Hello, I want to do some traffic shapping with a PC in the same IP subnet that the "shaped" PC''s. Graphically: ________ __________ | | | | Internet-eth0| NAT/GW |eth1----eth0| TC BOX |eth1 --- SUBNET PC''s... |________| |__________| NAT GW (Nat Gateway) Specs: eth0 IP: AAA.BBB.CCC.DDD Public Address eth1 IP: 192.168.0.1/24 TC BOX (Traffic Shaper): eth0 IP: 192.168.0.2/24 eth1 IP: 192.168.0.3/24 SUBNET PCs: Netblock: 192.168.0.10/24 - 192.168.0.254/24 Default GW IP: 192.168.0.1 Is possible to make that my TC BOX acts transparently for the subnet PCs without redefine the default GW to 192.168.0.3 (the TC inner interface). The intention is not add another Hop to the network, and lower the CPU usage of the TC BOX (i don''t want to do NAT on it). Thanks. -- Esteban A. Maringolo
Esteban Maringolo thus wrote:> I want to do some traffic shapping with a PC in the same IP subnet that > the "shaped" PC''s. > The intention is not add another Hop to the network, and lower the CPU > usage of the TC BOX (i don''t want to do NAT on it).Sorry i haven''t read u''re full mail yet, as i''m in a hurry to go home :-) But plz check out the proxy-arp option I have deployed this successfully using proxy-arp on a linux box with same network and tc -- arc_of_descent _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Monday 02 September 2002 17:08, Esteban Maringolo wrote:> Hello, > > I want to do some traffic shapping with a PC in the same IP subnet that > the "shaped" PC''s. > Graphically: > > ________ __________ > > Internet-eth0| NAT/GW |eth1----eth0| TC BOX |eth1 --- SUBNET PC''s... > > |________| |__________| > > NAT GW (Nat Gateway) Specs: > eth0 IP: AAA.BBB.CCC.DDD Public Address > eth1 IP: 192.168.0.1/24 > > TC BOX (Traffic Shaper): > eth0 IP: 192.168.0.2/24 > eth1 IP: 192.168.0.3/24 > > SUBNET PCs: > Netblock: 192.168.0.10/24 - 192.168.0.254/24 > Default GW IP: 192.168.0.1 > > Is possible to make that my TC BOX acts transparently for the subnet PCs > without redefine the default GW to 192.168.0.3 (the TC inner interface). > > The intention is not add another Hop to the network, and lower the CPU > usage of the TC BOX (i don''t want to do NAT on it).You can put the box in bridge mode and use the u23 filter. There is a patch floating around to enable iptables on the bridged box. You can asign the box an ip-address so you can reach it, but all traffic passes thru and is shaped. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello Stef, On Mon, 2002-09-02 at 15:41, Stef Coene wrote:> On Monday 02 September 2002 17:08, Esteban Maringolo wrote: > > Hello, > > > > I want to do some traffic shapping with a PC in the same IP subnet that > > the "shaped" PC''s. > > Graphically: > > > > ________ __________ > > > > Internet-eth0| NAT/GW |eth1----eth0| TC BOX |eth1 --- SUBNET PC''s... > > > > |________| |__________| > > > > Is possible to make that my TC BOX acts transparently for the subnet PCs > > without redefine the default GW to 192.168.0.3 (the TC inner interface).> You can put the box in bridge mode and use the u23 filter. There is a patch > floating around to enable iptables on the bridged box. You can asign the box > an ip-address so you can reach it, but all traffic passes thru and is shaped.I''ve worked a little with bridging on linux, but you''re trying to say "u32" filter, right? Because i''ve never heard about u23 filter (google doesn''t say anything). I''ll keep trying. Thanks. -- Esteban A. Maringolo Buenos Aires, Argentina
> I''ve worked a little with bridging on linux, but you''re trying to say > "u32" filter, right? Because i''ve never heard about u23 filter (google > doesn''t say anything).Indeed u32 :)> I''ll keep trying.Good luck :) Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Mon, 2002-09-02 at 12:38, Rohan Almeida wrote:> Esteban Maringolo thus wrote: > > I want to do some traffic shapping with a PC in the same IP subnet that > > the "shaped" PC''s. > > The intention is not add another Hop to the network, and lower the CPU > > usage of the TC BOX (i don''t want to do NAT on it). > > Sorry i haven''t read u''re full mail yet, > as i''m in a hurry to go home :-) > But plz check out the proxy-arp option > I have deployed this successfully using > proxy-arp on a linux box with same network > and tcI dosn''t see it as a solution, perhaps i misunderstand the concept. The search keeps going... Does anybody knows where to find the "Bridger Filter" patch for kernel 2.4.18? I want to be able to use bridging and netfilter (with iptables) capabilities simultaneously in my linuxbox. Thanks. -- Esteban A. Maringolo Buenos Aires, Argentina
Esteban, I think this is the stuff you need (but I''m not positive!): http://bridge.sourceforge.net/ http://bridge.sourceforge.net/devel/bridge-nf/bridge-nf-0.0.7-against-2.4.18.diff -Martin : > > I want to do some traffic shapping with a PC in the same IP subnet that : > > the "shaped" PC''s. : > > The intention is not add another Hop to the network, and lower the CPU : > > usage of the TC BOX (i don''t want to do NAT on it). : > : > Sorry i haven''t read u''re full mail yet, : > as i''m in a hurry to go home :-) : > But plz check out the proxy-arp option : > I have deployed this successfully using : > proxy-arp on a linux box with same network : > and tc : : I dosn''t see it as a solution, perhaps i misunderstand the concept. : : The search keeps going... : : Does anybody knows where to find the "Bridger Filter" patch for kernel : 2.4.18? : : I want to be able to use bridging and netfilter (with iptables) : capabilities simultaneously in my linuxbox. : : Thanks. : : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/