* tc problems @ 2009-07-14 14:44 Fabio Marcone 2009-07-14 17:22 ` Susan Hinrichs 2009-07-14 17:41 ` Anatoly Muliarski 0 siblings, 2 replies; 3+ messages in thread From: Fabio Marcone @ 2009-07-14 14:44 UTC (permalink / raw) To: netfilter Hi! I have a problem setting traffic shaping rules for routing packets. scenario: I have a linux router and two workstation that generate traffic to web server in Internet. I need to limit: - w1 to 100Kb/s in upload and 1MB/s in download - w2 to 200 Kb/s in upload and 2 MB/s in download I know that I have to set upload limit on wan interface and download limit on lan interface. The problem is in download: how can I setup tc filter to recognize response packets to w1 and to w2? only by ip? and if I use dhcp? Does exist a way to use mac address? Thanks in advance, Fabio ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: tc problems 2009-07-14 14:44 tc problems Fabio Marcone @ 2009-07-14 17:22 ` Susan Hinrichs 2009-07-14 17:41 ` Anatoly Muliarski 1 sibling, 0 replies; 3+ messages in thread From: Susan Hinrichs @ 2009-07-14 17:22 UTC (permalink / raw) To: Fabio Marcone; +Cc: netfilter You can indeed use the MAC addess in a u32 match by using negative offsets. See the faq article for details. http://www.docum.org/docum.org/faq/cache/62.html This will work to enforce your w1/w2 based download limits on the LAN interface. However, when your upload packets leave the WAN interface, the original workstation MACs will be long gone before the TC processing occurs. You could use the mac source tests in iptables and marks to propagate the information to the TC phase. Susan On Tue, 2009-07-14 at 16:44 +0200, Fabio Marcone wrote: > Hi! > I have a problem setting traffic shaping rules for routing packets. > > scenario: > I have a linux router and two workstation that generate traffic to web > server in Internet. > I need to limit: > - w1 to 100Kb/s in upload and 1MB/s in download > - w2 to 200 Kb/s in upload and 2 MB/s in download > > I know that I have to set upload limit on wan interface and download > limit on lan interface. > The problem is in download: how can I setup tc filter to recognize > response packets to w1 and to w2? only by ip? and if I use dhcp? Does > exist a way to use mac address? > > Thanks in advance, > Fabio > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: tc problems 2009-07-14 14:44 tc problems Fabio Marcone 2009-07-14 17:22 ` Susan Hinrichs @ 2009-07-14 17:41 ` Anatoly Muliarski 1 sibling, 0 replies; 3+ messages in thread From: Anatoly Muliarski @ 2009-07-14 17:41 UTC (permalink / raw) To: netfilter; +Cc: fabio.marcone Hi Fabio, Look at http://mailman.ds9a.nl/pipermail/lartc/2005q4/017633.html -- Best regards Anatoly Muliarski ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-07-14 17:41 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2009-07-14 14:44 tc problems Fabio Marcone 2009-07-14 17:22 ` Susan Hinrichs 2009-07-14 17:41 ` Anatoly Muliarski
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox