Hi all
I started playing with tcng to generate my tc rules, but I have some
difficulty implementing my rules...
The script below generates an error:
# Device eth0
tc qdisc add dev eth0 ingress
beginner.tc:2: don''t know how to build meter for this
The script is below, I changed the real IP numbers for XXs and YYs,
since it doesn''t really matter what they are. eth0 is the external
interface
The intention is to limit the rate in most cases to 1 Mbit/s, the linux
distr. mirror''s may cause a bit more and within the ISP we''re
not
charged with higher rates than we agreed on.
Anyone know why tcc can''t do this, or is it something I should be doing
in the egress part?
(I''d prefer not to, since I have more than 2 interfaces...)
TIA
Simon
PS, the other interfaces don''t have any queues, since this would be
handled by the ingress policing in this way.
=============================script:
=============================
dev eth0 {
ingress {
$police_isp = SLB( cbs 100kB, cir 50000 kbps );
$police_mirror = SLB( cbs 20kB, cir 2000 kbps );
$police_other = SLB( cbs 10kB, cir 1000 kbps );
class(<>) if (ip_src == XXX.XXX.XXX.XXX || /* external host */
ip_src == YYY.YYY.YYY.YYY ) && /* backup
traffic */
SLB_ok($police_isp);
class(<>) if ( ip_src == host("host.mirror.one") ||
ip_src == host("host.mirror.two") )
&&
SLB_ok($police_mirror);
class(<>) if SLB_ok($police_other);
}
egress {
class(<$isp>) if ip_src == XXX.XXX.XXX.XXX /* external host */
if ip_src == YYY.YYY.YYY.YYY; /* backup traffic */
class(<$other>) if 1;
htb () {
class ( rate 100000 kbps ) {
$isp = class ( prio 2, rate 50000 kbps )
{ sfq ( perturb 5 sec ); };
$other = class ( prio 1, rate 1000 kbps )
{ sfq ( perturb 10 sec ); };
}
}
}
}
dev eth3 {
ingress {
$policer = SLB( cbs 10kB, cir 500 kbps );
class ( <> ) if SLB_ok( $policer );
drop if 1;
}
egress {
}
}
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Simon,
Try something like this:
dev eth0 {
ingress {
$police_isp = SLB( cbs 100kB, cir 50000 kbps );
$police_mirror = SLB( cbs 20kB, cir 2000 kbps );
$police_other = SLB( cbs 10kB, cir 1000 kbps );
class(<>) if (ip_src == 1.1.1.1 || /* external host */
ip_src == 2.2.2.2 ) && /* backup traffic */
SLB_else_drop($police_isp);
class(<>) if ( ip_src == 3.3.3.3 ||
ip_src == 5.5.5.5 ) &&
SLB_else_drop($police_mirror);
class(<>) if SLB_else_drop($police_other);
}
}> Message: 2
- Jacob
> Date: Thu, 06 May 2004 16:16:04 +0200
> From: Simon Oosthoek <simon.oosthoek@ti-wmc.nl>
> Organization: WMC
> To: lartc@mailman.ds9a.nl
> Subject: [LARTC] tcng ingress policing question
>
> Hi all
>
> I started playing with tcng to generate my tc rules, but I have some
> difficulty implementing my rules...
>
> The script below generates an error:
> # Device eth0
>
> tc qdisc add dev eth0 ingress
> beginner.tc:2: don''t know how to build meter for this
>
>
> The script is below, I changed the real IP numbers for XXs and YYs,
> since it doesn''t really matter what they are. eth0 is the external
interface
>
> The intention is to limit the rate in most cases to 1 Mbit/s, the linux
> distr. mirror''s may cause a bit more and within the ISP
we''re not
> charged with higher rates than we agreed on.
>
> Anyone know why tcc can''t do this, or is it something I should be
doing
> in the egress part?
> (I''d prefer not to, since I have more than 2 interfaces...)
>
> TIA
>
> Simon
>
> PS, the other interfaces don''t have any queues, since this would
be
> handled by the ingress policing in this way.
> =============================> script:
> =============================>
> dev eth0 {
> ingress {
> $police_isp = SLB( cbs 100kB, cir 50000 kbps );
> $police_mirror = SLB( cbs 20kB, cir 2000 kbps );
> $police_other = SLB( cbs 10kB, cir 1000 kbps );
>
> class(<>) if (ip_src == XXX.XXX.XXX.XXX || /* external host */
> ip_src == YYY.YYY.YYY.YYY ) && /* backup
traffic */
> SLB_ok($police_isp);
> class(<>) if ( ip_src == host("host.mirror.one") ||
> ip_src == host("host.mirror.two") )
&&
> SLB_ok($police_mirror);
> class(<>) if SLB_ok($police_other);
> }
>
> egress {
> class(<$isp>) if ip_src == XXX.XXX.XXX.XXX /* external host */
> if ip_src == YYY.YYY.YYY.YYY; /* backup traffic */
> class(<$other>) if 1;
>
> htb () {
> class ( rate 100000 kbps ) {
>
> $isp = class ( prio 2, rate 50000 kbps )
> { sfq ( perturb 5 sec ); };
>
> $other = class ( prio 1, rate 1000 kbps )
> { sfq ( perturb 10 sec ); };
>
> }
> }
> }
> }
>
> dev eth3 {
> ingress {
> $policer = SLB( cbs 10kB, cir 500 kbps );
> class ( <> ) if SLB_ok( $policer );
> drop if 1;
> }
> egress {
> }
> }
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi, Not sure if this is the right mailing list for this but its kinda on topic. Apparently our ISP has assinged 8 static IP addresses to us, A network IP address, a route ip address and 5 user ip addresses. Now they supplied us with a router with 5 ports on, each one of the ports would assign a different static ip address but this broke sometime again and since then we''ve installed a linux machine which load balances 2 adsl lines. The trouble is the ip address assigned to it when it connects isn''t anything like the static IP addresses they''ve provided. Is there something I have to change in order to make use of these addreses? I''m at a total loss with this and I hope I''ve made myself clear. Regards, Chris. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Chris Bolton wrote:> > Not sure if this is the right mailing list for this but its kinda on topic.It is ADVANCED routing; you have a simple configuration issue, so I hope you posted more than just here.> we''ve installed a linux machine which load balances 2 adsl lines. TheYou left out a critical bit of info: WHAT DISTRO? F.E. Slackware does this in /etc/rc.d/rc.inet1 or /etc/rc/d/rc.inet1.conf It sure as hell is not doing load balancing if it isn''t getting assigned correct IPs.> trouble is the ip address assigned to it when it connects isn''t anything > like the static IP addresses they''ve provided.Again, critical info missing: WHAT IP DO YOU GET? Each Network Interface Card ("NIC" or "eth# where "#" is 0 to n) can respond to any number of IPs. This was called "aliasing" (a hit for your google search) but because these are real IPs, the term alias is wrong. You (probably) need only 1 of the 5 IPs for each of the 2 DSLs; each DSL should be on a different eth#.>Is there something I have to > change in order to make use of these addreses?YOU assign the IPs, not Linux or the DSL device ("modem" or "router" or whatever terminology). You need to read about DHCP and NAT because it is likely that the IP assigned via DHCP begins with one of the following 10.0 169.254 172.16 192.168 which are NATted, example, internal IPs. Sorry, but I don''t have time this morning to say more. gypsy _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/