Re: tc problems - Susan Hinrichs

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Susan Hinrichs <shinrich@thought-mesh.net>
To: Fabio Marcone <fabio.marcone@duet.it>
Cc: netfilter@vger.kernel.org
Subject: Re: tc problems
Date: Tue, 14 Jul 2009 12:22:01 -0500	[thread overview]
Message-ID: <1247592121.2769.601.camel@chichi> (raw)
In-Reply-To: <4A5C99BB.4080405@duet.it>

You can indeed use the MAC addess in a u32 match by using negative
offsets.  See the faq article for details.
http://www.docum.org/docum.org/faq/cache/62.html

This will work to enforce your w1/w2 based download limits on the LAN
interface.

However, when your upload packets leave the WAN interface, the original
workstation MACs will be long gone before the TC processing occurs.  You
could use the mac source tests in iptables and marks to propagate the
information to the TC phase.

Susan

On Tue, 2009-07-14 at 16:44 +0200, Fabio Marcone wrote:
> Hi!
> I have a problem setting traffic shaping rules for routing packets.
> 
> scenario:
> I have a linux router and two workstation that generate traffic to web 
> server in Internet.
> I need to limit:
>   - w1 to 100Kb/s in upload and 1MB/s in download
>   - w2 to 200 Kb/s in upload and 2 MB/s in download
> 
> I know that I have to set upload limit on wan interface and download 
> limit on lan interface.
> The problem is in download: how can I setup tc filter to recognize 
> response packets to w1 and to w2? only by ip? and if I use dhcp? Does 
> exist a way to use mac address?
> 
> Thanks in advance,
> Fabio
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

next prev parent reply	other threads:[~2009-07-14 17:22 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-07-14 14:44 tc problems Fabio Marcone
2009-07-14 17:22 ` Susan Hinrichs [this message]
2009-07-14 17:41 ` Anatoly Muliarski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1247592121.2769.601.camel@chichi \
    --to=shinrich@thought-mesh.net \
    --cc=fabio.marcone@duet.it \
    --cc=netfilter@vger.kernel.org \
    --cc=shinrich@ieee.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox