[LARTC] Can I use Ingress and Egress in one NAT Server

Linux Advanced Routing and Traffic Control list
 help / color / mirror / Atom feed

* [LARTC] Can I use Ingress and Egress in one NAT Server
@ 2001-06-04  7:41 Juergen
  0 siblings, 0 replies; only message in thread
From: Juergen @ 2001-06-04  7:41 UTC (permalink / raw)
  To: lartc

[-- Attachment #1: Type: text/plain, Size: 2112 bytes --]

My enviroment is like this...

FTP SERVER 1------|                                               
                                   |-----------eth0-----eth1---------||| My FTP Client||||
FTP SERVER 2------|              (NAT Server)


I want to mark the flow 0x88 from FTP Server 1 and mark 0x98 from FTP Server 2
When TOS's value is 0x88 then give it 1Mbit, 0x98 is 3Mbit
So my script is:

-----------------------------------------------------------------------------------------------------
INDEV="eth1"
EDEV="eth1"


tc qdisc add dev $INDEV handle 1:0 root dsmark indices 64 set_tc_index

tc class change dev $INDEV parent 1:0 classid 1:2 dsmark mask 0x3 value 0x88
tc class change dev $INDEV parent 1:0 classid 1:3 dsmark mask 0x3 value 0x98

tc filter add dev $INDEV parent 1:0 protocol ip prio 4 u32 match ip src \
140.92.61.20 flowid 1:2
tc filter add dev $INDEV parent 1:0 protocol ip prio 4 u32 match ip src \
140.92.61.40 flowid 1:3


tc qdisc add dev $EDEV parent 1:0 handle 3: cbq bandwidth 10Mbit avpkt 500
tc class add dev $EDEV parent 3:0 classid 3:1 cbq bandwidth 10Mbit rate \
1Mbit allot 1514 weight 100Kbit prio 8 maxburst 20 avpkt 500 isolated bounded
tc class add dev $EDEV parent 3:0 classid 3:2 cbq bandwidth 10Mbit rate \
3Mbit allot 1514 weight 300Kbit prio 8 maxburst 20 avpkt 500 isolated bounded

tc filter add dev $EDEV parent 3:0 protocol ip prio 4 u32 match ip tos \
0x88 0xfc flowid 3:1
tc filter add dev $EDEV parent 3:0 protocol ip prio 4 u32 match ip tos \
0x98 flowid 3:2
----------------------------------------------------------------------------------------------------

I found that it can really modify my TOS value, but cannot shap with 1Mbit or 3Mbit.
If I use u32 and parameter is "ip src 140.92.61.x", then it can works.(shap with the correct bandwdth --> 1Mbit or 3Mbit )
At least I use iptables and tc to combind and it finally works  (mark and shape at the same time....and correctly).
But my problem is iptables can only modify TOS with 5 kinds of value...and AF num have 12 values....
How can I do with AF num????


[-- Attachment #2: Type: text/html, Size: 3883 bytes --]

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2001-06-04  7:41 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-06-04  7:41 [LARTC] Can I use Ingress and Egress in one NAT Server Juergen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox