $ETH_WAN parent 1:10 protocol ip prio 6 handle 6 fw classid 1:16
your script attaches these filters to 1:10! This means that you'll only
be able to see them if you explicitly list the filters attached to this
handle.
This doesn't really solve your problem, though....in order to solve your
problem, (I think) you should be able to alter the handle on all of your
"tc filter" statements to "1:0". Then try running your script again.
That should put you much closer to your goal.
Good luck,
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-12-05 3:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-12-04 21:51 [LARTC] Where have my all my TC filters gone?? Robert Walker
2003-12-05 3:25 ` Martin A. Brown
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.