From: "Juan Pablo Feria" <jferiago@infosel.net.mx>
To: lartc@vger.kernel.org
Subject: [LARTC] Limiting interface/ips traffic via qos
Date: Tue, 27 Mar 2001 19:11:25 +0000 [thread overview]
Message-ID: <marc-lartc-98574942803302@msgid-missing> (raw)
Hi, i want to build a firewall which restricts the traffic on ETH1 to 64Kb.,
i tried to use traffic shaper but if i try to apply the iptables rules to
the shaper0 device there are no communication between interfaces =(, so im
trying to make it via QOS and use the BOUNDES statement to restrict the
maximum traffic, here are my script:
# Attaching the Qdisc to the eth0 device. The maximum available bandwidth
is 10Mbit.
tc qdisc add dev eth0 root handle 1: cbq bandwidth 10Mbit cell 8 avpkt 1000
mpu 64
# Adding the root class to the queuing discipline. The root has 10 Mbit
completely.
tc class add dev eth0 parent 1:0 classid 1:1 cbq bandwidth 10Mbit rate
10Mbit allot 1514 cell 8 weight 1Mbit prio 8 maxburst 20 avpkt 1000
# Traffic to testbed11. The priority is 3 and the allocation is 64 Kbit.
tc class add dev eth0 parent 1:1 classid 1:2 cbq bandwidth 10Mbit rate
64Kbit allot 1514 cell 8 weight 100Kbit prio 3 maxburst 20 avpkt 1000 split
1:0 bounded
# Traffic to testbed13. The priority is 7 and the allocation is 10176 Kbit.
tc class add dev eth0 parent 1:1 classid 1:3 cbq bandwidth 10Mbit rate
10176Kbit allot 1514 cell 8 weight 800Kbit prio 7 maxburst 20 avpkt 1000
split 1:0 bounded
# Installing the route classifier on the root of the tree.
tc filter add dev eth0 parent 1:0 protocol ip prio 100 route
# Assigning the route and the rules for testbed11
ip route add 192.168.0.11 via 192.168.0.1 flow 1:2
NOTE: on this command i get:
root@Ner0N:/home/user#ip route add 192.168.0.11 via 192.168.0.1 flow 1:2
Error: either "to" is duplicate, or "flow" is a garbage
QUESTION 1
Is possible restrict to 64 K a link using a Queuing discipline?
Thanks in advance
<---- Begin Signature
Ing. Juan Pablo Feria Gomez
Responsable Técnico
TERRA NETWORKS SONORA
Voz : (62)594750 ext. 293
E-Mail: jferiago@no2spam.infosel.net.mx
ICQ# : 2149711
Õ¿Õ¬ "I believe in miracles, I believe in a better world for me and you"
~
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
reply other threads:[~2001-03-27 19:11 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-98574942803302@msgid-missing \
--to=jferiago@infosel.net.mx \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox