ive got such network: |--------| |-------------| | WORLD |---|ROUTER/server| ------ NATED LAN |--------| |-------------| I want to use imq on ROUTER, what behaviour to choose ? AA, BA, AB, BB ?? --
Dariusz Dwornikowski (tdi@pozman.pl) schrieb:> I want to use imq on ROUTER, what behaviour to choose ? AA, BA, AB, BB ??That depends on what you want to do. For example: *) BA - If you want to have all packets on the IMQ after the nat table - so you wouldn''t see any internal ips anymore on the IMQ device. *) BB - If you want to have packets with internal ips on the IMQ before the pass the nat table. But you can''t match on your external IP with BB. Cheers, Andreas
> Dariusz Dwornikowski (tdi@pozman.pl) schrieb: >> I want to use imq on ROUTER, what behaviour to choose ? AA, BA, AB, BB >> ?? > > That depends on what you want to do. For example: > > *) BA - If you want to have all packets on the IMQ after the nat table - > so > you wouldn''t see any internal ips anymore on the IMQ device. > *) BB - If you want to have packets with internal ips on the IMQ before > the > pass the nat table. But you can''t match on your external IP with BB.yes but i want to have two IMQ devices... for outside eth and inside eth --
> yes but i want to have two IMQ devices... for outside eth and inside ethAhmm.. don''t know what you mean with that. But if you have a external Interface (ex eth0) on which you want to shape egress and also ingress shaping you simply do: ip link set imq0 up ip link set imq1 up ${IPTABLES} -t mangle -I PREROUTING -i ${EXT_DEV} -j IMQ --todev 0 ${IPTABLES} -t mangle -I POSTROUTING -o ${EXT_DEV} -j IMQ --todev 1 and put your QoS on imq0 and imq1...
>> yes but i want to have two IMQ devices... for outside eth and inside eth > > Ahmm.. don''t know what you mean with that. But if you have a external > Interface (ex eth0) on which you want to shape egress and also ingress > shaping > you simply do: > > ip link set imq0 up > ip link set imq1 up > > ${IPTABLES} -t mangle -I PREROUTING -i ${EXT_DEV} -j IMQ --todev 0 > ${IPTABLES} -t mangle -I POSTROUTING -o ${EXT_DEV} -j IMQ --todev 1 > > and put your QoS on imq0 and imq1...i want to shape traffic for my clients and do not know what behaviour to choose... in your example will it be possible to match NATed addresses of my clients ? --
> i want to shape traffic for my clients and do not know what behaviour to > choose... > in your example will it be possible to match NATed addresses of my clients ?you want to match the translated addresses of your clients (-> external IP) - then BA is the correct behaviour.
>> i want to shape traffic for my clients and do not know what behaviour to >> choose... >> in your example will it be possible to match NATed addresses of my >> clients ? > > you want to match the translated addresses of your clients (-> external > IP) - > then BA is the correct behaviour. >no i want match their private addresses. i want imq0 for ext_if and imq1 for internal_if.. so i can traffic shaping on matched NATed ips --
> no i want match their private addresses. > i want imq0 for ext_if and imq1 for internal_if.. > > so i can traffic shaping on matched NATed ipsOh ok. I was irritated because you say NATed ips - for me this are all clients after the passed the nat table... So you ned BB. IMQ hook before the postrouting table (where your NAT will happen) and you have internal addresses on the imq device.
>> no i want match their private addresses. >> i want imq0 for ext_if and imq1 for internal_if.. >> >> so i can traffic shaping on matched NATed ips > > Oh ok. I was irritated because you say NATed ips - for me this are all > clients > after the passed the nat table... > > So you ned BB. IMQ hook before the postrouting table (where your NAT will > happen) and you have internal addresses on the imq device. > >thank you very much. --