Hi!
Usually if you have a machine and traffic passes through it:
+-----+
eth0| QoS |
-------------| box |-------------
| |eth1
+-----+
You can shape outgoing traffic on eth0 and eth1 effectively shaping both
incoming/outgoing traffic.
With bridging and above setup you only have a single device br0 - my
question is whether you can shape both incoming/outgoing traffic on this
device (i would presume it is not possible) or do you need to redirect
traffic passing through br0 to imq0 and do shaping on outgoing traffic on
both br0 and imq0?
--
Regards
Abraham
If you''re not part of the solution, you''re part of the
precipitate.
___________________________________________________
Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
P.O. Box 3472, Matieland, Stellenbosch, 7602
Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
Email: abz@frogfoot.net
I use this configuration. You still use eth0 and eth1 and not br0. It works
as intended. tc operates at one level below bridging code at the device
queue level as I understand it. Thus whether it is a bridge or router, we
shape on the physical interface level. I guess like imq (virtual device)
some tinkering will need to be done to use br0 as a device on which QoS can
be applied.
HTH
Mohan
-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Abraham van der Merwe
Sent: 04 March 2003 14:29
To: Linux Advanced Routing & Traffic Control list
Subject: [LARTC] QoS on bridge device
Hi!
Usually if you have a machine and traffic passes through it:
+-----+
eth0| QoS |
-------------| box |-------------
| |eth1
+-----+
You can shape outgoing traffic on eth0 and eth1 effectively shaping both
incoming/outgoing traffic.
With bridging and above setup you only have a single device br0 - my
question is whether you can shape both incoming/outgoing traffic on this
device (i would presume it is not possible) or do you need to redirect
traffic passing through br0 to imq0 and do shaping on outgoing traffic on
both br0 and imq0?
--
Regards
Abraham
If you''re not part of the solution, you''re part of the
precipitate.
___________________________________________________
Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
P.O. Box 3472, Matieland, Stellenbosch, 7602
Cell: +27 82 565 4451 Http: http://www.frogfoot.net/
Email: abz@frogfoot.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
The shaping is done on eth0 and eth1. There is also a patch that allows you to match packets that are passing the bridge with iptables. Br0 is used only for trafic that is for the bridge. Eg. a machine has a route through the ip of br0. Bogdan Coman On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote:> Hi! > > Usually if you have a machine and traffic passes through it: > > +-----+ > eth0| QoS | > -------------| box |------------- > | |eth1 > +-----+ > > You can shape outgoing traffic on eth0 and eth1 effectively shaping both > incoming/outgoing traffic. > > With bridging and above setup you only have a single device br0 - my > question is whether you can shape both incoming/outgoing traffic on this > device (i would presume it is not possible) or do you need to redirect > traffic passing through br0 to imq0 and do shaping on outgoing traffic on > both br0 and imq0? > > -- > > Regards > Abraham > > If you''re not part of the solution, you''re part of the precipitate. > > ___________________________________________________ > Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks > P.O. Box 3472, Matieland, Stellenbosch, 7602 > Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ > Email: abz@frogfoot.net >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Bogdan! Thanks. One more question: If I match packets for shaping (instead of tc filters), which chain should I match packets on? Usually I use FORWARD in the mangle table, but if I look at the following diagram: http://www.sparkle-cc.co.uk/firewall/firewall.html it seems that packets won''t go through FORWARD anymore (if it goes through the bridge) so I guess I should match packets on OUTPUT in the mangle table - is this assumption correct?> The shaping is done on eth0 and eth1. There is also a patch that allows > you to match packets that are passing the bridge with iptables. Br0 is > used only for trafic that is for the bridge. Eg. a machine has a route > through the ip of br0. > > Bogdan Coman > > On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote: > > Hi! > > > > Usually if you have a machine and traffic passes through it: > > > > +-----+ > > eth0| QoS | > > -------------| box |------------- > > | |eth1 > > +-----+ > > > > You can shape outgoing traffic on eth0 and eth1 effectively shaping both > > incoming/outgoing traffic. > > > > With bridging and above setup you only have a single device br0 - my > > question is whether you can shape both incoming/outgoing traffic on this > > device (i would presume it is not possible) or do you need to redirect > > traffic passing through br0 to imq0 and do shaping on outgoing traffic on > > both br0 and imq0?> > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/-- Regards Abraham I''m not sure whether that''s actually useful... -- Larry Wall in <199710011704.KAA21395@wall.org> ___________________________________________________ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: abz@frogfoot.net
The packet flow diagrams have been well documented here. http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html If you are matching packets for shaping, you must use tc. iptables will not do any shaping. It will only modify headers and take decision on packet flow. The only place where this would be amenable to any kind of traffic management is rate limiting. This is not in any place/ application constitute/construe bandwidth management or traffic shaping. Mohan -----Original Message----- From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On Behalf Of Abraham van der Merwe Sent: 04 March 2003 18:36 To: Bogdan Coman Cc: Linux Advanced Routing & Traffic Control list Subject: Re: [LARTC] QoS on bridge device Hi Bogdan! Thanks. One more question: If I match packets for shaping (instead of tc filters), which chain should I match packets on? Usually I use FORWARD in the mangle table, but if I look at the following diagram: http://www.sparkle-cc.co.uk/firewall/firewall.html it seems that packets won''t go through FORWARD anymore (if it goes through the bridge) so I guess I should match packets on OUTPUT in the mangle table - is this assumption correct?> The shaping is done on eth0 and eth1. There is also a patch that allows > you to match packets that are passing the bridge with iptables. Br0 is > used only for trafic that is for the bridge. Eg. a machine has a route > through the ip of br0. > > Bogdan Coman > > On Tue, 2003-03-04 at 10:58, Abraham van der Merwe wrote: > > Hi! > > > > Usually if you have a machine and traffic passes through it: > > > > +-----+ > > eth0| QoS | > > -------------| box |------------- > > | |eth1 > > +-----+ > > > > You can shape outgoing traffic on eth0 and eth1 effectively shaping both > > incoming/outgoing traffic. > > > > With bridging and above setup you only have a single device br0 - my > > question is whether you can shape both incoming/outgoing traffic on this > > device (i would presume it is not possible) or do you need to redirect > > traffic passing through br0 to imq0 and do shaping on outgoing trafficon> > both br0 and imq0?> > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/-- Regards Abraham I''m not sure whether that''s actually useful... -- Larry Wall in <199710011704.KAA21395@wall.org> ___________________________________________________ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: abz@frogfoot.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi S!> The packet flow diagrams have been well documented here. > http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.htmlThat assumes you''re using ebtables and matching traffic passing through br0. I want to match traffic passing through eth0 and eth1.> If you are matching packets for shaping, you must use tc. iptables will not > do any shaping. It will only modify headers and take decision on packet > flow. The only place where this would be amenable to any kind of traffic > management is rate limiting. This is not in any place/ application > constitute/construe bandwidth management or traffic shaping.Yes, I know. tc matches traffic according to flags set in skb->priority. I''m using iptables to match traffic and set those priorities (so like I said I''m not using tc filters - i''m still using tc qdiscs to do the actual shaping). -- Regards Abraham "I prefer rogues to imbeciles, because they sometimes take a rest." -- Alexandre Dumas (fils) ___________________________________________________ Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks P.O. Box 3472, Matieland, Stellenbosch, 7602 Cell: +27 82 565 4451 Http: http://www.frogfoot.net/ Email: abz@frogfoot.net