simple method to set tos

simple method to set tos

[Попов Игорь Николаевич]

  Hi, all!
I'm interesting is there a simple method to set tos on ip packets, that 
destinated to specific ip address?
-- 
Arbitrary systems, pl.n.:
════════Systems about which nothing general can be said, save "nothing
general can be said."
__________
www.newmail.ru -- бесплатная почта, бесплатный хостинг.

Re: simple method to set tos

[George Alexandru Dragoi]

Try using DSCP or TOS target with netfilter, like:

iptables -t mangle -A POSTROUTING -d <ip address> -j TOS --set-tos <tos>
or
iptables -t mangle -A POSTROUTING -d <ip address> -j DSCP --set-dscp <dscp>

DSCP is a combination of unused tos bits and some other unused bits
from ip header, looking for that on google should show exactly wich.


On Thu, 31 Mar 2005 17:38:23 +0400, Попов Игорь Николаевич
<igorpopov@newmail.ru> wrote:
>   Hi, all!
> I'm interesting is there a simple method to set tos on ip packets, that
> destinated to specific ip address?
> --
> Arbitrary systems, pl.n.:
> ════════Systems about which nothing general can be said, save "nothing
> general can be said."
> __________
> www.newmail.ru -- бесплатная почта, бесплатный хостинг.
> 
> 


-- 
Bla bla

Multiple gateways problem

[Rubén Cardenal]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

  I have a quite simple setup in ony of my servers but I can't make
the conditional routing using iptables to work.

  The server has:

  eth0: 192.168.2.0/23
  eth1/eth2: reserved for future use
  eth3: 10.10.100.0/24

  The eth3 is connected to a separate switch where 30 AP's are
connected to and a dhcp server running on the server gives IP's to
clients connected to the wireless lan. In the same way, eth0 is
connected to another set of switchs (isolated from the switch where
eth3 is connected to) where all LAN clients (192.168.2.0/23) are
connected to.

  I can use two gateways, both of them are accessed via eth0:
192.168.3.250 and 192.16.3.254. The default gateway for all the LAN
clients (192.168.2.0/23) is (and must be) 192.168.3.254 and just a
few people is allowed to use the other gateway.

  The desired configuration is that I want to be able to route
certain clients from eth3 (10.10.100.0/24) via 192.168.3.250 instead
of the default gw of the server (192.168.3.254).

  All the configurations I've tried, doesn't work or make LAN clients
loose connectivity with the server. How should I setup routes/rules?

  Regards,

- - Ruben.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQkwnXQcpyqBKAkY5EQLdOwCg/rIS18MM5mKYfXjEhvSiCPgOV1QAmwZ7
TG3o6vj9sH7NQXoVkgUsBcvS
=BTkL
-----END PGP SIGNATURE-----

Re: Multiple gateways problem

[Alexander Samad]

[-- Attachment #1: Type: text/plain, Size: 2718 bytes --]

On Thu, Mar 31, 2005 at 06:37:50PM +0200, Rub?n Cardenal wrote:
>  
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> 
>   I have a quite simple setup in ony of my servers but I can't make
> the conditional routing using iptables to work.
> 
>   The server has:
> 
>   eth0: 192.168.2.0/23
>   eth1/eth2: reserved for future use
>   eth3: 10.10.100.0/24
> 
>   The eth3 is connected to a separate switch where 30 AP's are
> connected to and a dhcp server running on the server gives IP's to
> clients connected to the wireless lan. In the same way, eth0 is
> connected to another set of switchs (isolated from the switch where
> eth3 is connected to) where all LAN clients (192.168.2.0/23) are
> connected to.
> 
>   I can use two gateways, both of them are accessed via eth0:
> 192.168.3.250 and 192.16.3.254. The default gateway for all the LAN
> clients (192.168.2.0/23) is (and must be) 192.168.3.254 and just a
> few people is allowed to use the other gateway.
> 
>   The desired configuration is that I want to be able to route
> certain clients from eth3 (10.10.100.0/24) via 192.168.3.250 instead
> of the default gw of the server (192.168.3.254).
> 
>   All the configurations I've tried, doesn't work or make LAN clients
> loose connectivity with the server. How should I setup routes/rules?
if you can group your users to specific networks then you can use

ip ru for something like this

0:      from all lookup local 
200:    from 10.10.100.0/24 lookup wireless 
201:    from 192.168.2.0/24 lookup plana 
201:    from 192.168.3.0/24 lookup planb 
32766:  from all lookup main 
32767:  from all lookup default 

or in using iptables -t mangle and PREROUTING you can mark your packets
with -m mark --set-mark 0x01

iptables -t mangle -I PREROUTING -s 10.100.100.0/24 -m mark --set-mark
0x01
iptables -t mangle -I PREROUTING -s 192.168.2.0/24 -m mark --set-mark
0x02
iptables -t mangle -I PREROUTING -s 192.168.3.0/24 -m mark --set-mark
0x03

and then use ip ru sort of like

0:      from all lookup local 
200:    fwmark 0x01 lookup wireless 
200:    fwmark 0x02 lookup plana
200:    fwmark 0x03 lookup planb 
32766:  from all lookup main 
32767:  from all lookup default 



and then fill the tables with the appropiate routing rules

note - I split your 192.168.2.0/23 back into 2 /24 just for example, you
might need to check the syntax of the -m mark target as well.

Alex

> 
>   Regards,
> 
> - - Ruben.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.1
> 
> iQA/AwUBQkwnXQcpyqBKAkY5EQLdOwCg/rIS18MM5mKYfXjEhvSiCPgOV1QAmwZ7
> TG3o6vj9sH7NQXoVkgUsBcvS
> =BTkL
> -----END PGP SIGNATURE-----
> 
> 
> 

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]