hi
> Date: Thu, 17 Jan 2002 15:19:50 -0800
> From: "Scott Kaplan" <scott@libritas.com>
> To: <lartc@mailman.ds9a.nl>
> Subject: [LARTC] Marks are ignored by classes
>
> Here is how I''m setting up my PRIO:
>
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 22 -j
> MARK --set-mark 1
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp --sport 22 -j
> MARK --set-mark 1
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp
''!'' --dport 22
> -j MARK --set-mark 2
> # iptables -A PREROUTING -i eth0 -t mangle -p tcp
''!'' --sport 22
> -j MARK --set-mark 2
> # tc qdisc del dev eth0 root handle 1:
> # tc qdisc add dev eth0 root handle 1: prio bands 4 priomap 0 1
> 2 3 3 3 3 3 3 3 3 3 3 3 3 3
im not sure what this is inted to as have never tried this... iahve have
tried marking & it does shapes--pls c at bottom ...
> # tc qdisc add dev eth0 parent 1:1 handle 10: sfq
> # tc qdisc add dev eth0 parent 1:2 handle 20: sfq
> # tc qdisc add dev eth0 parent 1:3 handle 30: sfq
> # tc qdisc add dev eth0 parent 1:4 handle 40: sfq
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 4
> fw classid 1:4
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 3
> fw classid 1:3
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 2
> fw classid 1:2
> # tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1
> fw classid 1:1
>
> Then I send a few SSH packets. The packets are marked in PREROUTING.
> But why is everything winding up in 1:4? Also, if anyone knows why I am
> marking 4 packets, but only 3 packets wind up in the qdisc, that would
> be appreciated:
>
> [root@boss root]# ./qos status
> LAN Queues:
> qdisc sfq 40: quantum 1514b
> Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 30: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 20: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc sfq 10: quantum 1514b
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
>
> qdisc prio 1: bands 4 priomap 0 1 2 3 3 3 3 3 3 3 3 3 3 3 3 3
> Sent 246 bytes 3 pkts (dropped 0, overlimits 0)
>
> IPTables:
> Chain PREROUTING (policy ACCEPT 1050K packets, 257M bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp dpt:22 MARK set 0x1
> 2 216 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp spt:22 MARK set 0x1
> 2 216 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp dpt:!22 MARK set 0x2
> 0 0 MARK tcp -- eth0 * 0.0.0.0/0
> 0.0.0.0/0 tcp spt:!22 MARK set 0x2
>
> Chain OUTPUT (policy ACCEPT 50963 packets, 9269K bytes)
> pkts bytes target prot opt in out source
> destination
>
> Scott Kaplan
> Libritas
> Suite 1300
> 180 Grand Avenue
> Oakland, CA 94612
> (510) 740-7701
tc qdisc add dev eth1 root handle 2: cbq bandwidth 1000Kbit svpkt 1000
tc class add dev eth1 parent 2:0 classid 2:1 cbq bandwidth 1000Kbit rate
512Kbit allot 1514 weight 10Kbit prio 5 maxbrust 20 avpkt 1500 bounded
tc qdisc add dev eth1 parent 2:1 classid 2:105 est 2sec 10sec cbq
bandwidth 512Kbit rate 64Kbit allot 1514 weight 6 Kbit prio 5 maxbrust
10 avpkt 1500 bounded
tc qdisc add dev eth1 parent 2:105 sfq quantum 1514b perturb 10
tc filter add dev eth1 parent 2:0 protocol ip prio 1 handlw 91 fw
classid 2:105
.
.
similar for eth0
then..
iptables -t mangle -A PREROUTING -i eth1 -s <clients ips> -d < my
lan>
-j MARK --set-mark 90
iptables -t mangle -A PREROUTING -i eth0 -s <mylan> -d <clientsips>
-j
MARK --set-mark 91
& it works...
hope that will be some information for u !!
arindam