Please unsubscribe my ID vyas@yukthi.com from the mailing list.
Thanks & Regards
Vyas
lartc-request@mailman.ds9a.nl wrote:
> Send LARTC mailing list submissions to
> lartc@mailman.ds9a.nl
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.ds9a.nl/mailman/listinfo/lartc
> or, via email, send a message with subject or body ''help''
to
> lartc-request@mailman.ds9a.nl
>
> You can reach the person managing the list at
> lartc-admin@mailman.ds9a.nl
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of LARTC digest..."
>
> Today''s Topics:
>
> 1. iptables MARK (Blagovest Lazarov)
> 2. Re: iptables MARK (Ramin Alidousti)
> 3. Re: iptables MARK (Martin A. Brown)
> 4. Multiple Static Ip''s on a adls connection (mike ferguson)
> 5. RE: Multiple Static Ip''s on a adls connection (S Mohan)
> 6. bandwidth manager using a linux bridge (Paul P. Pongco)
> 7. ip rule and traceroute (Jacob Teplitsky)
> 8. dsl latency... (Mattt)
> 9. Re: dsl latency... (Mattt)
>
> --__--__--
>
> Message: 1
> Date: Thu, 03 Oct 2002 17:20:08 +0300
> From: Blagovest Lazarov <bla@internet-bg.net>
> Reply-To: bla@internet-bg.net
> Organization: Internet Bulgaria PLC
> To: lartc@mailman.ds9a.nl
> Subject: [LARTC] iptables MARK
>
> Hi,
> Please help me. Does somebody know exactly which part of ip header carry
iptables
> MARK?
> I would like to mark packets on cisco router and shape it on a linux box.
> Sorry for the English :)))
> Thanks a lot,
>
> Blagovest Lazarov
>
> --__--__--
>
> Message: 2
> Date: Thu, 3 Oct 2002 10:56:42 -0400
> From: Ramin Alidousti <ramin@cannon.eng.us.uu.net>
> To: Blagovest Lazarov <bla@internet-bg.net>
> Cc: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] iptables MARK
>
> On Thu, Oct 03, 2002 at 05:20:08PM +0300, Blagovest Lazarov wrote:
>
> > Hi,
> > Please help me. Does somebody know exactly which part of ip header
carry iptables
> > MARK?
>
> The MARKing is not done on the IP packet itself. It MARKs the internal
> IP data structure used by the kernel. If you want to mark (note the
> lower case notation here as opposed to MARK) you can use the TOS field.
>
> Ramin
>
> > I would like to mark packets on cisco router and shape it on a linux
box.
> > Sorry for the English :)))
> > Thanks a lot,
> >
> > Blagovest Lazarov
> >
> >
> >
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
> --__--__--
>
> Message: 3
> Date: Thu, 3 Oct 2002 11:07:39 -0500 (CDT)
> From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
> To: Blagovest Lazarov <bla@internet-bg.net>
> Cc: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] iptables MARK
>
> Blagovest,
>
> You are actually desiring to use ToS (Type of Service) markers on the IP
> packet itself. In order to set ToS, you''ll use the -j TOS option
to
> iptables.
>
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html#AEN2530
>
> Good luck,
>
> -Martin
>
> On Thu, 3 Oct 2002, Blagovest Lazarov wrote:
>
> : Hi,
> : Please help me. Does somebody know exactly which part of ip header carry
iptables
> : MARK?
> : I would like to mark packets on cisco router and shape it on a linux
box.
> : Sorry for the English :)))
> : Thanks a lot,
> :
> : Blagovest Lazarov
> :
> :
> :
> :
> : _______________________________________________
> : LARTC mailing list / LARTC@mailman.ds9a.nl
> : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> :
>
> --
> Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
>
> --__--__--
>
> Message: 4
> From: "mike ferguson" <thadude@gta.igs.net>
> To: <lartc@mailman.ds9a.nl>
> Date: Thu, 3 Oct 2002 15:10:32 -0700
> Subject: [LARTC] Multiple Static Ip''s on a adls connection
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0017_01C26AEF.043511B0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> Hi all.=20
>
> I have recently signed up with a adsl supplier. I ordered static
ip''s I > was given a block from 153-158. I am trying to make it so
that each > machine gets a live ip address that is accessable on the wan. I
am using > floppyfw as my router on a p200. I know that I could setup the the
eth0 > as multiple ip''s and do nat, but I am wondering if there is
another way. > I just want all the machines to have there own ip and have
that ip > accessible to the internet with no port blocking or anything..If
someone > could help that would be greatly apreciated
> ------=_NextPart_000_0017_01C26AEF.043511B0
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=3DContent-Type content=3D"text/html; >
charset=3Diso-8859-1">
> <META content=3D"MSHTML 5.50.4919.2200" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><FONT face=3DArial size=3D2>Hi all.
</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2>I have recently signed up with
a adsl > supplier. I=20
> ordered static ip''s I was given a block from 153-158. I am trying
to > make it so=20
> that each machine gets a live ip address that is accessable on the wan.
> I am=20
> using floppyfw as my router on a p200. I know that I could setup the the
> eth0 as=20
> multiple ip''s and do nat, but I am wondering if there is another
way. I > just=20
> want all the machines to have there own ip and have that ip accessible >
to the=20
> internet with no port blocking or anything..If someone could help that >
would be=20
> greatly apreciated</FONT></DIV></BODY></HTML>
>
> ------=_NextPart_000_0017_01C26AEF.043511B0--
>
> --__--__--
>
> Message: 5
> Reply-To: <smohan@vsnl.com>
> From: "S Mohan" <smohan@vsnl.com>
> To: "''mike ferguson''"
<thadude@gta.igs.net>, <lartc@mailman.ds9a.nl>
> Subject: RE: [LARTC] Multiple Static Ip''s on a adls connection
> Date: Fri, 4 Oct 2002 07:18:37 +0530
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0040_01C26B76.43B5B510
> Content-Type: text/plain;
> charset="US-ASCII"
> Content-Transfer-Encoding: 7bit
>
> You need to use destination nat or dnat. I use iptables and iptables can
> do this. Regarding ipchains, I''m not sure, need to check. Does
floppyfw
> use iptables?
>
> Mohan
>
> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]
> On Behalf Of mike ferguson
> Sent: Friday, October 04, 2002 3:41 AM
> To: lartc@mailman.ds9a.nl
> Subject: [LARTC] Multiple Static Ip''s on a adls connection
>
> Hi all.
>
> I have recently signed up with a adsl supplier. I ordered static
ip''s I
> was given a block from 153-158. I am trying to make it so that each
> machine gets a live ip address that is accessable on the wan. I am using
> floppyfw as my router on a p200. I know that I could setup the the eth0
> as multiple ip''s and do nat, but I am wondering if there is
another way.
> I just want all the machines to have there own ip and have that ip
> accessible to the internet with no port blocking or anything..If someone
> could help that would be greatly apreciated
>
> ------=_NextPart_000_0040_01C26B76.43B5B510
> Content-Type: text/html;
> charset="US-ASCII"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
> <HTML><HEAD>
> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html;
> charset=3Dus-ascii">
> <TITLE>Message</TITLE>
>
> <META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><SPAN class=3D640454501-04102002><FONT color=3D#0000ff
size=3D2>You > need to use=20
> destination nat or dnat. I use iptables and iptables can do this. >
Regarding=20
> ipchains, I''m not sure, need to check. Does floppyfw use=20
> iptables?</FONT></SPAN></DIV>
> <DIV><SPAN class=3D640454501-04102002><FONT
color=3D#0000ff=20
> size=3D2></FONT></SPAN> </DIV>
> <DIV><SPAN class=3D640454501-04102002><FONT
color=3D#0000ff=20
> size=3D2>Mohan</FONT></SPAN></DIV>
> <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
> <DIV></DIV>
> <DIV class=3DOutlookMessageHeader lang=3Den-us dir=3Dltr >
align=3Dleft><FONT=20
> face=3DTahoma size=3D2>-----Original
Message-----<BR><B>From:</B>=20
> lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]
<B>On > Behalf=20
> Of </B>mike ferguson<BR><B>Sent:</B> Friday,
October 04, 2002 3:41=20
> AM<BR><B>To:</B>
lartc@mailman.ds9a.nl<BR><B>Subject:</B> [LARTC] >
Multiple=20
> Static Ip''s on a adls
connection<BR><BR></FONT></DIV>
> <DIV><FONT face=3DArial size=3D2>Hi all.
</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2>I have recently signed up
with a adsl > supplier. I=20
> ordered static ip''s I was given a block from 153-158. I am
trying to > make it=20
> so that each machine gets a live ip address that is accessable on the
> wan. I=20
> am using floppyfw as my router on a p200. I know that I could setup >
the the=20
> eth0 as multiple ip''s and do nat, but I am wondering if there is
> another way.=20
> I just want all the machines to have there own ip and have that ip >
accessible=20
> to the internet with no port blocking or anything..If someone could >
help that=20
> would be greatly
apreciated</FONT></DIV></BLOCKQUOTE></BODY></HTML>
>
> ------=_NextPart_000_0040_01C26B76.43B5B510--
>
> --__--__--
>
> Message: 6
> From: "Paul P. Pongco" <paulp@mozcom.com>
> To: lartc@mailman.ds9a.nl
> Date: 04 Oct 2002 10:04:03 +0800
> Subject: [LARTC] bandwidth manager using a linux bridge
>
> Hello List,
>
> Has anyone tried doing this using CBQ or HTB? I have seen
> implementations of firewall(using ipchains and iptables) using a linux
> bridge.
> Thanks.
>
> --
> Cheers,
>
> Paul P. Pongco
>
>
>
> --__--__--
>
> Message: 7
> From: Jacob Teplitsky <jacobt@bivio.net>
> To: lartc@mailman.ds9a.nl
> Date: Thu, 3 Oct 2002 20:25:19 -0700 (PDT)
> Subject: [LARTC] ip rule and traceroute
>
> I''m trying to force traceroute to use non default (not main)
routing table, but it doesn''t work.
> Anyclues are appriciated.
> Thanks
> - Jacob
>
> # ip route get 192.168.2.1
> RTNETLINK answers: Network is unreachable
> # ip route get 192.168.2.1 from 10.10.10.13
> 192.168.2.1 from 10.10.10.13 via 10.10.10.1 dev nr0
> cache mtu 1500 advmss 1460
>
> # traceroute -s 10.10.10.13 192.168.2.1
> traceroute to 192.168.2.1 (192.168.2.1) from 10.10.10.13, 30 hops max, 40
byte packets
> 1 sendto: Network is unreachable
> traceroute: wrote 192.168.2.1 40 chars, ret=-1
>
> # ip rule
> 0: from all lookup local
> 1: from 10.10.10.13 lookup nr
> 32766: from all lookup main
> 32767: from all lookup 253
> # ip route show table nr
> default via 10.10.10.1 dev nr0
>
> --__--__--
>
> Message: 8
> From: Mattt <mattt@above.nq4u.net>
> To: lartc@mailman.ds9a.nl
> Date: 04 Oct 2002 14:14:29 +1000
> Subject: [LARTC] dsl latency...
>
> Hi all,
>
> I''ve gotten the WonderShaper (slightly modified) running on the
> router. We have a 512/128 connection, and I set DOWNLINK=300, UPLINK=100
> (the link is currently under-utilised, and huge performance is not
> required at this stage). All appears well (at least, it''s stable),
but I
> have two questions.
>
> Firstly, given that the link is *very* under-utilised, does the
> following output look reasonable? It looks as if only qdisc has actually
> seen traffic :
>
> =========> jenner:/etc/firewall/wondershaper-1.1a# ./wshaper status
> qdisc ingress ffff: ----------------
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 30: quantum 1514b perturb 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 20: quantum 1514b perturb 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 10: quantum 1514b perturb 10sec
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc cbq 1: rate 10Mbit (bounded,isolated) prio no-transmit
> Sent 2896610 bytes 29310 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
>
> class cbq 1: root rate 10Mbit (bounded,isolated) prio no-transmit
> Sent 2896610 bytes 29310 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
> class cbq 1:10 parent 1:1 leaf 10: rate 100Kbit prio 1
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
> class cbq 1:1 parent 1: rate 100Kbit (bounded,isolated) prio 5
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
> class cbq 1:20 parent 1:1 leaf 20: rate 90Kbit prio 2
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
> class cbq 1:30 parent 1:1 leaf 30: rate 80Kbit prio 2
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> borrowed 0 overactions 0 avgidle 624 undertime 0
> jenner:/etc/firewall/wondershaper-1.1a#
> =========>
> Also, I''m noticing a fair wait before, for instance, downloading
a web
> site (although the phenomenom is also quite apparent over at least most
> protocols, though). Say, perhaps, 1 or 2 seconds before *any* page
> ''instantaneously'' appears ;-)
>
> We run our own DNS, as well as a DNS cache (the djbdns package), so
> lookups should not be causing a problem (in fact, they''re not -
this
> only happens to traffic leaving the DSL interface).
>
> I realise that DSL latency isn''t as good as some other
technologies,
> but is this something I should be able to minimise the effect of?
>
> Admittedly, it sounds to me as if the traffic is still queuing at the
> modem - have I simply done something stupid? I''m applying the
qdiscs to
> eth3 rather than ppp0 (as applying them to ppp0 would oops the kernel
> after less than a minute or two reliably...).
>
> I''m new to lartc, but learning (through necessity). I
can''t help but
> feel that my questions here are actually related - the lack of counter
> data on the qdiscs, the classic symtoms(?) of DSL latency... Is it even
> working for me?
>
> --
> Cheers,
> Mattt. icq : 117539757
> aboveNetworks www : www.above.nq4u.net
> mattt@above.nq4u.net jabber: mattt@jabber.above.nq4u.net
>
> What''s got four legs and an arm? A happy Pit Bull...
>
> --__--__--
>
> Message: 9
> Subject: Re: [LARTC] dsl latency...
> From: Mattt <mattt@above.nq4u.net>
> To: lartc@mailman.ds9a.nl
> Date: 04 Oct 2002 14:24:30 +1000
>
> Was just reading over the script, and remembered that I re-installed it
> fresh... it''s *not* slightly modified as stated below, other than
the
> d/u link numbers... the noprio stuff is all empty...
>
> On Fri, 2002-10-04 at 14:14, Mattt wrote:
> > Hi all,
> >
> > I''ve gotten the WonderShaper (slightly modified) running on
the
> > router. We have a 512/128 connection, and I set DOWNLINK=300,
UPLINK=100
> > (the link is currently under-utilised, and huge performance is not
> > required at this stage). All appears well (at least, it''s
stable), but I
> > have two questions.
> >
> > Firstly, given that the link is *very* under-utilised, does the
> > following output look reasonable? It looks as if only qdisc has
actually
> > seen traffic :
> >
> > =========> > jenner:/etc/firewall/wondershaper-1.1a# ./wshaper
status
> > qdisc ingress ffff: ----------------
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> >
> > qdisc sfq 30: quantum 1514b perturb 10sec
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> >
> > qdisc sfq 20: quantum 1514b perturb 10sec
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> >
> > qdisc sfq 10: quantum 1514b perturb 10sec
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> >
> > qdisc cbq 1: rate 10Mbit (bounded,isolated) prio no-transmit
> > Sent 2896610 bytes 29310 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> >
> > class cbq 1: root rate 10Mbit (bounded,isolated) prio no-transmit
> > Sent 2896610 bytes 29310 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> > class cbq 1:10 parent 1:1 leaf 10: rate 100Kbit prio 1
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> > class cbq 1:1 parent 1: rate 100Kbit (bounded,isolated) prio 5
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> > class cbq 1:20 parent 1:1 leaf 20: rate 90Kbit prio 2
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> > class cbq 1:30 parent 1:1 leaf 30: rate 80Kbit prio 2
> > Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> > borrowed 0 overactions 0 avgidle 624 undertime 0
> > jenner:/etc/firewall/wondershaper-1.1a#
> > =========> >
> > Also, I''m noticing a fair wait before, for instance,
downloading a web
> > site (although the phenomenom is also quite apparent over at least
most
> > protocols, though). Say, perhaps, 1 or 2 seconds before *any* page
> > ''instantaneously'' appears ;-)
> >
> > We run our own DNS, as well as a DNS cache (the djbdns package), so
> > lookups should not be causing a problem (in fact, they''re not
- this
> > only happens to traffic leaving the DSL interface).
> >
> > I realise that DSL latency isn''t as good as some other
technologies,
> > but is this something I should be able to minimise the effect of?
> >
> > Admittedly, it sounds to me as if the traffic is still queuing at
the
> > modem - have I simply done something stupid? I''m applying the
qdiscs to
> > eth3 rather than ppp0 (as applying them to ppp0 would oops the kernel
> > after less than a minute or two reliably...).
> >
> > I''m new to lartc, but learning (through necessity). I
can''t help but
> > feel that my questions here are actually related - the lack of counter
> > data on the qdiscs, the classic symtoms(?) of DSL latency... Is it
even
> > working for me?
> >
> > --
> > Cheers,
> > Mattt. icq : 117539757
> > aboveNetworks www : www.above.nq4u.net
> > mattt@above.nq4u.net jabber: mattt@jabber.above.nq4u.net
> >
> > What''s got four legs and an arm? A happy Pit Bull...
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> >
> --
> Cheers,
> Mattt. icq : 117539757
> aboveNetworks www : www.above.nq4u.net
> mattt@above.nq4u.net jabber: mattt@jabber.above.nq4u.net
>
> What''s got four legs and an arm? A happy Pit Bull...
>
> --__--__--
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc
>
> End of LARTC Digest