From mboxrd@z Thu Jan 1 00:00:00 1970 From: m.dages@avk.net Date: Mon, 21 May 2001 15:30:16 +0000 Subject: Antwort: Re: [LARTC] tc and masquerading probs Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hi, thank you for your support. Your idea, looking also at the source ip with the u32 filter works very well. Markus wningtung.leung wrote: >> On Fri, 18 May 2001 m.dages@avk.net wrote: >> Ok, now I've read the Linux 2.4 Advance Routing Howto and some other >> documents that I could found about tc. All the examples describes an >> environment with a linux box that has 2 ethernet cards, but our router only >> have 1. This ony ethernet adapter (eth0) is bounded to the ppp0 device and >> handles the LAN traffic. >> Here's a short sheme: >> >> INTERNET <-----> [ ppp0/Dynamic IP --- Linux router --- >> eth0/192.168.100.250] <------> Office Lan 192.168.100.0/24 >It doesn't matter wether it's a eth or ppp device, just look at it as a >network interface and everything works fine. > >The solution I propose (haven't tested it though): > >Don't use firewall marks, but use the u32 filter instead. > >Look at the source and target IP and redirect the pakket to the correct >class. > >(source != router && dest = low_prio_host) -> slow_class >(source != router && dest = hi_prio_host) -> no_limit >(source = router) -> no_limit > >This is only an idea for the downstream, I haven't been thinking about >limitimg the upstream. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/