From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joshua Snyder Date: Tue, 22 May 2001 22:16:27 +0000 Subject: [LARTC] Ingress Limiting... Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org I am having a problem with Ingress limiting. I need to limit a interface to 6Mbit of traffic incoming and outgoing. Below is what I am trying to do. I know that it would be best to limit the incoming traffic at the upstream router. But, this is not an option. I need to limit traffic only on the Internet connection. Each of these machines will have at least one ethernet segment, but could have many other interfaces. Linux Box *----* eth1 Internet(eth0) | |-------- ---------------| | (6Mb in+out) | |----\ *----* | Other Interfaces? So, here is how I am thinking about doing this. I want to put an ingress qdisc on the Internet side (eth0) to control the incoming bandwidth. Then I want to put a CBQ+TBF to do the limiting on the outbound side. I don't have a problem with the outbound traffic. But I can't seem to get the Ingress stuff to work. Here is what I am trying to do... tc qdisc add dev eth0 handle ffff: ingress ipchains -A input -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 -m 1 ipchains -A output -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 -m 2 tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw \ police rate 6000kbit burst 40k drop This is not working, I don't see any data coming over the ingress qdisc. Should this work? Is their a better way of doing this( I think I need to limit only on the internet connection )? I am currently using linux 2.2.14 with the DS-8 patch and I have new iproute2 utils. Thanks in advance... josh _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/