From: Radu Oprisan <radu@securesystems.ro>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] TC using vlan interface
Date: Thu, 22 Jun 2006 22:17:48 +0000 [thread overview]
Message-ID: <449B170C.8010704@securesystems.ro> (raw)
In-Reply-To: <00e801c69608$127b67e0$0900fe0a@LucianoNotebook>
Torsten Luettgert wrote:
> On Thu, 2006-06-22 at 11:28 -0300, Luciano wrote:
>
>> Hi all,
>>
>> Is it possible to use TC (HTB) in vlan interfaces ?
>> Where can I find more documentation ?
>>
>
> Yes, that is possible. VLAN interfaces are really
> different from the physical interface they reside
> on, kernel-wise.
>
> For example, if you put a 1 MBit HTB on eth0,
> but no qdisc on VLAN device eth0.1, traffic through
> eth0.1 won't be throttled at all. I suspect the same
> goes for iptables rules (but didn't try that yet).
>
>
Let me explain...
Due to the fact that vlan id's add some 4 bytes to the header of the
packet, tc filter does not work properly unless you feed it with an
offset and a hex match. I use 801.q and TC with iptables and tc filter
rules based on iptables mark with great success. I admit it is more
complicated this way, but it works...
iptables -A FORWARD -t mangle -d xxx.xxx.xxx.xxx -j MARK --set-mark 12
iptables -A FORWARD -t mangle -d xxx.xxx.xxx.xxx -j RETURN
tc class add dev eth0 parent 10:1 classid 10:112 htb rate 20Mbit ceil
20Mbit ..............
tc filter add dev eth0 parent 10:0 protocol 802.1q prio 90 handle 12 fw
flowid 10:112
tc qdisc add dev eth0 parent 10:112 handle 10112 sfq perturb 10
class htb 10:112 parent 10:1 leaf 112: prio 0 rate 20000Kbit ceil
20000Kbit burst 2Kb cburst 11597b
Sent 9638423935 bytes 12057262 pkt (dropped 0, overlimits 0 requeues 0)
rate 268048bit 37pps backlog 0b 0p requeues 0
lended: 11929727 borrowed: 127535 giants: 0
tokens: 806 ctokens: 4719
> For documentation, see the LARTC howto and the docs
> on the HTB home page. There are also some ready-made
> shaping scripts which can help you understanding how
> all this works.
>
> Regards,
> Torsten
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2006-06-22 22:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-22 14:28 [LARTC] TC using vlan interface Luciano
2006-06-22 16:47 ` Torsten Luettgert
2006-06-22 22:17 ` Radu Oprisan [this message]
2006-06-22 23:44 ` Torsten Luettgert
2006-06-22 23:54 ` Gafton Claudiu
2006-06-23 0:11 ` Radu Oprisan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=449B170C.8010704@securesystems.ro \
--to=radu@securesystems.ro \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox