[LARTC] Can I use Ingress and Egress in one NAT Server

All of lore.kernel.org
 help / color / mirror / Atom feed

* [LARTC] Can I use Ingress and Egress in one NAT Server
@ 2001-06-04  7:41 Juergen
  0 siblings, 0 replies; only message in thread
From: Juergen @ 2001-06-04  7:41 UTC (permalink / raw)
  To: lartc

[-- Attachment #1: Type: text/plain, Size: 2112 bytes --]

My enviroment is like this...

FTP SERVER 1------|                                               
                                   |-----------eth0-----eth1---------||| My FTP Client||||
FTP SERVER 2------|              (NAT Server)


I want to mark the flow 0x88 from FTP Server 1 and mark 0x98 from FTP Server 2
When TOS's value is 0x88 then give it 1Mbit, 0x98 is 3Mbit
So my script is:

-----------------------------------------------------------------------------------------------------
INDEV="eth1"
EDEV="eth1"


tc qdisc add dev $INDEV handle 1:0 root dsmark indices 64 set_tc_index

tc class change dev $INDEV parent 1:0 classid 1:2 dsmark mask 0x3 value 0x88
tc class change dev $INDEV parent 1:0 classid 1:3 dsmark mask 0x3 value 0x98

tc filter add dev $INDEV parent 1:0 protocol ip prio 4 u32 match ip src \
140.92.61.20 flowid 1:2
tc filter add dev $INDEV parent 1:0 protocol ip prio 4 u32 match ip src \
140.92.61.40 flowid 1:3


tc qdisc add dev $EDEV parent 1:0 handle 3: cbq bandwidth 10Mbit avpkt 500
tc class add dev $EDEV parent 3:0 classid 3:1 cbq bandwidth 10Mbit rate \
1Mbit allot 1514 weight 100Kbit prio 8 maxburst 20 avpkt 500 isolated bounded
tc class add dev $EDEV parent 3:0 classid 3:2 cbq bandwidth 10Mbit rate \
3Mbit allot 1514 weight 300Kbit prio 8 maxburst 20 avpkt 500 isolated bounded

tc filter add dev $EDEV parent 3:0 protocol ip prio 4 u32 match ip tos \
0x88 0xfc flowid 3:1
tc filter add dev $EDEV parent 3:0 protocol ip prio 4 u32 match ip tos \
0x98 flowid 3:2
----------------------------------------------------------------------------------------------------

I found that it can really modify my TOS value, but cannot shap with 1Mbit or 3Mbit.
If I use u32 and parameter is "ip src 140.92.61.x", then it can works.(shap with the correct bandwdth --> 1Mbit or 3Mbit )
At least I use iptables and tc to combind and it finally works  (mark and shape at the same time....and correctly).
But my problem is iptables can only modify TOS with 5 kinds of value...and AF num have 12 values....
How can I do with AF num????


[-- Attachment #2: Type: text/html, Size: 3883 bytes --]

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2001-06-04  7:41 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-06-04  7:41 [LARTC] Can I use Ingress and Egress in one NAT Server Juergen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.